Home

Entrance Exams

CBSE Helpline

Sample Papers

Important Questions

Project Work

Forum

Olympiads

CBSE Schools

CBSE Grading

CBSE CCE

Studying Tips

Engineering Exam

KV HOTS

CBSE Books

CISE-Certified Information Security Expert Exam......CEH-

Certified Ethical Hacker ~ CBSE

Join Us

O r k u t

F a c e b o o k

T w i t t e r

Y a h o o G r o u p

G o o g l e G r o u p

S M S A l e r t s

CISE stands for Certified Information Security Expert. It is a certification provided

after an individual who successfully clears both the levels of ISAT.

A Certified Information Security Expert has in-depth knowledge of the internet,

networking & online threats. He is capable of identifying new threats & can be

considered as an Online Security Consultant.

If you a CISE, various opportunities are waiting for you. Various Companies will

just pick you up seeing that you are a CISE. Apart from that, it can also help you in

getting the promotion you have been looking for. The course is an excellent

investment for students in the Technology field as well as professionals in the

internet & networking field.

The CEH certification is for an individual who is usually employed with the

organization and who can be trusted to undertake an attempt to penetrate

networks and/or computer systems using the same methods as a hacker. Illegal

hacking (ie; cracking computer systems) is a felony in the United States and most

other countries. But when this type of hacking is done by request and under a

contract between an Ethical Hacker and an organization, it is legal. The most

important point is that an Ethical Hacker has authorization to probe the target

with attacks such as cross site scripting.

A Certified Ethical Hacker is a skilled professional who understands and knows

how to look for the weaknesses and vulnerabilities in target systems and uses the

same knowledge and tools as a malicious hacker.

Certification is achieved through training at an ATC (Accredited Training Center)

or self-study. If students choose to self-study, in order to sit for the exam they must

fill out an application and also have documented 2 years of information security

work experience. Both CEH v4 and v5 utilize EC-Council's exam 312-50. The exam

consists of 125 (v4) or 150 (v5) multiple-choice questions, and students are given

up to three or four hours, respectively, to complete the examination. The exam

costs US$250, and is administered via computer at an EC-Council Accredited

Training Center, Pearson VUE, or Prometric testing center (in the United States).

In today’s scenario, everything depends on IT. From tax collections, booking the cheapest airline

tickets, banking online to trading shares online, you name it! If you aren’t a part of IT revolution

yet, you are missing on a lot of ease and opportunities. But as they say, everything comes at a

price, and the price you pay here is risking your privacy and probably your bank balance!

Hacking is easier on poorly built websites and applications. There is nothing as good for a hacker

as a faulty program. During one of Innobuzz PenTest operations, we found a simple coding glitch

that revealed high priority information in the websites of one of the top 10 companies of India! It

is really that infectious! Imagine, if that can happen to large companies, where do YOU stand? If

you are a web developer, and a site designed by you is compromised, you lose your clients, if you

do business online, you lose your customers. And for the average web user, it means loss of

privacy and credit card numbers.

All this is happening at a very fast rate and experts are needed to check and cure these. ITS

Experts are in demand. According to NASSCOM, the demand for ITS Experts will be 10Lakh by

2010 in India. ITS is a THE next big thing in IT and you should make the best of it. Innobuzz

Knowledge Solutions provide quality training in field of ITS which enable you to become an

Ethical Hacker.

Our programs are well researched and developed in consultation with the best Security Experts

around the world. Doing a CISE (Certified Innobuzz Security Expert) will do a lot of value addition,

as this is a unique course offered in India.

Run hacking attacks in our classroom labs, be a hacker for a week

Some of the hacking concepts you will learn to master during this hands on hacking course...

Penetration testing methodologies

Stealthy network recon

Passive traffic identification

Remote root vulnerability exploitation

Evidence removal and anti-forensics

Attacking network infrastructure devices

Hacking by brute forcing remotely

Hiding exploit payloads in jpeg

Privilege escalation hacking

IPv6 Vulnerabilities

Remote access trojan hacking

Running shellcode in RAM vs. on disk

Wireless insecurity

Breaking IP-based ACLs via spoofing

Abusing Windows Named Pipes for Domain Impersonation

and gif image files

Hacking Web Applications

Breaking into databases with SQL Injection

Cross Site Scripting hacking

Hacking into Cisco routers

Justifying a penetration test to management and customers

CEH/CPT review

Defensive techniques

Some of the instructor-led hands-on hacking lab exercises in this security training

experience.

Capture the Flag hacking exercises every night !

Abusing DNS for host identification

Leaking system information from Unix and Windows

Windows 2003 Server & Vista DNS Cache Poisoning Attacks

Unix, Windows and Cisco password cracking

Remote buffer overflow exploit lab - heap vs. stack overflows

Attacking Kerberos Pre-Auth Hashes

Spoofing endpoints of communication tunnels

Impersonation of other Users- Hijacking kernel tokens

Attacking RDP (Remote Desktop Protocol) in Windows XP, 2003 &

Vista

Remote keylogging

Data mining authentication information from clear-text

protocols

Sniffing and hijacking SSL encrypted sessions

Breaking wireless security via hacking

Malicious event log editing

Client side IE & Firefox exploits

Tunneling through IPSec VPNs by abusing ESP

Data retrieval with SQL Injection Hacking

Calculating the Return on Investment (ROI) for an ethical

hack

Hacker Halted Conferences covers security topics in various technologies.

Here are the complete list of topics.

♣ Terrorist Threat to IT Infrastructure

♣ Cyberterrorism

♣ National Infrastructure Attacks

♣ Hackers and their Targets

♣ E-Business Security Under Threat

♣ Phishing Attacks and Social Engineering

♣ Who to Trust in this Untrusting Network world

♣ Wired or Wireless – Security analysis

♣ Prosecution of Cyber Criminals

♣ Forensics Analysis – The Failures

♣ Identity Theft and the Risks

♣ Airports, Banks, and Public Transportation. Are we safe?

♣ Hackers are here. Where are you?

♣ Are you smarter then the hackers.

♣ I can beat you. Don’t think you are smart.

♣ Software vendor’s promises and lies.

♣ Contingency Planning for Organizations

♣ Defense Against Social Engineering

♣ Facilitated Risk Analysis for Business and Security

♣ Hands-on Hacking

♣ Linux Security

♣ Wireless Security

♣ How to Be a More Effective Security Liaison:

♣ Security as a Part-time Job

♣ Effective Information Security

♣ Professional

♣ Sustain a Quality Security

♣ Awareness Program

♣ Winning Security Architecture

♣ Develop Information Security Policies

♣ Develop Information Security Standards and Procedures

♣ How to Perform a Technical Network Vulnerability

♣ Assessment

♣ Administrator Mistakes

♣ Hacker Mistakes

♣ Hiring Hackers and the Law

♣ Hacker Terrorism

♣ Computer and Network Security

♣ End-to-End Digital Investigation

♣ Knowledge Foundations for Data Communications

♣ Managing a Privacy Governance Program

♣ Outsourcing Security

♣ Encryption and Certificate Authorities

♣ Roll-Out of an Asset Classification Program

♣ Return on Investment for Information Security

♣ A Structured Approach to Incident Response

♣ Computer Forensics Tools and How to Make Them Work for You

♣ Wireless Security in the Enterprise

♣ A Pragmatic Approach to Information Security Management

♣ Demystifying Security and Audit of TCP/IP Networks

♣ Penetration Testing: HANDS-ON

♣ Essential Windows Security Tools

♣ IT Law: Business and Security Imperatives for Non-Lawyers

♣ Staying Out of Trouble with Wireless Local Area Networks

♣ Defining and Building an Enterprise Security Architecture

♣ How to Secure and Audit LDAP

♣ Creating and Implementing Security Policies

♣ Blueprint for Avoiding Identity Theft

♣ The Complete Do-It-Yourself NIST Security Toolkit

♣ E-Fraud Forensics: Understanding the Investigative Process A to Z

♣ The Good Guys’ Guide to Uncovering Network Vulnerabilities

♣ VoIP Security Exposed

♣ Hacking Windows - HANDS-ON

♣ Remote Testing for Common Web Application Security Threats

♣ How to Stop an Enemy We Can't Find: Technology on the Front Lines

♣ The Latest Network Hacks and Defenses

♣ Creating an End-to-End Identity Management Architecture

♣ VoIP Security

♣ Laws That Drive Information Security

♣ Threat Trends 2006: The Latest on Phishing, Pharming, Spyware, and More

♣ Planning and Deploying a Strategic Security Architecture

♣ Securing Today's (and Tomorrow's) Mobile Infrastructure

♣ Threats and Countermeasures: Defending Against the Worst Malware in

Windows

♣ Manager’s Guide to Perimeter Protection: Firewalls and IDS

♣ Preparing For and Handling Network Security Incidents

♣ How to Conduct a Penetration Test

♣ The Sensor Age: How RFID is about to Revolutionize Business and Information

Security

♣ Hacking Web Applications

♣ Conquering Federated Identity Management: Lessons Learned

♣ Phishing: Tackling the Problem

♣ Making Policies Work: From Creation to Enforcement

♣ What Hackers Don't Want You to Know

♣ Best Practices for Vulnerability Management

♣ Mobile Device Security

♣ First-Class Security Tips for Windows Systems

♣ How to Properly Defend Your Port 80

♣ Bleeding-Edge Anti-Forensics

♣ Hardware Token Compromises and Fixes

♣ Advanced SQL Injection

♣ Managing Identity and Access Control Management for Enterprise Security

♣ Google Hacking - DEMO

♣ Presenting the Business Case and ROI for InfoSec

♣ Regulation Riptide: Staying Above Water with Compliance and InfoSecurity

♣ Security in the Services-Oriented Architecture

♣ Safety on the Road: Key Tools to Protect Road Warriors

♣ Rootkits in Windows

♣ Perimeter Penetration Testing

♣ Creating a Threat Recognition Architecture in a Federal Agency

♣ Centrally Managing Fine-Grained Database Access

♣ Managing IT Risks Through the Assessment Process

♣ Different Styles of Intrusion Prevention: What Keeps Out the Hackers?

♣ System Configuration Management: Security and Auditing Challenges

♣ WPAN Security Exposed

♣ Patch Management in a Complex IT Environment

♣ Hacking IPSec Virtual Private Networks (VPNs)

♣ Hacking and Securing .NET

♣ Network Devices Exposed! Routers, Switches, Wireless, Modems, and More

♣ Taking Your Instant Response Team to the Next Level

♣ Identity and Access Management Deployment: Lessons Learned

♣ Biometrics: Opportunities and Challenges

♣ Taking Control of Your Career: Development Options for Information Security

Professionals

♣ How to Use PERL as a Security and Audit Tool

♣ Creating and Implementing IM Policies

♣ Late-Breaking Technology Session!

♣ Security and the Homeland

♣ Penetration Testing Databases and Countermeasures

♣ Implementing Cross-Company Authentication Using SAML

♣ Building Security In: Software Security Gets Real

♣ Technical Policy Management

♣ Potholes that Could Derail an Information Security Program

♣ Identity Theft: What, How and Protective Measures

♣ Preparing for the Coming VoIP Security Revolution: IMS

♣ Computers, Crime and Punishment

♣ Creating a Computer Forensic Policy as Part of Your Cyber Response Plan

♣ Leveraging Freeware Hacker Tools

♣ Securing Unix-Based Operating Systems

♣ Protecting Your Network from Next Generation Attacks - DEMO

♣ The Role of Directory Services in Identity Solutions

♣ Hacking Web Services: Strategies, Tools, and Methods - DEMO

♣ Managing Security and Privacy Projects

♣ Everything You Need to Know About Encryption in 90 Minutes

♣ Attacking and Defending RFID Security

♣ Next-Generation Wireless Attacks and Defenses

♣ Firewall Technology: Where Is It Headed?

♣ Looking in the Windows Registry for Forensic Purposes

♣ Open Source Tools for Securing the Infrastructure -

♣ Cops and Robbers Las Vegas Style

♣ Web Application Security Assessments

♣ Provisioning: The ID Management Back Office

♣ Securing the Brains of the Network: DNS and DHCP

♣ Policies for Identity Management

♣ Keeping E-Messaging Secure

♣ Conducting a Business Impact Analysis and Creating a Disaster Recovery Plan

♣ SSL Remote Access Tactics: Unsafe at Any Speed?

♣ Securing Windows 2003

♣ Secure Network Change Management: Look Before You Change

♣ Handling Evidence in an E-Fraud Investigation

♣ Tracking USB Storage Devices Across Windows Systems

♣ ARP Spoofing and Beyond: Attacks and Protection at Layer 2

♣ Integrating Enterprise Access Solutions into a Seamless System

♣ Auditing Web Application Authentication

♣ Getting the Most Out of Your Ethical Hacking Program

♣ Life After California SB1386: Getting a Handle on Security Breach Notification

Laws

♣ Managing IT Risk and Compliance: An Effective Framework for the Enterprise

♣ Hacking SSL Virtual Private Networks (VPNs)

♣ Protecting Your Penguins: Developing a Baseline for Linux Security

♣ What Every Organization Should Monitor and Log: A Checklist

♣ The Time is Now: The Convergence of Networks, Time Synchronization and

Information Security

You can register and take any e-Business certification exams through web based Prometric

Prime at http://eccouncil.prime.prometric.com Any EC-Council Accredited Training Center can

proctor the exam. You cannot take the exam directly through the Internet without a proctor.

Cost

Certification exams are priced according to currency values in available countries. Certification

exam prices are subject to change. In some countries, exam prices may differ and additional

taxes may apply. Please contact your ATC for exact pricing.

Exam Fees

Exams with prefix of 212 are priced at $99 U.S.

Exams with prefix of 112 are priced at $ 125 U.S

Exams with prefix of 312 are priced at $250 U.S

Payment is made to Prometric at the time of registration. Prometric accepts payment by credit

card.

Pre-paid exam vouchers

Exam vouchers are available from EC-Council Accredited Training Centers around the world.

Candidates may also purchase pre-paid exam vouchers directly by contacting

info@eccouncil.org

EC-Council exams are also available through Authorized Prometric Testing Centers in over 180

countries.

Exams Available at APTC

Currently the following exams are available at APTC

E-Commerce Architect

(Exam Code: EC0-232)

Cost: USD 125/-

This exam only available at Prometric

Ethical Hacking and Countermeasures

(Exam Code: EC0-350)

Cost: USD 250/-

This exam available at Prometric and VUE

Computer Hacking Forensic Investigator

(Exam Code: EC0-349)

Cost: USD 250/-

This exam available at Prometric and VUE

EC-Council offers the Certified Ethical Hacker Certification Exam over these

channels.

1. Exam 312-50: Web based ‘Prometric Prime’ at Accredited

Training Centers (ATC).

2. Exam EC0-350: Proctored test at Authorized Prometric

Testing Centers (APTC) globally.

3. Exam 312-50: VUE Testing centers

Please note that the difference in the exam is only in terms of exam delivery

channel and are otherwise identical in source.

Eligibility Requirements

To be eligible for appearing in the CEH certification examination, you must:

1. Have attended training for the CEH course at any of the

accredited training centers. Should you choose to defer taking

the examination after your training, and would like to opt for

another location; you can apply for the same at a later date at

any ATC of your choice by submitting your certificate of

attendance to EC-Council.

2. If you have opted for self-study and not attended training, you

must have at least two years of information security related

experience.

Please download and complete the CEH Exam (EC0-350)

Application Form and fax it to EC-Council at +1-505-

212-0667 for verification. Upon approval, EC-Council will

send you an eligibility voucher number which you can use to

register and schedule the test at any Authorized Prometric

Testing Center globally. Please note that Prometric

Registration will not entertain any requests without this

voucher number.

Certification Fees

1. If you have attended training at any accredited training

center, you are eligible to appear for the web based Prometric

Prime exam. This exam is priced at USD 250.

2. If you have chosen self study, and are eligible for the exam as

verified from the CEH Exam EC0-350 Application Form

submitted, you can take the test at any of the Authorized

Prometric Testing Centers globally. This exam is priced at

USD 250.

Scheduling Process

1. If you are appearing for Exam 312-50 the web based

Prometric Prime exam, you can contact your ATC to schedule

the exam.

2. If you are appearing for Exam EC0-350 at any authorized

Prometric Testing center, you can schedule the exam by

contacting Prometric directly. You can use the voucher

number given to you by EC-Council upon approval of your

eligibility application form. Please note that Prometric will

NOT schedule exams without the voucher number.

3. For VUE, please visit http://www.vue.com/eccouncil

What is the difference between Exam 312-50 and Exam EC0-350?

EC-Council offers the Certified Ethical Hacker examination over two channels – the

EC-Council Accredited Training Center (ATC) and the Authorized Prometric

Testing Center (APTC). Only students who undergo training for CEH at any ATC

are eligible to appear for the web based Prometric Prime exam (Exam 312-50).

Students who opt to pursue self study can appear for the exam EC0-350 at the

Authorized Prometric Testing Center after they fulfill the examination eligibility

criteria and produce the voucher number to Prometric.

In all other aspects the exams are identical in source and lead to the certification

‘Certified Ethical Hacker’.

Should I attend training to appear for the CEH exam?

EC-Council recommends that CEH aspirants attend formal classroom

training at any of the accredited training centers to reap maximum benefit

of the course and have a greater chance at clearing the examinations. The

ATC will check your work experience before registering for the class. You

are also required to sign a Non-Disclosure Agreement (NDA) when you

enroll for the class.

What are the pre-requisites for taking a CEH exam?

If you attend CEH training, you are eligible to appear for the CEH

examination. If you opt for self study, you must complete the eligibility form

and fax it to EC-council for approval.

Is there any eligibility criteria?

It is mandatory for you to record two years of information security related work

experience and get the same endorsed by your employer. In case you do not

possess the same you can send us a request detailing your educational background

and request for consideration on a case basis.

Why do I have to get approval from EC-Council to appear for the exam without the

training?

EC-Council presents the body of knowledge through CEH to educate and assist

information security professionals in hacking tools and techniques for legally

accepted security testing purposes. It is the social responsibility of EC-Council to

ensure that this knowledge is imparted to people with the right intent and obtain

assurance that this body of knowledge will not be misused

Where do I purchase the prepaid examination vouchers?

You can purchase the vouchers directly from VUE or Prometric.

I have just completed the training. Can I defer taking a test to a later date?

Yes, you can. Ensure that you obtain a certificate of attendance upon completion of

the training. You may contact the ATC at a later date and schedule the exam.

I have just completed the training. Can I take the test at a different location?

Yes, you can. You can take the exam at any ATC offering the CEH program by

presenting your certificate of attendance. This will be verified against our records

and your exam can be scheduled.

Do I have to recertify?

You will need to earn EC-Council Continuing Education Credits (ECE) to maintain

the certification. Click here for more information.

Why are there different versions for the exam?

EC-Council certifications are under continuous development. We incorporate new

techniques and technology as they are made available and are deemed necessary

to meet the course objectives. This is reflected in our examination process as well

as students are tested on concepts, techniques and technology.

How many times can I appear for the examination in case I do not pass in the first

attempt?

There are no restrictions on the number of times you can appear for the

examination, as long as you are able to contact the test center and schedule your

exam in advance. There is no waiting period between attempts.

To request for another eligibility voucher to resit for the exam at Prometric APTC,

send an e-mail to info@eccouncil.org with your details. You don't need to go

through eligibility application process again.

Can I take the exam at VUE testing centers?

Yes. The 312-50 exam is available at VUE testing centers as well. Just like

Prometric APTC, you will need an eligibility number to attempt the exam at Vue.

The eligibility number issued for Prometric cannot be used for VUE and vice versa.

You can indicate in the eligibility application form which center you will be taking

the test. Please visit VUE's EC-Council testing page at

http://www.vue.com/eccouncil

Will EC-Council help me in scheduling the Prometric exam?

You are advised to contact Prometric Registration up to one business day prior to

the date of the scheduled exam, before 7pm Central Standard Time.

When will I get my certificate once I pass the certification examination?

You will receive your welcome kit in eight week’s time upon passing the exam.

How many questions are there in the exam and what is the time duration?

The examination consists of 150 questions. The duration of the test varies according to location

and channel. The exam 312-50 offered through Prometric Prime is of four hour duration. The

exam EC0-350 offered through Prometric APTC is four hours for English speaking countries (US

and others) and four and half hours for Non English speaking countries.

How much should I score to clear the exam?

The passing score is 70%.

I am doing a self study, how do I know I am ready to take the exam? Are there any

practice tests?

Yes, you can take our practice tests to become familiar with the examination

approach.

Can I purchase practice tests?

CEH exam practice tests are available from PrepLogic http://www.preplogic.com

What kind of questions can I expect in the exam? Do you have any exam pointers?

The examination tests you on security related concepts, hacking techniques and

technology. You will be asked to decipher exploit codes, study log files, infer output

and apply the knowledge acquired through the course.

Can I review my answers?

You can mark your questions and review your answers before you end the test.

Register by Telephone

In the US and Canada, candidates can register for EC-Council exams by calling Prometric's direct EC-Council toll-

free registration line at (800) 815-3926 between 7:00 a.m. and 7:00 p.m. CST. Outside the United States and

Canada, please visit www.prometric.com for a complete list of exam registration phone numbers.

Register Online

Candidates can register for EC-Council exams at www.2test.com, Prometric's online registration web site. Online

registration is not available for beta exams. Online exam registration is available in most countries.

Testing Locations

To locate the Testing Center nearest to you, please visit Prometric.com web site.

Please be prepared to provide the following information to Prometric when calling to schedule

your test appointment:

1. First and last name: Please provide your name as you would like it to

appear on your certificate.

2. Social Security Number: For candidates who do not have a Social

Security Number or do not wish to provide one, Prometric will assign a

unique identification number. Please use this ID number each time that

you schedule a new exam.

3. Mailing address: Please list the address to which all correspondence

should be mailed.

4. Company name: If you have listed your business address, please include

your company name to ensure appropriate routing.

5. E-mail address: For the latest program updates, email is the most

efficient and effective means of contacting you.

6. Contact phone numbers

7. Exam number and title

8. Testing center preference: A Prometric customer service representative

can help you identify the testing center near your location.

9. Method of payment (cash, personal check, credit card (American

Express, Mastercard, and Visa), bank transfers, etc.) Payment options

may vary by country.

If your address has changed since you last registered for an exam, please contact Prometric to

update your demographic information.

Scheduling Process

Prometric will schedule each candidate into an Authorized Prometric Testing Center for their

exam appointment. Prometric Registration will only schedule exams that have been paid.

Candidates who need to reschedule an exam can do so as long as they contact Prometric

Registration up to one business day prior to the date of the scheduled exam, before 7pm Central

Standard Time.

Exam Day

It is important that a candidate arrives at the testing center at least fifteen minutes before the scheduled exam

time. The candidate is also required to bring two forms of signature identification, one with a photograph, for

verification purposes. To maintain the security of the test environment, candidates are not permitted to bring

reference materials of any kind into the testing center.

After an exam has been taken a candidate will automatically receive a score report indicating a

pass/fail. If a candidate has taken a beta exam, however, a score report will be sent six to eight

weeks after the termination of the beta availability period.

Exam Retake Policy

Candidates may attempt each exam any number of times, there is no waiting period between attempts.

Ethical Hacking and Countermeasures

(312-50)

New CEHv6 Exam

The CEHv6 exam is currently in beta and will be available on the 5th November,

2008. The CEH v5 exam will be available until June 3rd, 2009 then retired.

Note:

The exam codes EC0-350 are 312-50 are the same exam.

The exam title "Certified Ethical Hacker" and "Ethical Hacking and

Countermeasures" are the same

VUE and Prometric systems use different exam codes.

The CEHv4 exam has been retired since June 1st 2007

CEHv5 exam is available on Prometric Prime, APTC and VUE.

Exams at VUE and Prometric APTC requires Eligibility Code. Please

visit http://www.eccouncil.org/takeexam.htm for details

Credit Towards Certification

Certified Ethical HackerMaster of Security Science (MSS)

Exam Details (CEHv5)

Number of Questions: 150Passing Score: 70%

Test Duration: 4 Hours Test Format: Multiple Choice

Test Delivery: Prometric Prime Exam Version: 5

Release Date: November 13th, 2006Exam Cost: USD 250

Skills Measured

The Exam 312-50 tests CEH candidates on the following 22 domains.

1. Ethics and Legal Issues

2.Footprinting

3.Scanning

4.Enumeration

5.SystemHacking

6.TrojansandBackdoors

7.Sniffers

8.Denial of Service

9. Social Engineering

10. Session Hijacking

11. Hacking Web Servers

12. Web Application Vulnerabilities

13. Web Based Password Cracking Techniques

14. SQL Injection

15. Hacking Wireless Networks

16. Virus and Worms

17. Physical Security

18. Hacking Linux

19. IDS, Firewalls and Honeypots

20. Buffer Overflows

21. Cryptography

22. Penetration Testing Methodologies

Ethics and Legality

Ethics and Legality

Understand Ethical Hacking terminology

Define the Job role of an ethical hacker

Understand the different phases involved in ethical hacking

Identify different types of hacking technologies

List the 5 stages of ethical hacking?

What is hacktivism?

List different types of hacker classes

Define the skills required to become an ethical hacker

What is vulnerability research?

Describe the ways in conducting ethical hacking

Understand the Legal implications of hacking

Understand 18 U.S.C. § 1030 US Federal Law

Footprinting

Define the term Footprinting

Describe information gathering methodology

Describe competitive intelligence

Understand DNS enumeration

Understand Whois, ARIN lookup

Identify different types of DNS records

Understand how traceroute is used in Footprinting

Understand how e-mail tracking works

Understand how web spiders work

Scanning

Define the term port scanning, network scanning and

vulnerability scanning

Understand the CEH scanning methodology

Understand Ping Sweep techniques

Understand nmap command switches

Understand SYN, Stealth, XMAS, NULL, IDLE and FIN scans

List TCP communication flag types

Understand War dialing techniques

Understand banner grabbing and OF fingerprinting

techniques

Understand how proxy servers are used in launching an

attack

How does anonymizers work

Understand HTTP tunneling techniques

Understand IP spoofing techniques

Enumeration

What is Enumeration?

What is meant by null sessions

What is SNMP enumeration?

What are the steps involved in performing enumeration?

System hacking

Understanding password cracking techniques

Understanding different types of passwords

Identifying various password cracking tools

Understand Escalating privileges

Understanding keyloggers and other spyware technologies

Understand how to Hide files

Understanding rootkits

Understand Steganography technologies

Understand how to covering your tracks and erase evidences

Trojans and Backdoors

What is a Trojan?

What is meant by overt and covert channels?

List the different types of Trojans

What are the indications of a Trojan attack?

Understand how “Netcat” Trojan works

What is meant by “wrapping”

How does reverse connecting Trojans work?

What are the countermeasure techniques in preventing

Trojans?

Understand Trojan evading techniques

Sniffers

Understand the protocol susceptible to sniffing

Understand active and passive sniffing

Understand ARP poisoning

Understand ethereal capture and display filters

Understand MAC flooding

Understand DNS spoofing techniques

Describe sniffing countermeasures

Denial of Service

Understand the types of DoS Attacks

Understand how DDoS attack works

Understand how BOTs/BOTNETS work

What is “smurf” attack

What is “SYN” flooding

Describe the DoS/DDoS countermeasures

Social Engineering

What is Social Engineering?

What are the Common Types of Attacks

Understand Dumpster Diving

Understand Reverse Social Engineering

Understand Insider attacks

Understand Identity Theft

Describe Phishing Attacks

Understand Online Scams

Understand URL obfuscation

Social Engineering countermeasures

Session Hijacking

Understand Spoofing vs. Hijacking

List the types of Session Hijacking

Understand Sequence Prediction

What are the steps in performing session hijacking

Describe how you would prevent session hijacking

Hacking Web Servers

List the types of web server vulnerabilities

Understand the attacks Against Web Servers

Understand IIS Unicode exploits

Understand patch management techniques

Understand Web Application Scanner

What is Metasploit Framework?

Describe Web Server hardening methods

Web Application Vulnerabilities

Understanding how web application works

Objectives of web application hacking

Anatomy of an attack

Web application threats

Understand Google hacking

Understand Web Application Countermeasures

Web Based Password Cracking Techniques

List the Authentication types

What is a Password Cracker?

How does a Password Cracker work?

Understand Password Attacks - Classification

Understand Password Cracking Countermeasures

SQL Injection

What is SQL injection?

Understand the Steps to conduct SQL injection

Understand SQL Server vulnerabilities

Describe SQL Injection countermeasures

Wireless Hacking

Overview of WEP, WPA authentication systems and cracking

techniques

Overview of wireless Sniffers and SSID, MAC Spoofing

Understand Rogue Access Points

Understand Wireless hacking techniques

Describe the methods in securing wireless networks

Virus and Worms

Understand the difference between an virus and a Worm

Understand the types of Viruses

How a virus spreads and infects the system

Understand antivirus evasion techniques

Understand Virus detection methods

Physical Security

Physical security breach incidents

Understanding physical security

What is the need for physical security?

Who is accountable for physical security?

Factors affecting physical security

Linux Hacking

Understand how to compile a Linux Kernel

Understand GCC compilation commands

Understand how to install LKM modules

Understand Linux hardening methods

Evading IDS, Honeypots and Firewalls

List the types of Intrusion Detection Systems and evasion

techniques

List firewall and honeypot evasion techniques

Buffer Overflows

Overview of stack based buffer overflows

Identify the different types of buffer overflows and methods of

detection

Overview of buffer overflow mutation techniques

Cryptography

Overview of cryptography and encryption techniques

Describe how public and private keys are generated

Overview of MD5, SHA, RC4, RC5, Blowfish algorithms

Penetration Testing Methodologies

Overview of penetration testing methodologies

List the penetration testing steps

Overview of the Pen-Test legal framework

Overview of the Pen-Test deliverables

List the automated penetration testing tools

CBSECBSE Result 2011

Enter your Email ID below

Get all Latest Sample Papers in your inbox !

Latest

CBSE Heritage India Quiz 2011

AIEEE 2011 Rescheduled Exam

CBSE Science Exhibition 2011

Central Teacher Eligibility Test (CTET)

Computers in Engineering Graphics Laboratories

 

Most Popular

Importance of good handwriting in Exams.

How To Prepare For IIT-JEE And AIEEE

Become a classroom star

Tips and Tricks to Score Best Marks in Exams.

A study Schedule to crack TOEFL, IELTS !

Improve your Study Skills in Exam time.

Better English Speaking Skills.

5 Ways to improve your Memory.

Some AIEEE counseling Tips.

Settling in to university.

Must Dos for students.

Understanding Stress: Common reactions

High risk Behavior: Drug abuse.

Psychosomatic Symptom

Handling Suicide

Must Dos for parents

Most Frequently asked questions on Exams.

How to score Good marks in CBSE.

What to do after 10th and 12th ???

Online CAT entrance exams preparation

Career options in Commerce stream

Career options in Science stream

CBSE Latest Sample Question Papers

How to prepare for English in CBSE

How to solve question Paper ?

Examination Tips and Tricks

Career options after 12th and 10th

How to avoid stress Before Exams.

CBSE Tips for scoring Good marks

University Results :

CCS University, Meerut Results

Guru Nanak Dev University (GNDU) Results

Annamalai University Distance Education

Maharishi Dayanand University MDU Results

IGNOU Results Indira Gandhi National Open University

Delhi Book Fair 2009 at Pragati Maidan

UPSC Toppers Interview

Archive

►  2011 (2)

o ►  January (2)

AIEEE Application Form Status

Vocational Education in India

►  2010 (26)

o ►  November (6)

CBSE Scholarship

CBSE Eligibility for Improvement of Performance Ex...

CBSE Class 10 Passing Criteria

CBSE Class 10th Admission Eligibility Criteria

CBSE Class 12th Admission Eligibility Criteria

CBSE Admission Procedure to Class XI

o ►  September (2)

CBSE SGAI

Optional Proficiency Test for Class X

o ►  August (1)

CWG Theme Song

o ►  July (3)

CBSE SGAT

Rupee Symbol of India Finalised

CBSE Online

o ►  June (2)

DU Cut-off List

CCE Sample Papers

o ►  May (6)

CGPA to Percentage Calculator

Admission of CBSE students in Class XI Eligibility...

CBSE Passing Criteria for Class X

Statement of Subject wise Performance for Class X

CBSE CGPA to Percentage Calculator

CBSE Result 2010 Class X and Class XII

o ►  April (2)

AIEEE 2010 Solutions, Answer Key, Cutoff and Resul...

Right to Education Act, 2009 Rules

o ►  March (2)

CBSE Syllabus of Media Studies for Class XI

CBSE Syllabus of Media Studies for Class XII

o ►  February (1)

CBSE Helpline Numbers and list of Counselors

o ►  January (1)

List of Deemed Universities in India

►  2009 (96)

o ►  December (2)

CBSE Duplicate Certificate

IIT JEE Previous Year Question Papers with Solutio...

o ►  November (3)

CBSE Mathematical Olympiad Sample Papers

AIEEE 2010 Online Application Form

NTSE Sample Papers

o ►  October (3)

PMT Question Papers

India University Exam Results Semester and Year wi...

CBSE CCE In Class IX Exams 2nd Term (October 2009 ...

o ►  September (2)

MP Board Results 2010 | mpbse.nic.in | M.P Board E...

CBSE Improvement Exams Rules and Procedure for Cla...

o ►  July (3)

CBSE Compartment Results 2010 Class 10th and 12th ...

WBSSC Result 2010 | West Bengal SSC Exam Result

MSBTE Summer Results 2010 : Maharashtra State Boar...

o ►  June (3)

GGSIPU IP Counselling Requirements and Tips

FYJC Mumbai 11th Standard Online Admission Process...

Bharathiar University UG Results 2010

o ►  May (8)

AIEEE 2010 Exam Results

IIT JEE 2010 Results Released for Delhi, Bombay, M...

PTU DateSheet 2010 B.Tech | Punjab Technical Unive...

Tamil Nadu HSC Results 2010 Pallikalvi TN Board Re...

Kerala Higher Secondary Result HSE 20010 +2 Result...

RGTU Time Table Bhopal RGTU Results 2010 RGTU Syll...

o ►  April (5)

o ►  March (10)

o ►  February (18)

o ►  January (39)

▼  2008 (478)

o ▼  December (54)

Happy New Year from CBSE Blog !!!

Latest Sample Papers 2009 released by CBSE !

CBSE Datesheet 2009 Released !

More CBSE schools to come up in city....

CBSE to introduce Grading System till Class XII

CBSE Important Questions Class XII Computer Scienc...

CBSE Important Questions Class XII 2009 Accountanc...

CBSE Important Questions Class XII 2009 Accountanc...

CBSE Important Questions Class XII 2009 Accountanc...

Engineering College Admissions ~

Career in Animation ~

Schools of India !

CBSE Sample Paper Class XII Physical Education Sol...

CBSE Sample Paper Class XII Physics 2009

CBSE Guess Paper Class X 2009 Chemsitry

CBSE Guess Paper Class X 2009 Physics !

QUIZ IS FUN !

Song of Youth.....India

Merry Christmas Everyone !

INTELLIGENCE TEST - QUIZ FOR THE WISE GUY !

Inspirational Quotes about Lesson in Life ~ CBSE

Stupid Signs - funny stupid signboards ~ CBSE

EXCUSES FOR NOT DOING HOMEWORK ! CBSE FUN

Fun Quiz - interesting tricky quiz !

Eight per cent Delhi University students are smoke...

Delhi University voters spring a surprise ~ CBSE N...

Delhi University teachers on strike for more pay ~...

Guarantee To Success for CBSE Students !

BECOME A CLASS ROOM STAR ~ Study Tips

Score Best in Computer Science C++ Class XII and C...

The Theme for Cenbosec Issue (Jan. - March 2009) ~...

Results of Zonal Informatics Olympiad 2010

CBSE Important Questions Class XII Physics !

CBSE Important Questions Class X Science Magnetic ...

Help us to Improve our Site !

Tips and Tricks for Scoring Best Marks in Exams :-...

Top rated Institutes/Universities of India :- Best...

Top World Universities for Abroad Studies :- Best ...

Top Asian Universities for Abroad Studies !

Top USA & Canada Universities for Abroad Studies !...

MANIPAL UNIVERSITY ADMISSIONS 2009 Post Graduate P...

U.P TECHNICAL UNIVERSITY UPTU UPTECH Entrance

Exam...

HOTS Questions 2010 for class 10 and class 12 High...

Important Questions for AIEEE - AIEEE Question Pap...

What Makes A Good Science Project?

List of Engineering Entrance Examinations 2009

Common Proficiency Test (CPT) Exam 2010

IIT JAM 2009 Application Seats and Programmes

CISE-Certified Information Security Expert Exam......

Online Nominal Rolls (Computerised List of Candida...

15th National Sahodaya Conference

CBSE Cluster XII (Delhi) Athletic Meet 2008-2009 r...

CBSE HERITAGE INDIA QUIZ – 2010 ANNOUNCEMENT –

NA...

Central Sector Scheme of Scholarship for College a...

o ►  November (10)

o ►  October (24)

o ►  September (52)

o ►  August (68)

o ►  July (54)

o ►  June (42)

o ►  May (173)

o ►  April (1)

Free SMS India Healthcare Delhi UPSC Vocational Training NIOS ICSE NCERT

IGNOU SSC SCERT

 iCBSE © 2010

HOME

SITEMAP

DISCLAIMER

COMMENTS RSS

UPSC