Course Outline
Day 1: Overview of cybersecurity, ethical hacking and contemporary architecture
Day 2: Active recognition
Day 3: System operation
Day 4: Exploitation and post-exploitation, and report drafting
Day 5: Certification Exam
Learning objectives
- Understand the fundamental concepts of ethical hacking and the required technical knowledge to perform and manage penetration tests;
- Master the concepts, approaches, standards, methods, and techniques used for the operation of an effective ethical hacking process;
- Acquire the expertise to conduct a penetration test following a logical path by using a variety of tools and techniques;
- Develop the expertise to analyze the results of testing activities and produce effective reports which will help organizations to effectively address vulnerabilities;
- Strengthen the personal qualities necessary to act with due professional care when conducting penetration tests;
- Be able to define and explain the different phases of cyberattacks;
- Become acquainted with the different tools used to collect information before performing any attack;
- Learn about the different attacks that affect the security of an organization's network;
- Learn how to perform the different steps comprising a penetration test (ethical hacking) and its associated tools by obtaining information, scanning, enumeration and attack processes;
- Learn about the most important aspects of Distributed Denial of Service (DDoS) attacks and their tools;
Educational approach
- This training is based on both theory and practical exercises. The percentage ratio for the theoretical and practical part of the training is 40% and 60% respectively. Practical exercises are combined with tutorials to help the candidates acquire the required skills.
- The laboratory environment is intensive, providing in-depth knowledge and practical experience regarding current security systems to each candidate.
- Learning by doing: The participant will engage in scenarios, situations and decision-making that he or she will most probably face during his or her professional life.
- Practical tests are similar to the Certification Exam.
Examination
The “PECB Certified Lead Ethical Hacker” exam meets all the requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competency domains:
Domain 1: Fundamental principles and concepts of ethical hacking
Domain 2: Attack mechanisms
Domain 3: Principles and reference frameworks on penetration tests
Domain 4: Planning and performing penetration tests using various tools and techniques
Domain 5: Drafting penetration testing reports
The examination consists of two parts. The first part is a paper-based exam, which consists of essay-type questions. The second part is rather technical, where the candidate will be required to conduct penetration testing exercises on a computer and draft a report of the analysis.
Participants are authorized to use their personal notes during both the paper-based exam as well as the practical part of the exam.
For more information about exam details, please visit Examination Rules and Policies.
Certification
After successfully completing the exam, you can apply for the credentials shown on the table below. You will receive a certificate once you comply with all the requirements related to the selected credential. For more information about Ethical Hacking certifications and the PECB certification process, please refer to the Certification Rules and Policies.
To be considered valid, activities related to ethical hacking and penetration testing should follow best practices and include the following activities:
- Understanding the scope of ethical hacking
- Defining a penetration testing approach
- Understanding the steps that should be followed during an ethical hacking process
- Defining the penetration testing criteria
- Evaluating pen test scenarios and treatment options
- Understanding the methods that help in increasing the security of operation systems
- Reporting the penetration testing results
Requirements
A fundamental knowledge of Information Security, and advanced skills in operating systems (e.g., Microsoft, Linux, etc.) is required. Furthermore, it is desirable for the candidate to have knowledge on computer networks, the use of operating systems and the notions of programming.
Testimonials (11)
Overview of Risk topics and preparing for exam
Leszek - EY GLOBAL SERVICES (POLAND) SP Z O O
Course - CRISC - Certified in Risk and Information Systems Control
Lap Qradar
Sutthikan Noisombat - NTT
Course - IBM Qradar SIEM: Beginner to Advanced
The simple explanation of the trainer
Mohammed salem - Palestinian Police
Course - Open Source Intelligence (OSINT) Advanced
Accessing tools and being able to ask questions to someone friendly who I felt wouldn't judge me
Kiara
Course - Open Source Cyber Intelligence - Introduction
A wide range of knowledge of the lecturer.
Marcin Szklarski - Santander Consumer Bank
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
Lot's of information explained very well. Good examples, interesting exercises. Trainer showed us his real world experience.
Gergely Bathó - GE Medical Systems Polska Sp. Z O.O.
Course - Application Security for Developers
The Burpe suite i need more training in this
Gontse Ntshegi - Vodacom
Course - Android Security
Me gustó ver desarrollo seguro en ASP.NEt pero hicieron falta ejercicios práticos para implementar en el dia a dia de los desarrolladores
Alma Xocua - PASE, Servicios Electrónicos S.A. de C.V.
Course - Comprehensive C# and .NET Application Security
Azure web security, it was more what i was expecting, the penetration testing i would never do in my job
Toby
Course - Application Security in the Cloud
the balance between lectures and practice, the rhythm, the trainer knowledge and pedagogic skill
Armando Pinto - EID
Course - C/C++ Secure Coding
Pushing changes on an ongoing basis, when on the 3rd day I started to get more lost than before and it was harder to spot the error quickly, I was quickly able to check out the latest changes and stay up to date with the material
Paulina
Course - Advanced Java Security
Machine Translated