Ethical Hacking, as name suggests, is an ethical way of working with technology to find out weaknesses of a system, taking it to the next level for further development. Hacking is never illegal; it is an action of using skills and advanced techniques on a target to gain information about a system and its surroundings, though it depends on the nature of the person who is performing the action. The main focus of the Ethical Hacking and IT Security course is to train the student into an interactive environment where the student will learn the skills of performing vulnerability assessment, pen-testing of systems and networks, patching the weaknesses, making reports of scanned vulnerabilities.
The students will learn all aspects of ethical hacking and information security, which will enhance their skills making them confident in handling situations like zero-day incidence response, data-theft management, incidental data lost or an Intrusion by the unauthorized. As almost every organization now days have its own website, database servers, which handle and stores confidential data related to the future and on-going projects, staff details, customer’s details, member’s login credentials, credit card details and other sophisticated data. An Information Security Expert is a first Priority personal required for the security of this data.
Module-1 Introduction to ethical hacking
The meaning of the ethical hacking and the ethical hacker is used to define the hacking performed by an organization or a person to help in the identification of the threats in a network or electronics. Ethical hackers can undertake an effort to penetrate networks and evade way previous the computer securities and examine any points that could be exploited through the malicious hackers.
Introduction to ethical hacking introduces the general principle of hacking, history of hacking, famous hackers, phases of hacking, ethical hacking industry practices, difference between ethical hacker and malicious hacker and types of hackers.
Module-2 Foot printing and reconnaissance
Foot printing and reconnaissance is the initial phase and very essential evil that penetration tester used to assess for the IT infrastructure security and indicates the maximum figures about the devices and networks.
The basics techniques used for foot printing is ping sweep and TCP Scans.
Module summarizes the foot printing concepts, objectives of foot printing, footprint methodology like- footprint through search engines, finding company’s external and internal URLs, collect location information, people search online services, people search on social networking services, foot printing through job sites, website foot printing, website mirroring tools, extract website information, email foot printing, tracking email communications, collecting information from email header, email tracking tools.
Apart from this, it is also comprises the foot printing using Google, Google hacking techniques, Google advance search operators, Google hacking tool, Google hacking database (GHDB), DNS foot printing, foot printing through social engineering and foot printing tools such as maltego, DNSEnum, Dmitr etc.
Module-3 Scanning network
Network scanning is a procedure to finding information and identifying the attacker, IP address and so on. The module structure covers the introduction of scanning, introduction of ports and protocols, types of scanning - port scanning, network scanning and vulnerability scanning. Objective of scanning - detect live systems on network, discover open ports on system, OS detection, service detection and version detection, obtaining IP from host, obtaining host from IP, discover IP addresses in network and overview of TCP. The introductory part of scanning tool like – Nmap, Host, NBT scan, Fping, Alive6, Netcat, Vega and Nessus.
First attack on target network is enumeration. It is procedure to take all information of the user, user name, machine information, resources of networks, services etc. In this module, you will be introduced with the enumeration. The fundamentals of the enumeration concepts and techniques are included in this module. You will be introduced with the enumeration, services and ports to enumerate.
Module-5 System hacking
Password hacking are divided into four categories – active online attacks, offline attacks, passive online attacks and non-technical attack. system hacking module completely comprises the information at hand before system hacking stage, system hacking - cracking password, window hacking by Ophcrack, window hacking by hiren boot, window hacking by CMD, and Linux hacking.
Module-6 Trojans and backdoors
Trojans is a programme that pretenses as a benevolent application. The main Trojan horses are Data Sending Trojans, Proxy Trojans, Destructive Trojans, Remote Access Trojans, FTP Trojans, security software disabler Trojans and denial-of-service attack (DoS) Trojans. Backdoor is way of accessing a programme or in the meaning of the entire computer system. It is also known as trapdoor.
The structure of the module will define you to concepts of Trojans, Trojan creators, indications of a Trojan attack, Trojan infection, Trojan Tools, and the detection methods of Trojan.
Module-7 Viruses and worms
Virus, Trojans, Worms etc. are the part of the malware or malicious software. All these are specially designed to steal, harm, and interrupt the networks. Virus is very harmful for computer and it attached itself and spread from one to another systems and infect the systems. Worms are classified as a sub class of virus. In the additional nature, worms spread from system to system without any human actions. Both are malicious program that self-replicate on systems or through computer networks without any awareness of the user being. Subclasses of malware programs contains - Email-Worm, Net-Worm, IM-Worm, IRC-Worm, P2P-Worm etc.
The module will introduce you to the nature of viruses and worms, difference between viruses and worms, key loggers, virus detection methods, virus and worms countermeasures.
It covers all the aspects of the sniffing such as overview of sniffing, types of sniffing, active and passive, introduction to ARP poisoning, MITM, sniffing tools- ettercap, cain and able and wireshark.
Module-9 Session hijacking
In the field of application security, session hijacking is very ancient and repetitive topic. The module will focus on introduction to session hijacking, difference between spoofing and hijacking, steps of session hijacking, types of session hijacking, brief introduction of TCP, three way handshake, client-server model - two-tier and three-tier.
Module-10 Social engineering
It is the resources of the information. The module will comprise the concepts of social engineering, behaviors vulnerable to attacks, factors that make companies vulnerable to attacks, social engineering techniques, types of social engineering such as human based, system based and mobile based.
Module-11 Denial of service (DoS)
An attack is an event in which a user or association is deprived of the services of a store they would usually expect to have, is known as Denial of Service (DoS). Module will describe you to the concepts of DoS, Denial of Service attack, symptoms of a DoS attack, Cyber Criminals and Case Studies.
Module-12 Hacking webserver
Hacking webserver, introduction to web server, introduction to database and the hacking webserver with Metasploit would be comprising in this module.
Module-13 SQL injection
It is a code injection method used to attack the data-driven application in which malware SQL statements are inserted into an entry field for implementation. The module will introduce you to the basics of SQL injection, vulnerability testing for SQL injection, SQL injection cheat sheet, SQL injection tools like SQL MAP and Havij.
Module-14 Hacking wireless networks
Hacking wireless network will describe you to the concepts of the wireless, wireless standards, service set identifier (SSID), Wi-Fi authentication modes, Wi-Fi authentication process using a centralized authentication server, wireless encryption, types of wireless encryption and its works.
Module 15 Evading IDS, firewalls and honeypot
The Intrusion detection system (IDS) classifies any doubtful pattern that may show an attack that could co-operation the computer. Module will define you to the concepts of IDS, firewall and honeypot concepts, IDS and their placement, IDS Works, firewall, and the introduction of honeypot.
Module-16 Buffer overflow
When any programme efforts to store extra data in a buffer than it was intended to hold after that occurs the buffer overflow. It will familiarize you to the basic concepts of buffer overflow, buffer overflow counter-measures, defense against buffer overflows and prevention of BOF attacks.
Module 17 Cryptography
Cryptography is a crucial tool for protecting info in systems. This course explains cryptography concepts, types of cryptography, and the algorithms such as symmetric, asymmetric and hash.
Module 18 Penetration testing
Penetration testing is a tool to test and evaluate the security and of a system, networks to catch vulnerabilities that an attacker could exploit. The module will comprises the concepts of pen testing, security assessments, security audit, vulnerability assessment, limitations of vulnerability assessment, and types of pen testing like- black-box penetration testing, grey-box penetration testing and white-box penetration testing.
Module 19 Mobile hacking
This module will introduce you to the mobile hacking methods, call spoofing, message spoofing, hacking codes and hacking android OS.
Module 20 Stenography
The students will understand the basics of stenography, hiding text behind image, hiding image behind image, hiding video behind image, hiding text behind text and drive hiding. It also covers the necessary tools of the stenography.
ONLINE EXAMINATION AND EVALUATION PROCESS
The mode of examination will be online for the students enrolled in online courses. After the completion of the respective course duration, you would have access to your examination portal on the allotted date and time, and accordingly you would be notify by the concerned authorities to check mails, so that you must give your examination in allocated date and time on our online examination portal.
TYPES OF QUESTIONS
You will have combination of Multiple Choice Questions, in the form of multiple option, True & False, Fill in the Blanks, Match the Following, Sequences Questions, Multiple Response Questions, Passage and Image Description form.
The complete correction and evaluation takes about two weeks. After the evaluation process is finally done, the mark sheets and certificates are posted on to the given postal address by address confirmation. If any change in postal address student must notify after completion of Examination.
Note: Every student must have to check email for examination notifications and other updates. Also you have update your recent postal address and so on.
SIFS INDIA, provides online education for certificate, Diploma, and PG Diploma courses in the Forensic Science discipline. The Forensic Science programmes are appropriate for all students of any discipline. The course is ideal for those who, whim to secure a stand-alone certification in Forensic Science and whose first degree is in an unrelated field. We aims to provide a thorough education in Forensic Science from a variety of perspectives with multiple dimensions.
After completion of the enrollment processes, a username and password would be generate and provide you through email to access e-books and study materials allied to your programme code within five working days.
Complete Learning of Statement (LOS)
In online education, lectures might be conducted online via Learning Management System (LMS) and instant chatting or messaging. Some course have ‘virtual’ classes; where the enrolled students participate through webcams sources. Through your unique username and password, students can access their profile, study materials, instructor guidance, assignments, quizzes, examination, scores, and so on.
Make important bookmark for future access
In Every LOS, we are constantly reviewing the latest study materials being the very finest course material now available for your programme code. We provides the modified technology inside the portal likewise; the bookmark option to build a specified learning process. Bookmark is also an advantageous for future access. Your learning methods would be helpful to choose objectives. Bookmark giving you the chance to study exactly; what you need in directive to improvement.
Make your own notes
Go Paperless! Online database are much easier than searching through paper files. LOS giving you the note preparation option at the time of study. It would be great method to create and deploy your own written notes for future admittance.
Take multiple quizzes for practice exam
LMS is the best virtual learning systems; to use their own login portal. Multiple quizzes are the most of the latest questions and updates related to the LOS. It would be flexible to practice for examination preparation.
Interact with your instructor for your queries.
Online learning system also provides a forum for discussion with instructor, where you can post and quickly ask your quarries, enhance and collaborate your learning experiences. It would be hard to mature a relationship with your online instructor, you may never meet, but it is worth the exertion to keep communicating and contacting through the online support system.
The assignment submission process diverges depending upon the course you enrolled. Assignment is definitely the indispensable thing in order to complete your programme. It comprises 5 questions with 1000 word limit. Assignment carries a 100% weightage for evaluation of examination. Some key instructions to get good grade in your assignment such as-
1. Read the study materials in depth from portal LOS.
2. Understand the assignment questions and keep within the word limit.
3. Write the assignments yourself which should be plagiarism free.
4. Complete the assignments in given duration and submit after date you will not able to access the assignment.
5. Write your answers in the appropriate format and add the references at the end of your assignment etc.
Online examination system is designed to offer you with an education wherever you are. There are a wide range multiple options. After the completion of the respective course duration, you would have access to your examination portal on the allotted date and time. In LMS examination procedure, you will allocated for examination in a particular time, so that you must give your examination in allocated date and time on your online examination portal.
Note: 1.You must have to complete your examination in given time period accordingly to your course instructor. You cannot attempt your examination twice.
2. If you are not able to attempt your examination, you must to inform your instructor prior the time period and give specific reason to conduct re-schedule examination date*.