CEH (v10) - Certified Ethical Hacker Training in Colombo, Sri Lanka

Name: CEH (v10) - Certified Ethical Hacker Training in Colombo, Sri Lanka
Address: Colombo, Western,Sri Lanka
Telephone: +65 3158 5082
Price range: 0

242 Ratings

1847 Learners

This Ethical Hacking Course in Colombo will train you on the advanced step-by-step methodologies that hackers actually use, such as writing virus codes, and reverse engineering, so you can better protect corporate infrastructure from data breaches. You’ll master advanced network packet analysis, securing web servers, malware threats, and advanced system penetration testing techniques to build your network security skillset and beat hackers at their own game.

Winner 2018

For business

Corporate Training Solutions

Blended learning delivery model (self-paced eLearning and/or instructor-led options)
Flexible pricing options
Enterprise grade Learning Management System (LMS)
Enterprise dashboards for individuals and teams
24x7 learner assistance and support

Explore our course

Course description

What are the course objectives?
Simplilearn’s CEH v10 Certified Ethical Hacker training (earlier CEH v9) in Colombo provides hands-on classroom training to help you master the same techniques that hackers use to penetrate network systems and leverage them ethically to protect your own infrastructure. The extensive course focuses on 20 of the most popular security domains to provide a practical approach to essential security systems. You will learn to assess computer system security by using penetration testing techniques; scan, test and hack secure systems and applications, and gain hands-on experience with sniffing, phishing and exploitation tactics. This ethical hacking course in Colombo will prepare you for the EC-Council Certified Ethical Hacker exam 312-50.

In the latest CEH v10 EC-Council has introduced the following changes:
- CEH practical exam
- Increased focus on Cloud attack vectors, AI and Machine Learning
- Upgraded Vulnerability Assessment material
- A module on the Internet of Things(IoT) Security
Why is the CEH certification so desirable?

The EC-Council Certified Ethical Hacker course in Colombo verifies your advanced security skill sets to thrive in the worldwide information security domain. Many IT departments have made CEH certification a compulsory qualification for security-related posts, making it a go-to certification for security professionals. And CEH-certified professionals typically earn 44 percent higher salaries than their non-certified peers.

The ethical hacking certification course opens up numerous career advancement opportunities, preparing you for a role as a computer network defense (CND) analyst, CND infrastructure support, CND incident responder, CND auditor, forensic analyst, intrusion analyst, security manager and other related high-profile roles.
What skills will you learn in the Ethical Hacking course in Colombo?
Simplilearn’s Ethical Hacking Course in Colombo will expand your knowledge of network, web and mobile app security and prepare you to identify threats and vulnerabilities. This CEH training course will help you:
- Grasp the step-by-step methodology and tactics that hackers use to penetrate network systems
- Understand the finer nuances of trojans, backdoors and countermeasures
- Get a better understanding of IDS, firewalls, honeypots and wireless hacking
- Master advanced hacking concepts, including mobile device and smart phone hacking, writing virus codes, exploit writing & reverse engineering and corporate espionage,
- Gain expertise on advanced concepts such as advanced network packet analysis, securing IIS & Apache web servers, Windows system administration using Powershell, and hacking SQL and Oracle databases
- Cover the latest developments in mobile and web technologies including Andriod, iOS, BlackBerry, Windows Phone and HTML 5
- Learn advanced log management for information assurance and allow you to manage information security with more clarity
Who should take the Ethical Hacking Course?
The Certified Ethical Hacker CEH training course in Colombo is best suited for:
- Network security officers and practitioners
- Site administrators
- IS/IT specialist, analyst or manager
- IS/IT auditor or consultant
- IT operations manager
- IT security specialist, analyst, manager, architect or administrator
- IT security officer, auditor or engineer
- Network specialist, analyst, manager, architect, consultant or administrator
- Technical support engineer
- Senior systems engineer
- Systems analyst or administrator
What is CEH certification?

Certified Ethical Hacker (CEH) certification will enhance your ability to assess and analyze computer systems security to protect your corporate infrastructure. The exam code for CEH certification (version 10) is 312-50 and tests your capabilities in using penetration testing tools to evaluate computer systems and network security and implementing the special techniques of ethical hacking.

Tools covered

Network security Tools

Password Cracking Tools

Penetration testing Tools

Sniffing Tools

SQL Injection Tools

Web application security Tools

Course preview

Module 01- Introduction to Ethical Hacking
- Lesson 01 - Information Security Overview
  22:30
  - 1 Demo of Aspen and iLabs
    22:30
  - 2 Internet is Integral Part of Business and Personal Life - What Happens Online in 60 Seconds
  - 3 Essential Terminology
  - 4 Elements of Information Security
  - 5 The Security, Functionality, and Usability Triangle
- Lesson 02 - Information Security Threats and Attack Vectors
  01:56
  - 1 Motives, Goals, and Objectives of Information Security Attacks
  - 2 Top Information Security Attack Vectors
  - 3 Information Security Threat Categories
  - 4 Types of Attacks on a System
    01:56
  - 5 Information Warfare
- Lesson 06 - Penetration Testing Concepts
  - 1 Penetration Testing
  - 2 Why Penetration Testing
  - 3 Comparing Security Audit, Vulnerability Assessment, and Penetration Testing
  - 4 Blue Teaming/Red Teaming
  - 5 Types of Penetration Testing
  - 6 Phases of Penetration Testing
  - 7 Security Testing Methodology
- Lesson 03 - Hacking Concepts
  01:29
  - 1 What is Hacking
    01:29
  - 2 Who is a Hacker?
  - 3 Hacker Classes
  - 4 Hacking Phases
- Lesson 04 - Ethical Hacking Concepts
  - 1 What is Ethical Hacking?
  - 2 Why Ethical Hacking is Necessary
  - 3 Scope and Limitations of Ethical Hacking
  - 4 Skills of an Ethical Hacker
- Lesson 05 - Information Security Controls
  - 1 Information Assurance (IA)
  - 2 Information Security Management Program
  - 4 Enterprise Information Security Architecture (EISA)
  - 5 Network Security Zoning
  - 6 Defense in Depth
  - 7 Information Security Policies
  - 8 Physical Security
  - 10 What is Risk?
  - 11 Threat Modeling
  - 12 Incident Management
  - 13 Security Incident and Event Management (SIEM)
  - 14 User Behavior Analytics (UBA)
  - 15 Network Security Controls
  - 16 Identity and Access Management (IAM)
  - 17 Data Leakage
  - 18 Data Backup
  - 19 Data Recovery
  - 20 Role of AI/ML in Cyber Security
- Lesson 07 - Information Security Laws and Standards
  - 1 Payment Card Industry Data Security Standard (PCI-DSS)
  - 2 ISO/IEC 27001:2013
  - 3 Health Insurance Portability and Accountability Act (HIPAA)
  - 4 Sarbanes Oxley Act (SOX)
  - 5 The Digital Millennium Copyright Act (DMCA)
  - 6 Federal Information Security Management Act (FISMA)
  - 7 Cyber Law in Different Countries
Module 02- Footprinting and Reconnaissance
- Lesson 01 - Footprinting Concepts
  01:04
  - 1 What is Footprinting?
    01:04
  - 2 Objectives of Footprinting
- Lesson 02 - Footprinting through Search Engines
  18:51
  - 1 Footprinting through Search Engines
    12:09
  - 2 Footprinting using Advanced Google Hacking Techniques
  - 3 Information Gathering Using Google Advanced Search and Image Search
  - 4 Google Hacking Database
    06:42
  - 5 VoIP and VPN Footprinting through Google Hacking Database
- Lesson 03 - Footprinting through Web Services
  08:37
  - 1 Finding Company’s Top-level Domains (TLDs) and Sub-domains
  - 2 Finding the Geographical Location of the Target
  - 3 People Search on Social Networking Sites and People Search Services
    07:41
  - 4 Gathering Information from LinkedIn
  - 5 Gather Information from Financial Services
  - 6 Footprinting through Job Sites
    00:56
  - 7 Monitoring Target Using Alerts
  - 8 Information Gathering Using Groups, Forums, and Blogs
  - 9 Determining the Operating System
  - 10 VoIP and VPN Footprinting through SHODAN
- Lesson 04 - Footprinting through Social Networking Sites
  - 1 Collecting Information through Social Engineering on Social Networking Sites
- Lesson 05 - Website Footprinting
  08:21
  - 1 Website Footprinting
    08:21
  - 2 Website Footprinting using Web Spiders
  - 3 Mirroring Entire Website
  - 4 Extracting Website Information from https://archive.org
  - 5 Extracting Metadata of Public Documents
  - 6 Monitoring Web Pages for Updates and Changes
- Lesson 06- Email Footprinting
  37:01
  - 1 Tracking Email Communications
    37:01
  - 2 Collecting Information from Email Header
  - 3 Email Tracking Tools
- Lesson 07- Competitive Intelligence
  00:50
  - 1 Competitive Intelligence Gathering
    00:50
  - 2 Competitive Intelligence - When Did this Company Begin? How Did it Develop?
  - 3 Competitive Intelligence - What Are the Company's Plans?
  - 4 Competitive Intelligence - What Expert Opinions Say About the Company
  - 5 Monitoring Website Traffic of Target Company
  - 6 Tracking Online Reputation of the Target
- Lesson 08- Whois Footprinting
  42:37
  - 1 Whois Lookup
    12:11
  - 2 Whois Lookup Result Analysis
    30:26
  - 3 Whois Lookup Tools
  - 4 Finding IP Geolocation Information
- Lesson 09- DNS Footprinting
  - 1 Extracting DNS Information
  - 2 DNS Interrogation Tools
- Lesson 10- Network Footprinting
  - 1 Locate the Network Range
  - 2 Traceroute
  - 3 Traceroute
  - 4 Traceroute Tools
- Lesson 11- Footprinting through Social Engineering
  09:17
  - 1 Footprinting through Social Engineering
    09:17
  - 2 Collect Information Using Eavesdropping, Shoulder Surfing, and Dumpster Diving
- Lesson 12- Footprinting Tools
  - 1 Maltego
  - 2 Recon-ng
  - 3 FOCA
  - 4 Recon-Dog
  - 5 OSRFramework
  - 6 Additional Footprinting Tools
- Lesson 13- Countermeasures
  00:57
  - 1 Footprinting Countermeasures
    00:57
- Lesson 14- Footprinting Pen Testing
  - 1 Footprinting Pen Testing
  - 2 Footprinting Pen Testing Report Templates
Module 03- Scanning Networks
- Lesson 01 - Network Scanning Concepts
  - 1 Overview of Network Scanning
  - 2 TCP Communication Flags
  - 3 TCP/IP Communication
  - 4 Creating Custom Packet Using TCP Flags
  - 5 Scanning in IPv6 Networks
- Lesson 02 - Scanning Tools
  - 1 Nmap
  - 2 Hping2 / Hping3
  - 3 Scanning Tools
  - 4 Scanning Tools for Mobile
- Lesson 03- Scanning Techniques
  - 1 Scanning Technique
  - 2 Port Scanning Countermeasures
- Lesson 04- Scanning Beyond IDS and Firewall
  - 1 IDS/Firewall Evasion Techniques
- Lesson 05- Banner Grabbing
  06:25
  - 1 Banner Grabbing
    03:19
  - 2 How to Identify Target System OS
    03:06
  - 3 Banner Grabbing Countermeasures
- Lesson 06- Draw Network Diagrams
  - 1 Draw Network Diagrams
  - 2 Network Discovery and Mapping Tools
  - 3 Network Discovery Tools for Mobile
- Lesson 07- Scanning Pen Testing
  - 1 Scanning Pen Testing
Module 04- Enumeration
- Lesson 01 - Enumeration Concepts
  - 1 What is Enumeration?
  - 2 Techniques for Enumeration
  - 3 Services and Ports to Enumerate
- Lesson 02 - NetBIOS Enumeration
  14:40
  - 1 NetBIOS Enumeration
    14:40
  - 2 NetBIOS Enumeration Tool
  - 3 Enumerating User Accounts
  - 4 Enumerating Shared Resources Using Net View
- Lesson 03 - SNMP Enumeration
  06:20
  - 1 SNMP (Simple Network Management Protocol) Enumeration
    06:20
  - 2 Working of SNMP
  - 3 Management Information Base (MIB)
  - 4 SNMP Enumeration Tools
- Lesson 04 - LDAP Enumeration
  05:45
  - 1 LDAP Enumeration
    05:45
  - 2 LDAP Enumeration Tools
- Lesson 05 - NTP Enumeration
  03:59
  - 1 NTP Enumeration
    03:59
  - 2 NTP Enumeration Commands
  - 2 NTP Enumeration Tools
- Lesson 06 - SMTP Enumeration and DNS Enumeration
  17:21
  - 1 SMTP Enumeration
    17:21
  - 2 SMTP Enumeration Tools
  - 3 DNS Enumeration Using Zone Transfer
- Lesson 08 - Enumeration Countermeasures
  - 1 Enumeration Countermeasures
- Lesson 07 - Other Enumeration Techniques
  - 1 IPsec Enumeration
  - 2 VoIP Enumeration
  - 3 RPC Enumeration
  - 4 Unix/Linux User Enumeration
- Lesson 09 - Enumeration Pen Testing
  - 1 Enumeration Pen Testing
- Module 05- Vulnerability Analysis
  - Lesson 05- Vulnerability Assessment Reports
    - 1 Vulnerability Assessment Reports
    - 2 Analyzing Vulnerability Scanning Report
Module 05- Vulnerability Analysis
- Lesson 01- Vulnerability Assessment Concepts
  - 1 Vulnerability Research
  - 2 Vulnerability Classification
  - 3 What is Vulnerability Assessment?
  - 4 Types of Vulnerability Assessment
  - 5 Vulnerability-Management Life Cycle
- Lesson 02- Vulnerability Assessment Solutions
  - 1 Comparing Approaches to Vulnerability Assessment
  - 2 Working of Vulnerability Scanning Solutions
  - 3 Types of Vulnerability Assessment Tools
  - 4 Characteristics of a Good Vulnerability Assessment Solution
  - 5 Choosing a Vulnerability Assessment Tool
  - 6 Criteria for Choosing a Vulnerability Assessment Tool
  - 7 Best Practices for Selecting Vulnerability Assessment Tools
- Lesson 03- Vulnerability Scoring Systems
  - 1 Common Vulnerability Scoring System (CVSS)
  - 2 Common Vulnerabilities and Exposures (CVE)
  - 3 National Vulnerability Database (NVD)
  - 4 Resources for Vulnerability Research
- Lesson 04- Vulnerability Assessment Tools
  - 1 Vulnerability Assessment Tools
  - 2 Vulnerability Assessment Tools for Mobile
- Lesson 05- Vulnerability Assessment Reports
  - 1 Vulnerability Assessment Reports
  - 2 Analyzing Vulnerability Scanning Report
Module 06- System Hacking
- Lesson 01- System Hacking Concepts
  - 1 CEH Hacking Methodology (CHM)
  - 2 System Hacking Goals
- Lesson 02- Cracking Passwords
  - 1 Password Cracking
  - 2 Types of Password Attacks
  - 3 Password Recovery Tools
  - 4 Microsoft Authentication
  - 5 How Hash Passwords Are Stored in Windows SAM?
  - 6 NTLM Authentication Process
  - 7 Kerberos Authentication
  - 8 Password Salting
  - 9 Tools to Extract the Password Hashes
  - 10 Password Cracking Tools
  - 11 How to Defend against Password Cracking
  - 12 How to Defend against LLMNR/NBT-NS Poisoning
- Lesson 03- Escalating Privileges
  - 1 Privilege Escalation
  - 2 Privilege Escalation Using DLL Hijacking
  - 3 Privilege Escalation by Exploiting Vulnerabilities
  - 4 Privilege Escalation Using Dylib Hijacking
  - 5 Privilege Escalation using Spectre and Meltdown Vulnerabilities
  - 6 Other Privilege Escalation Techniques
  - 7 How to Defend Against Privilege Escalation
- Lesson 04- Executing Applications
  - 1 Executing Applications
  - 2 Keylogger
  - 3 Spyware
  - 4 How to Defend Against Keyloggers
  - 5 How to Defend Against Spyware
- Lesson 05- Hiding Files
  - 1 Rootkits
  - 2 NTFS Data Stream
  - 3 What is Steganography?
- Lesson 06- Covering Tracks
  - 1 Covering Tracks
  - 2 Disabling Auditing: Auditpol
  - 3 Clearing Logs
  - 4 Manually Clearing Event Logs
  - 5 Ways to Clear Online Tracks
  - 6 Covering BASH Shell Tracks
  - 7 Covering Tracks on Network
  - 8 Covering Tracks on OS
  - 9 Covering Tracks Tools
- Lesson 07- Penetration Testing
  - 1 Password Cracking
  - 2 Privilege Escalation
  - 3 Executing Applications
  - 4 Hiding Files
  - 5 Covering Tracks
Module 07- Malware Threats
- Lesson 01- Malware Concepts
  - 1 Introduction to Malware
  - 2 Different Ways a Malware can Get into a System
  - 3 Common Techniques Attackers Use to Distribute Malware on the Web
  - 4 Components of Malware
- Lesson 02- Trojan Concepts
  - 1 What is a Trojan?
  - 2 How Hackers Use Trojans
  - 3 Common Ports used by Trojans
  - 4 How to Infect Systems Using a Trojan
  - 5 Trojan Horse Construction Kit
  - 6 Wrappers
  - 7 Crypters
  - 8 How Attackers Deploy a Trojan
  - 9 Exploit Kits
  - 10 Evading Anti-Virus Techniques
  - 11 Types of Trojans
- Lesson 03- Virus and Worm Concepts
  - 1 Introduction to Viruses
  - 2 Stages of Virus Life
  - 3 Working of Viruses
  - 4 Indications of Virus Attack
  - 5 How does a Computer Get Infected by Viruses
  - 6 Virus Hoaxes
  - 7 Fake Antiviruses
  - 8 Ransomware
  - 9 Types of Viruses
  - 10 Creating Virus
  - 11 Computer Worms
  - 12 Worm Makers
- Lesson 04- Malware Analysis
  - 1 What is Sheep Dip Computer?
  - 2 Anti-Virus Sensor Systems
  - 3 Introduction to Malware Analysis
  - 4 Malware Analysis Procedure: Preparing Testbed
  - 5 Static Malware Analysis
  - 6 Dynamic Malware Analysis
  - 7 Virus Detection Methods
  - 8 Trojan Analysis: ZeuS/Zbot
  - 9 Virus Analysis: WannaCry
- Lesson 05- Countermeasures
  - 1 Trojan Countermeasures
  - 2 Backdoor Countermeasures
  - 3 Virus and Worms Countermeasures
- Lesson 06- Anti-Malware Software
  - 1 Anti-Trojan Software
  - 2 Antivirus Software
- Lesson 07- Malware Penetration Testing
  - 1 Malware Penetration Testing
Module 08- Sniffing
- Lesson 01- Sniffing Concepts
  - 1 Network Sniffing
  - 2 Types of Sniffing
  - 3 How an Attacker Hacks the Network Using Sniffers
  - 4 Protocols Vulnerable to Sniffing
  - 5 Sniffing in the Data Link Layer of the OSI Model
  - 6 Hardware Protocol Analyzers
  - 7 SPAN Port
  - 8 Wiretapping
  - 9 Lawful Interception
- Lesson 02- Sniffing Technique: MAC Attacks
  - 1 MAC Address/CAM Table
  - 2 How CAM Works
  - 3 What Happens When CAM Table Is Full?
  - 4 MAC Flooding
  - 5 Switch Port Stealing
  - 6 How to Defend against MAC Attacks
- Lesson 03- Sniffing Technique: DHCP Attacks
  - 1 How DHCP Works
  - 2 DHCP Request/Reply Messages
  - 3 DHCP Starvation Attack
  - 4 Rogue DHCP Server Attack
  - 5 How to Defend Against DHCP Starvation and Rogue Server Attack
- Lesson 04- Sniffing Technique: ARP Poisoning
  - 1 What Is Address Resolution Protocol (ARP)?
  - 2 ARP Spoofing Attack
  - 3 Threats of ARP Poisoning
  - 4 ARP Poisoning Tools
  - 5 How to Defend Against ARP Poisoning
  - 6 Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches
  - 7 ARP Spoofing Detection Tools
- Lesson 05- Sniffing Technique: Spoofing Attacks
  - 1 MAC Spoofing/Duplicating
  - 2 MAC Spoofing Technique: Windows
  - 3 MAC Spoofing Tools
  - 4 IRDP Spoofing
  - 5 How to Defend Against MAC Spoofing
- Lesson 06- Sniffing Technique: DNS Poisoning
  - 1 DNS Poisoning Techniques
  - 2 How to Defend Against DNS Spoofing
- Lesson 07- Sniffing Tools
  - 1 Sniffing Tool: Wireshark
  - 2 Sniffing Tools
  - 3 Packet Sniffing Tools for Mobile
- Lesson 08- Countermeasures
  - 1 How to Defend Against Sniffing
- Lesson 09- Sniffing Detection Techniques
  - 1 How to Detect Sniffing
  - 2 Sniffer Detection Techniques
  - 3 Promiscuous Detection Tools
- Lesson 10- Sniffing Pen Testing
  - 1 Sniffing Penetration Testing
Module 09- Social Engineering
- Lesson 01 - Social Engineering Concepts
  - 1 What is Social Engineering?
  - 2 Phases of a Social Engineering Attack
- Lesson 02 - Social Engineering Techniques
  - 1 Types of Social Engineering
  - 2 Human-based Social Engineering
  - 3 Computer-based Social Engineering
  - 4 Mobile-based Social Engineering
- Lesson 04 - Impersonation on Social Networking Sites
  - 1 Social Engineering Through Impersonation on Social Networking Sites
  - 2 Impersonation on Facebook
  - 3 Risks of Social Networking Threats to Corporate Networks
- Lesson 05 - Identity Theft
  - 1 Identify Theft
- Lesson 06 - Countermeasures
  - 1 Social Engineering Countermeasures
  - 2 Insider Threats Countermeasures
  - 3 Identity Theft Countermeasures
  - 4 How to Detect Phishing Emails
  - 5 Anti-Phishing Toolbar
  - 6 Common Social Engineering Targets and Defense Strategies
- Lesson 07 - Social Engineering Penetration Testing
  - 1 Social Engineering Pen Testing
  - 2 Social Engineering Pen Testing Tools
- Lesson 03- Insider Threats
  - 1 Insider Threat / Insider Attack
  - 2 Type of Insider Threats
Module 10- Denial-of-Service
- Lesson 01 - DoS/DDoS Concepts
  - 1 What is Denial of Service Attack?
  - 2 What is Distributed Denial of Service Attack?
- Lesson 02 - DoS/DDoS Attack Techniques
  - 1 Basic Categories of DoS/DDoS Attack Vectors
  - 2 UDP Flood Attack
  - 3 ICMP Flood Attack
  - 4 Ping of Death and Smurf Attack
  - 5 SYN Flood Attack
  - 6 Fragmentation Attack
  - 7 HTTP GET/POST and Slowloris Attacks
  - 8 Multi-Vector Attack
  - 9 Peer-to-Peer Attacks
  - 10 Permanent Denial-of-Service Attack
  - 11 Distributed Reflection Denial-of-Service (DRDoS)
- Lesson 03 - Botnets
  - 1 Organized Cyber Crime: Organizational Chart
  - 2 Botnet
  - 3 A Typical Botnet Setup
  - 4 Botnet Ecosystem
  - 5 Scanning Methods for Finding Vulnerable Machines
  - 6 How Malicious Code Propagates?
  - 7 Botnet Trojan
- Lesson 04 - DDoS Case Study
  - 1 DDoS Attack
  - 2 Hackers Advertise Links to Download Botnet
  - 3 Use of Mobile Devices as Botnets for Launching DDoS Attacks
  - 4 DDoS Case Study: Dyn DDoS Attack
- Lesson 05 - DoS/DDoS Attack Tools
  - 1 DoS and DDoS Attack Tool
  - 2 DoS and DDoS Attack Tool for Mobile
- Lesson 06 - Countermeasures
  - 1 Detection Techniques
  - 2 DoS/DDoS Countermeasure Strategies
  - 3 DDoS Attack Countermeasures
  - 4 Techniques to Defend against Botnets
  - 5 DoS/DDoS Countermeasures
  - 6 DoS/DDoS Protection at ISP Level
  - 7 Enabling TCP Intercept on Cisco IOS Software
- Lesson 07 - DoS/DDoS Protection Tools
  - 1 Advanced DDoS Protection Appliances
  - 2 DoS/DDoS Protection Tools
- Lesson 08 - DoS/DDoS Attack Penetration Testing
  - 1 Denial-of-Service (DoS) Attack Pen Testing
- Module 11- Session Hijacking
  - Lesson 06- Penetration Testing
    - 1 Session Hijacking Pen Testing
Module 11- Session Hijacking
- Lesson 01- Session Hijacking Concepts
  - 1 What is Session Hijacking?
  - 2 Why Session Hijacking is Successful?
  - 3 Session Hijacking Process
  - 4 Packet Analysis of a Local Session Hijack
  - 5 Types of Session Hijacking
  - 6 Session Hijacking in OSI Model
  - 7 Spoofing vs. Hijacking
- Lesson 02- Application Level Session Hijacking
  - 1 Application Level Session Hijacking
  - 2 Compromising Session IDs using Sniffing and by Predicting Session Token
  - 3 Compromising Session IDs Using Man-in-the-Middle Attack
  - 4 Compromising Session IDs Using Man-in-the-Browser Attack
  - 5 Compromising Session IDs Using Client-side Attacks
  - 6 Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack
  - 7 Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack
  - 8 Compromising Session IDs Using Session Replay Attack
  - 9 Compromising Session IDs Using Session Fixation
  - 10 Session Hijacking Using Proxy Servers
  - 11 Session Hijacking Using CRIME Attack
  - 12 Session Hijacking Using Forbidden Attack
- Lesson 03- Network Level Session Hijacking
  - 1 TCP/IP Hijacking
  - 2 IP Spoofing: Source Routed Packets
  - 3 RST Hijacking
  - 4 Blind Hijacking
  - 5 UDP Hijacking
  - 6 MiTM Attack Using Forged ICMP and ARP Spoofing
- Lesson 04- Session Hijacking Tools
  - 1 Session Hijacking Tools
  - 2 Session Hijacking Tools For Mobile
- Lesson 05- Countermeasures
  - 1 Session Hijacking Detection Methods
  - 2 Protecting against Session Hijacking
  - 3 Methods to Prevent Session Hijacking: To be Followed by Web Developers
  - 4 Methods to Prevent Session Hijacking: To be Followed by Web Users
  - 5 Session Hijacking Detection Tools
  - 6 Approaches Vulnerable to Session Hijacking and their Preventative Solutions
  - 7 Approaches to Prevent Session Hijacking
  - 8 IPSec
  - 9 Session Hijacking Prevention Tools
- Lesson 06- Penetration Testing
  - 1 Session Hijacking Pen Testing
Module 12 - Evading IDS, Firewalls, and Honeypots
- Lesson 01- IDS, Firewall and Honeypot Concepts
  - 1 Intrusion Detection System (IDS)
  - 2 Firewall
  - 3 Honeypot
- Lesson 02- IDS, Firewall and Honeypot Solutions
  - 1 Intrusion Detection Tool
  - 2 Firewalls
  - 3 Honeypot Tools
- Lesson 03- Evading IDS
  - 1 IDS Evasion Techniques
- Lesson 04- Evading Firewalls
  - 1 Firewall Evasion Techniques
- Lesson 05- IDS/Firewall Evading Tools
  - 1 IDS/Firewall Evasion Tools
  - 2 Packet Fragment Generator Tools
- Lesson 06- Detecting Honeypots
  - 1 Detecting Honeypots
  - 2 Detecting and Defeating Honeypots
  - 3 Honeypot Detection Tool: Send-Safe Honeypot Hunte
- Lesson 07- IDS/Firewall Evasion Countermeasures
  - 1 How to Defend Against IDS Evasion
  - 2 How to Defend Against Firewall Evasion
- Lesson 08- Penetration Testing
  - Firewall/IDS Penetration Testing
Module 13- Hacking Web Servers
- Lesson 01- Web Server Concepts
  - 1 Web Server Operations
  - 2 Open Source Web Server Architecture
  - 3 IIS Web Server Architecture
  - 4 Web Server Security Issue
  - 5 Why Web Servers Are Compromised?
  - 6 Impact of Web Server Attacks
- Lesson 02- Web Server Attacks
  - 1 DoS/DDoS Attacks
  - 2 DNS Server Hijacking
  - 3 DNS Amplification Attack
  - 4 Directory Traversal Attacks
  - 5 Man-in-the-Middle/Sniffing Attack
  - 6 Phishing Attacks
  - 7 Website Defacement
  - 8 Web Server Misconfiguration
  - 9 HTTP Response Splitting Attack
  - 10 Web Cache Poisoning Attack
  - 11 SSH Brute Force Attack
  - 12 Web Server Password Cracking
  - 13 Web Application Attacks
- Lesson 03- Web Server Attack Methodology
  - 1 Information Gathering
  - 2 Web Server Footprinting/Banner Grabbing
  - 3 Website Mirroring
  - 4 Vulnerability Scanning
  - 5 Session Hijacking
  - 6 Web Server Passwords Hacking
  - 7 Using Application Server as a Proxy
- Lesson 04- Web Server Attack Tools
  - 1 Metasploit
  - 2 Web Server Attack Tools
- Lesson 05- Countermeasures
  - 1 Place Web Servers in Separate Secure Server Security Segment on Network
  - 2 Countermeasures
  - 3 Detecting Web Server Hacking Attempts
  - 4 How to Defend Against Web Server Attacks
  - 5 How to Defend against HTTP Response Splitting and Web Cache Poisoning
  - 6 How to Defend against DNS Hijacking
- Lesson 06- Patch Management
  - 1 Patches and Hotfixes
  - 2 What is Patch Management
  - 3 Installation of a Patch
  - 4 Patch Management Tools
- Lesson 07- Web Server Security Tools
  - 1 Web Application Security Scanners
  - 2 Web Server Security Scanners
  - 3 Web Server Security Tools
- Lesson 08- Web Server Pen Testing
  - 1 Web Server Penetration Testing
  - 2 Web Server Pen Testing Tools
Module 14- Hacking Web Applications
- Lesson 01 - Web App Concepts
  - 1 Introduction to Web Applications
  - 2 Web Application Architecture
  - 3 Web 2.0 Applications
  - 4 Vulnerability Stack
- Lesson 02 - Web App Threats
  - 1 OWASP Top 10 Application Security Risks – 2017
  - 2 Other Web Application Threats
- Lesson 03 - Hacking Methodology
  - 1 Web App Hacking Methodology
  - 2 Footprint Web Infrastructure
  - 2 Attack Web Servers
  - 3 Analyze Web Applications
  - 4 Bypass Client-Side Controls
  - 5 Attack Authentication Mechanism
  - 6 Authorization Attack Schemes
  - 7 Attack Access Controls
  - 8 Attack Session Management Mechanism
  - 9 Perform Injection/Input Validation Attacks
  - 10 Attack Application Logic Flaws
  - 11 Attack Database Connectivity
  - 12 Attack Web App Client
  - 13 Attack Web Services
- Lesson 04 - Web Application Hacking Tools
  - 1 Web Application Hacking Tools
- Lesson 05 - Countermeasures
  - 1 Web Application Fuzz Testing
  - 2 Source Code Review
  - 3 Encoding Schemes
  - 4 How to Defend Against Injection Attacks
  - 5 Web Application Attack Countermeasures
  - 6 How to Defend Against Web Application Attacks
- Lesson 06 - Web App Security Testing Tools
  - 1 Web Application Security Testing Tools
  - 2 Web Application Firewall
- Lesson 07 - Web App Pen Testing
  - 1 Web Application Pen Testing
  - 2 Web Application Pen Testing Framework
Module 15- SQL Injection
- Lesson 01 - SQL Injection Concepts
  - 1 What is SQL Injection?
  - 2 SQL Injection and Server-side Technologies
  - 3 Understanding HTTP POST Request
  - 4 Understanding Normal SQL Query
  - 5 Understanding an SQL Injection Query
  - 6 Understanding an SQL Injection Query – Code Analysis
  - 8 Example of a Web App Vulnerable to SQL Injection: BadProductList.aspx
  - 9 Example of a Web Application Vulnerable to SQL Injection: Attack Analysis
  - 10 Example of SQL Injection
- Lesson 02 - Types of SQL Injection
  - 1 Types of SQL Injection
- Lesson 03 - SQL Injection Methodology
  - 1 SQL Injection Methodology
- Lesson 04 - SQL Injection Tools
  - 1 SQL Injection Tools
  - 2 SQL Injection Tools
  - 3 SQL Injection Tools for Mobile
- Lesson 05 - Evasion Techniques
  - 1 Evading IDS
  - 2 Types of Signature Evasion Techniques
- Lesson 06 - Countermeasures
  - 1 How to Defend Against SQL Injection Attacks?
  - 2 SQL Injection Detection Tools
  - 3 SQL Injection Detection Tools
Module 16- Hacking Wireless Networks
- Lesson 01 - Wireless Concepts
  - 1 Wireless Terminologies
  - 2 Wireless Networks
  - 3 Wireless Standards
  - 4 Service Set Identifier (SSID)
  - 5 Wi-Fi Authentication Modes
  - 6 Wi-Fi Authentication Process Using a Centralized Authentication Server
  - 7 Types of Wireless Antenna
- Lesson 02 - Wireless Encryption
  - 1 Types of Wireless Encryption
  - 2 WEP vs. WPA vs. WPA2
  - 3 WEP Issues
  - 4 Weak Initialization Vectors (IV)
- Lesson 03 - Wireless Threats
  - 1 Wireless Threats
- Lesson 04 - Wireless Hacking Methodology
  - 1 Wireless Hacking Methodology
- Lesson 05 - Wireless Hacking Tools
  - 1 WEP/WPA Cracking Tools
  - 2 WEP/WPA Cracking Tool for Mobile
  - 3 Wi-Fi Sniffer
  - 4 Wi-Fi Traffic Analyzer Tools
  - 5 Other Wireless Hacking Tools
- Lesson 06 - Bluetooth Hacking
  - 1 Bluetooth Stack
  - 2 Bluetooth Hacking
  - 3 Bluetooth Threats
  - 4 How to BlueJack a Victim?
  - 4 Bluetooth Hacking Tools
- Lesson 07 - Countermeasures
  - 1 Wireless Security Layers
  - 2 How to Defend Against WPA/WPA2 Cracking
  - 3 How to Defend Against KRACK Attacks
  - 4 How to Detect and Block Rogue AP
  - 5 How to Defend Against Wireless Attacks
  - 6 How to Defend Against Bluetooth Hacking
- Lesson 08 - Wireless Security Tools
  - 1 Wireless Intrusion Prevention Systems
  - 2 Wireless IPS Deployment
  - 3 Wi-Fi Security Auditing Tool
  - 4 Wi-Fi Intrusion Prevention System
  - 5 Wi-Fi Predictive Planning Tools
  - 6 Wi-Fi Vulnerability Scanning Tools
  - 7 Bluetooth Security Tool
  - 8 Wi-Fi Security Tools for Mobile
- Lesson 09 - Wi-Fi Pen Testing
  - 1 Wireless Penetration Testing
  - 2 Wireless Penetration Testing Framework
Module 17- Hacking Mobile Platforms
- Lesson 01- Mobile Platform Attack Vectors
  - 1 Vulnerable Areas in Mobile Business Environment
  - 2 OWASP Top 10 Mobile Risks - 2016
  - 3 Anatomy of a Mobile Attack
  - 4 How a Hacker can Profit from Mobile when Successfully Compromised
  - 5 Mobile Attack Vectors and Mobile Platform Vulnerabilities
  - 6 Security Issues Arising from App Stores
  - 7 App Sandboxing Issues
  - 8 Mobile Spam
  - 9 SMS Phishing Attack (SMiShing) (Targeted Attack Scan)
  - 10 Pairing Mobile Devices on Open Bluetooth and Wi-Fi Connections
- Lesson 02- Hacking Android OS
  - 1 Android OS
  - 2 Android Rooting
  - 3 Blocking Wi-Fi Access using NetCut
  - 4 Hacking with zANTI
  - 5 Hacking Networks Using Network Spoofer
  - 6 Launching DoS Attack using Low Orbit Ion Cannon (LOIC)
  - 7 Performing Session Hijacking Using DroidSheep
  - 8 Hacking with Orbot Proxy
  - 9 Android-based Sniffers
  - 10 Android Trojans
  - 11 Securing Android Devices
  - 12 Android Security Tool: Find My Device
  - 13 Android Security Tools
  - 14 Android Vulnerability Scanner
  - 15 Android Device Tracking Tools
- Lesson 03- Hacking iOS
  - 1 Apple iOS
  - 2 Jailbreaking iOS
  - 3 iOS Trojans
  - 4 Guidelines for Securing iOS Devices
  - 5 iOS Device Tracking Tools
  - 6 iOS Device Security Tools
- Lesson 04- Mobile Spyware
  - 1 Mobile Spyware
  - 2 Mobile Spyware: mSpy
  - 3 Mobile Spywares
- Lesson 05- Mobile Device Management
  - 1 Mobile Device Management (MDM)
  - 2 Mobile Device Management Solutions
  - 3 Bring Your Own Device (BYOD)
- Lesson 06- Mobile Security Guidelines and Tools
  - 1 General Guidelines for Mobile Platform Security
  - 2 Mobile Device Security Guidelines for Administrator
  - 3 SMS Phishing Countermeasures
  - 4 Mobile Protection Tools
  - 5 Mobile Anti-Spyware
- Lesson 07- Mobile Pen Testing
  - 1 Android Phone Pen Testing
  - 2 iPhone Pen Testing
  - 3 Mobile Pen Testing Toolkit: Hackode
Module 18- IoT Hacking
- Lesson 01- IoT Concepts
  - 1 What is IoT
  - 2 How IoT Works
  - 3 IoT Architecture
  - 4 IoT Application Areas and Devices
  - 5 IoT Technologies and Protocols
  - 6 IoT Communication Models
  - 7 Challenges of IoT
  - 8 Threat vs Opportunity
- Lesson 02- IoT Attacks
  - 1 IoT Security Problems
  - 2 OWASP Top 10 IoT Vulnerabilities and Obstacles
  - 3 IoT Attack Surface Areas
  - 4 IoT Threats
  - 5 Hacking IoT Devices: General Scenario
  - 6 IoT Attacks
  - 7 IoT Attacks in Different Sectors
- Lesson 03- IoT Hacking Methodology
  - 1 What is IoT Device Hacking?
  - 2 IoT Hacking Methodology
- Lesson 04- IoT Hacking Tools
  - 1 Information Gathering Tools
  - 2 Sniffing Tools
  - 3 Vulnerability Scanning Tools
  - 4 IoT Hacking Tools
- Lesson 05- Countermeasures
  - 1 How to Defend Against IoT Hacking
  - 2 General Guidelines for IoT Device Manufacturing Companies
  - 3 OWASP Top 10 IoT Vulnerabilities Solutions
  - 4 IoT Framework Security Considerations
  - 5 IoT Security Tools
- Lesson 06- IoT Pen Testing
  - 1 IoT Pen Testing
Module 19- Cloud Computing
- Lesson 01 - Cloud Computing Concepts
  - 1 Introduction to Cloud Computing
  - 2 Separation of Responsibilities in Cloud
  - 3 Cloud Deployment Models
  - 4 NIST Cloud Computing Reference Architecture
  - 5 Cloud Computing Benefits
  - 6 Understanding Virtualization
- Lesson 02 - Cloud Computing Threats
  - 1 Cloud Computing Threats
- Lesson 03 - Cloud Computing Attacks
  - 1 Service Hijacking using Social Engineering Attacks
  - 2 Service Hijacking using Network Sniffing
  - 3 Session Hijacking using XSS Attack
  - 4 Session Hijacking using Session Riding
  - 5 Domain Name System (DNS) Attacks
  - 6 Side Channel Attacks or Cross-guest VM Breaches
  - 7 SQL Injection Attacks
  - 8 Cryptanalysis Attacks
  - 9 Wrapping Attack
  - 10 Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
  - 11 Man-in-the-Cloud Attack
- Lesson 04 - Cloud Security
  - 1 Cloud Security Control Layers
  - 2 Cloud Security is the Responsibility of both Cloud Provider and Consumer
  - 3 Cloud Computing Security Considerations
  - 4 Placement of Security Controls in the Cloud
  - 5 Best Practices for Securing Cloud
  - 6 NIST Recommendations for Cloud Security
  - 7 Organization/Provider Cloud Security Compliance Checklist
- Lesson 05 - Cloud Security Tools
  - 1 Cloud Security Tools
- Lesson 06 - Cloud Penetration Testing
  - 1 What is Cloud Pen Testing?
  - 2 Key Considerations for Pen Testing in the Cloud
  - 3 Cloud Penetration Testing
  - 4 Recommendations for Cloud Testing
Module 20- Cryptography
- Lesson 01- Cryptography Concepts
  - 1 Cryptography
  - 2 Government Access to Keys (GAK)
- Lesson 02- Encryption Algorithms
  - 1 Ciphers
  - 2 Data Encryption Standard (DES)
  - 3 Advanced Encryption Standard (AES)
  - 4 RC4, RC5, and RC6 Algorithms
  - 5 Twofish
  - 6 The DSA and Related Signature Schemes
  - 7 Rivest Shamir Adleman (RSA)
  - 8 Diffie-Hellman
  - 9 Message Digest (One-Way Hash) Functions
- Lesson 03- Cryptography Tools
  - 1 MD5 Hash Calculators
  - 2 Hash Calculators for Mobile
  - 3 Cryptography Tools
  - 4 Cryptography Tools for Mobile
- Lesson 04- Public Key Infrastructure (PKI)
  - 1 Public Key Infrastructure (PKI)
- Lesson 05- Email Encryption
  - 1 Digital Signature
  - 2 Secure Sockets Layer (SSL)
  - 3 Transport Layer Security (TLS)
  - 4 Cryptography Toolkit
  - 5 Pretty Good Privacy (PGP)
- Lesson 06- Disk Encryption
  - 1 Disk Encryption
  - 2 Disk Encryption Tools
- Lesson 07- Cryptanalysis
  - 1 Cryptanalysis Methods
  - 2 Code Breaking Methodologies
  - 3 Cryptography Attacks
  - 4 Cryptanalysis Tools
  - 5 Online MD5 Decryption Tools
- Lesson 08- Countermeasures
  - 1 How to Defend Against Cryptographic Attacks
Free Course
- {{childObj.title}}
  - {{childObj.childSection.chapter_name}}
    - {{lesson.title}}
  - {{lesson.title}}
View More

View Less

Exam & certification

What are the prerequisites for the certification?

For Certified Ethical Hacker (CEH) training and certification, there is no specific eligibility criteria but we recommend a basic knowledge of TCP/IP.
Is this CEH Certification course accredited?

Yes, our Certified Ethical Hacker course is accredited by EC-Council.
What do I need to do to unlock my Simplilearn certificate?

Attend one complete class of the CEH course.
Until when can I procure exam voucher from Simplilearn?

Your exam voucher fee is included in the price of this ethical hacking course. However, you must procure the CEH exam voucher within 3 months from the date of course purchase. In the event that the CEH exam price does go up and you have not yet booked the exam, you will need to pay the difference in amount to Simplilearn.
How do I schedule my exam?

For assistance in scheduling your exam, reach out to the sales consultant (inside sales manager) or raise a request to the support team of Simplilearn.
What is the validity of my CEH exam voucher?

Exam vouchers are valid for 1 year from the date of course purchase. If you do not book the exam within 1 year from the purchase of the voucher, you will need to buy the voucher again as per the actual price.
Can I ask for refund of exam voucher cost once it is issued to me?

No, exam voucher cost cannot be refunded once it is issued to a learner as we procure this from third party bodies. Simplilearn does not own the voucher policies and cost.
How frequently does the CEH exam fee change?

Exam prices are governed by the certification body and can change. Price changes are typically announced at the end of the calendar year. In case the exam price goes up and you have not yet booked the exam, you will need to pay the difference in amount to Simplilearn.
How do I become CEH Certified?

To become CEH certified, you must pass the CEH examination after either attending CEH training at an Accredited Training Center like Simplilearn, or through self-study. If you self-study, you must fill out an application and submit proof of at least two years of experience in the network security domain.
How much does the CEH certification exam cost?

The CEH certification exam costs $500, plus and an additional eligibility/ registration fee of $100.
Is the CEH examination fees included in the course fee?

Yes, the course fee is inclusive of the CEH examination fee.

What is the blueprint of the CEH v10 examination?

The CEH exam follows the below format:

125 Multiple Choice Questions
Duration: 4 Hours
Test Delivery: ECC EXAM, VUE
Exam Prefix: 312-50 (ECC EXAM), 312-50 (VUE)

CEH Practical exam:

The Certified Ethical Hacker (Practical) is an extension of the CEH certification. The Practical exam is a 6-hour long test which imitates a real network by making use of live virtual machines, networks and applications.

The CEH Practical exam format is:

20 Practical Challenges
Duration: 6 hours
Availability: Aspen – iLabs
Test Format: iLabs Cyber Range
Passing Score: 70%

Here is the blueprint of the exam:

Domains	Weightage	Total Number of items per domain	Objectives/Sub Domain	Total Number of Items Per Sub-Domain
Background	21.79%	27	Network and Communication Technologies	10
			Information Security Threats and Attack Vector	9
			Information Security Technologies	8
Analysis/Assessment	12.73%	16	Information Security Assessment and Analysis	8
Analysis/Assessment	12.73%	16	Information Security Assessment Process	8
Security	23.73%	30	Information Security Controls	15
			Information Security Attack Detection	9
			Information Security Attack Prevention	6
Tools/Systems/Programs	28.91%	36	Information Security Systems	7
			Information Security Programs	5
			Information Security Tools	24
Procedures/Methodology	8.77%	11	Information Security Procedures	5
Procedures/Methodology	8.77%	11	Information Security Assessment Methodologies	6
Regulation/Policy	1.90%	2	Information Security Policies/Laws/ Acts	2
Ethics	2.17%	3	Ethics of Information Security	3

How many attempts do I have to pass the CEH exam?

You are eligible to take the CEH exam no more than five times in a 12-month period. You are not allowed to retake the same version of the exam If you have already passed that version.
How long does it take to receive the CEH Certification exam results and receive my certification?

You will get notification of your results within a few minutes after completing your exam. You will also receive a report with feedback on your performance in the evaluated skillsets.
If I fail the CEH exam, how soon can I retake it and how do I apply for CEH re-examination?

If you do not pass the exam in your first attempt, you can retake it any time, but if you fail in your successive attempts, you will have to wait for 14 days every time to retake the exam.

If you fail an EC-Council exam, you can buy an ECC Exam Center voucher to reappear for the exam.
What is EC-Council’s Exam Fee Refund Policy?

Refunds are not accepted if you fail to pass the test or if your application is not approved.
Do you provide a money back guarantee for the training programs?

Yes. We do offer a money-back guarantee for many of our training programs. Refer to our Refund Policy and submit refund requests via our Help and Support portal.
If I need to cancel my enrollment, can I get a refund?

Yes, you can cancel your enrollment if necessary. We will refund the course price after deducting an administration fee. To learn more, please read our Refund Policy.
How can I learn more about this training program?

Contact us using the form on the right side of any page on the Simplilearn website, or select the Live Chat link. Our customer service representatives can provide you with more details.

Course advisor

Bipin Kulkarni Security Expert, Content review board member at EC-Council

Bipin has 17+ years of experience in architecting physical and cloud infrastructure deployments and security. As an EC-Council board member he is responsible for verifying CEH and ECSA courses. He is a Cloud security expert across public and private domains.

Dean Pompilio Technical Trainer, Owner- Steppingstonesolutions Inc

Mr.Pompilio has been an IT Professional since 1989. He has worn many hats along the way and holds over 20 IT certifications which include EC-Council CEI, CEH, CHFI, CISSP, CISA, CISM. His passion is to help IT professionals achieve their training goals and career growth.

Reviews

Shekhar Pawar Chief Executive Officer at GrassDew IT Solutions Private Limited, Mumbai

Simplilearn is one of the best online learning portals. I had enrolled for CEHV10 - Certified Ethical Hacker Training certification. The course was simple and easy to understand. Overall it was very good. I would recommend it strongly for professional enhancement.

Read more Read less

Vikas Chourasiya Principal Security Engineer @ Blue Jeans Network, Bangalore

I understood many networking concepts and cleared many doubts about penetration testing. This is just a start and I need to practice all the tools that are taught in the course to make a career in the security domain. The instructor is knowledgeable and was able to guide me very well.

Read more Read less

Kallol Kumar Mondal Senior Consultant, GRC @ Wipro, Bangalore

Good, I would like refer my friend for the same course.

Pradeep Varadarajan Bangalore

It was really a fantastic program.

Praveen Valliavalapil Bangalore

The course took me to the next level of awarness - A must for cyber security professionals that need to adopt with defensive and offensive techniques.

Read more Read less

Dhiraj Kumar Bangalore

The course was very nice, learned many new things. The tutor was nice and useful.

Anand Kumar Bangalore

Experienced faculty and excellent facility to make learning enjoyable and enrich.

Habib Ulla Khan GS Bangalore

The training module is been very well structured and delivered. Trainer has been practical working in real time and helped me to get more information on real time security information. Overall feedback, Very Good.

Read more Read less

Rajarshi Barui Cyber Security at PwC India, Kolkata

My experience with Simplilearn is very pleasant. Their support is prompt and excellent. The trainer helped me exceptionally. I appreciate his efforts personally. Thanks Simplilearn.

Read more Read less

Abhishek Sharma Student at G D Goenka, Faridabad

Simplilearn's cyber security course helped me a lot to gain knowledge. The course was really awesome. Thank you Simplilearn.

Sooraj C Bangalore

Excellent training delivered by Simplilearn.

View More View Less

FAQs

How are the Labs conducted?

Labs are conducted on EC Council-designed iLabs. The access period is for six months.
Who are our instructors and how are they selected?

All of our highly qualified trainers are CEH (v10) certified with at least 15 years of experience in ethical hacking training and working in the areas of cybersecurity and IT service and architecture. Each of them has gone through a rigorous selection process that includes profile screening, technical evaluation, and a training demo before they are certified to train for us. We also ensure that only those trainers with a high alumni rating remain on our faculty.
Is this live training, or will I watch pre-recorded videos?

The ethical hacking course is conducted via live virtual classrooms (LVC). They are interactive sessions that enable you to ask questions and participate in discussions during class time. We do, however, provide recordings of each session you attend for your future reference. Classes are attended by a global audience to enrich your learning experience.
What tools do I need to attend the training sessions?
The tools you’ll need to attend the Ethical Hacking Course in Colombo are:
- Windows: Windows XP SP3 or higher
- Mac: OSX 10.6 or higher
- Internet speed: Preferably 512 Kbps or higher
- Headset, speakers and microphone: You’ll need headphones or speakers to hear instruction clearly, as well as a microphone to talk to others. You can use a headset with a built-in microphone, or separate speakers and microphone.
I am not able to access the online course. Who can help me?

Contact us using the form on the right side of any page on the Simplilearn website, select the Live Chat link or contact Help & Support .
How do I become a CEH certified professional?
To become a certified ethical hacker, you’ll want to follow these steps:
1. Register for the Simplilearn CEH training
2. Complete the online classroom training program
3. Practice your techniques on the EC-Council designed ILabs platform
4. Take the certification exam online
5. Once you complete the course work and pass the exam, you will become a certified ethical hacking professional.
How much does CEH Training cost?
We offer CEH training in two modes, which are Online Self Learning and Live Virtual Classroom mode. The prices are dynamic and change periodically. Please refer to the top of this page to know the current price.
Where can I take EC-Council exams?
Simplilearn provides an online exam voucher with the training package, allowing learners to take the certification exam remotely using their computer. The computer must have a webcam and a running Internet connection.
Where can I get my certificates of attendance (COA) if I have completed my training through an EC-Council authorized channel?
The certificates of attendance (COA) can be downloaded from Aspen using your evaluation code, which would have either been emailed to you from EC-Council or is printed on the first page of your courseware. If you cannot find your code you can submit a request to Simplilearn team through the LMS for assistance.
Can I review my answers during the examination?
Yes, you can review your answers before final submission.
How long is the CEH certification valid for?
The CEH certification is valid for three years. You must earn 120 ECE credits to maintain the certification.
How much time will I have to complete the CEH exam?
The exam duration is four hours.
Am I required to sign any agreement prior to the exam?
Yes, EC-Council has developed a number of policies to support the goals of the EC-Council certification program, including:

1. The non-disclosure agreement (NDA)

2. EC-Council Certification Agreement

3. Security and Integrity Policy.
I took training at an accredited training center like Simplilearn but I want to take the online exam remotely in another country. Is this possible?
Simplilearn provides ProctorU vouchers with the training, allowing you to take the final exam from anywhere in the world with a working computer and Internet connection.
How long do I need to wait for my EC-Council certificate after I take the exam?
Your digital certificate will be available to download between 7-10 days from the date of certification in your Aspen account.
How much does a Certified Ethical Hacker make?
CEH professionals on an average make $92,000 in the U.S.
What is online classroom training?
All of the classes are conducted via live online streaming. They are interactive sessions that enable you to ask questions and participate in discussions during class time.
How do I enroll for the online training?
You can enroll for this training on our website and make an online payment using any of the following options:
- Visa Credit or Debit Card
- MasterCard
- American Express
- Diner’s Club
- PayPal
Once payment is received you will automatically receive a payment receipt and access information via email.
Are the training and course material effective in preparing me for the CEH exam?
Yes, Simplilearn’s ethical hacking course materials guarantee success with the CEH Certification exam.
What is covered under the 24/7 support promise?
We offer 24/7 support through email, chat, and calls. We also have a dedicated team that provides on demand assistance through our community forum. What’s more, you will have lifetime access to the community forum, even after completion of your course with us.
What certification will I receive after completing the CEH course?
After successful completion of the CEH course training, you will be awarded an industry-recognized course completion certificate from Simplilearn.
What If I miss a session?
We provide recordings of each session you attend for your future reference.
What is Global Teaching Assistance?
Our teaching assistants are a dedicated team of subject matter experts here to help you get certified on your first attempt. They engage students proactively to ensure the course path is being followed and help you enrich your learning experience from class onboarding to project mentoring and job assistance. Teaching Assistance is available during business hours.

View More View Less

CEH (v10) - Certified Ethical Hacker Training in Colombo, Sri Lanka

Corporate Training Solutions

Course description

What are the course objectives?

Why is the CEH certification so desirable?

What skills will you learn in the Ethical Hacking course in Colombo?

Who should take the Ethical Hacking Course?

What is CEH certification?

Tools covered

Course preview

Module 01- Introduction to Ethical Hacking

Lesson 01 - Information Security Overview

1 Demo of Aspen and iLabs

2 Internet is Integral Part of Business and Personal Life - What Happens Online in 60 Seconds

3 Essential Terminology

4 Elements of Information Security

5 The Security, Functionality, and Usability Triangle

Lesson 02 - Information Security Threats and Attack Vectors

1 Motives, Goals, and Objectives of Information Security Attacks

2 Top Information Security Attack Vectors

3 Information Security Threat Categories

4 Types of Attacks on a System

5 Information Warfare

Lesson 06 - Penetration Testing Concepts

1 Penetration Testing

2 Why Penetration Testing

3 Comparing Security Audit, Vulnerability Assessment, and Penetration Testing

4 Blue Teaming/Red Teaming

5 Types of Penetration Testing

6 Phases of Penetration Testing

7 Security Testing Methodology

Lesson 03 - Hacking Concepts

1 What is Hacking

2 Who is a Hacker?

3 Hacker Classes

4 Hacking Phases

Lesson 04 - Ethical Hacking Concepts

1 What is Ethical Hacking?

2 Why Ethical Hacking is Necessary

3 Scope and Limitations of Ethical Hacking

4 Skills of an Ethical Hacker

Lesson 05 - Information Security Controls

1 Information Assurance (IA)

2 Information Security Management Program

4 Enterprise Information Security Architecture (EISA)

5 Network Security Zoning

6 Defense in Depth

7 Information Security Policies

8 Physical Security

10 What is Risk?

11 Threat Modeling

12 Incident Management

13 Security Incident and Event Management (SIEM)

14 User Behavior Analytics (UBA)

15 Network Security Controls

16 Identity and Access Management (IAM)

17 Data Leakage

18 Data Backup

19 Data Recovery

20 Role of AI/ML in Cyber Security

Lesson 07 - Information Security Laws and Standards

1 Payment Card Industry Data Security Standard (PCI-DSS)

2 ISO/IEC 27001:2013

3 Health Insurance Portability and Accountability Act (HIPAA)

4 Sarbanes Oxley Act (SOX)

5 The Digital Millennium Copyright Act (DMCA)

6 Federal Information Security Management Act (FISMA)

7 Cyber Law in Different Countries

Module 02- Footprinting and Reconnaissance

Lesson 01 - Footprinting Concepts

1 What is Footprinting?

2 Objectives of Footprinting

Lesson 02 - Footprinting through Search Engines

1 Footprinting through Search Engines

2 Footprinting using Advanced Google Hacking Techniques

3 Information Gathering Using Google Advanced Search and Image Search

4 Google Hacking Database

5 VoIP and VPN Footprinting through Google Hacking Database

Lesson 03 - Footprinting through Web Services

1 Finding Company’s Top-level Domains (TLDs) and Sub-domains