Certified Security Specialist (ECSS)

Seminarinformationen

Seminar - Ziel

In diesem 5-tägigen Seminar „Certified Security Specialist (ECSS)“ des EC-Council erwerben Sie umfassendes Wissen in den Bereichen Informations- und Netzwerksicherheit. Sie beschäftigen sich mit grundlegenden Sicherheitskonzepten, den Aufbau und Schutz von Netzwerken sowie typischen Bedrohungen und Schwachstellen.

Im Seminar lernen Sie unter anderem sichere Netzwerkprotokolle, gängige Angriffsarten und Social-Engineering-Methoden kennen. Sie werden mit den Phasen des Hacking-Zyklus vertraut gemacht und erhalten Einblicke in Themen wie Identifikation, Authentifizierung, Autorisierung und Kryptografie. Weitere Inhalte umfassen Firewalls, Intrusion Detection Systeme (IDS), Datensicherung, VPNs, Sicherheit in drahtlosen Netzwerken, Web Security, Ethical Hacking, Incident Response und digitale Forensik. Auch das Sammeln digitaler Beweise und das Erstellen forensischer Berichte sind Bestandteil des Trainings.

Ziel des Seminars ist es, Sie in die Lage zu versetzen, Sicherheitslücken frühzeitig zu erkennen, Angriffen effektiv entgegenzuwirken und geeignete Reaktions- und Schutzmaßnahmen zu ergreifen. Nach Abschluss sind Sie befähigt, Sicherheitslösungen für IT-Umgebungen zu planen und umzusetzen sowie bei Sicherheitsvorfällen professionell zu handeln.

Das Seminar wird von einem zertifizierten EC-Council-Trainer geleitet. Die Prüfungsgebühr ist im Preis inbegriffen.

Teilnehmer - Zielgruppe

Diese Schulung richtet sich an Personen, die ihre Kompetenzen vertiefen und ausbauen möchten, um in den Bereichen der Informationssicherheit, Netzwerksicherheit und Computerforensik erfolgreich eine Karriere zu verfolgen.

Kurs - Voraussetzungen

Für diesen Kurs müssen Sie keine speziellen Erfahrungen mitbringen.

Seminardauer

• 5 Tage
• 09:00 Uhr bis 17:00 Uhr

Schulungsunterlagen

• nach Absprache

Seminar-Inhalt / Agenda

Network Security Fundamentals

• Understand Fundamentals of Network Security
• Discuss Essential Network Security Protocols

Identification, Authentication and Authorization

• Discuss Access Control Principles, Terminologies, and Models
• Discuss Identity and Access Management (IAM) Concepts

Network Security Controls -Administrative Controls

• Discuss Various Regulatory Frameworks, Laws, and Acts
• Learn to Design and Develop Security Policies
• Learn to Conduct Different Type of Security and Awareness Training

Network Security Controls - Physical Controls

• Understand the Importance of Physical Security
• Discuss Various Physical Security Controls
• Describe Workplace Security
• Describe Various Environmental Controls

Network Security Controls -Technical Controls

• Understand Different Types of Network
• Understand Different Types of Firewalls and their Role
• Understand Different Types of IDS/IPS and their Role
• Understand Different Types of Honeypot
• Understand Different Types of Proxy Servers and their Benefits
• Discuss Fundamentals of VPN and its importance in Network Security
• Discuss Security Incident and Event Management (SIEM)
• Discuss User Behavior Analytics (UBA)
• Understand Various Antivirus/Anti-malware Software

Virtualization and Cloud Computing

• Understand Virtualization Essential Concepts and OS Virtualization Security
• Understand Cloud Computing Fundamentals
• Discuss the Insights of Cloud Security and Best Practices

Wireless Network Security

• Understand Wireless Network Fundamentals
• Understand Wireless Network Encryption Mechanisms
• Discuss Different Types of Wireless Network Authentication Methods

Mobile Device Security

• Understand Various Mobile Device Connection Methods
• Discuss Mobile Device Management Concepts
• Discuss Common Mobile Usage Policies in Enterprises
• Discuss Security Risk and Guidelines Associated with Enterprises Mobile Usage Policies
• Discuss and Implement Enterprise-level Mobile Security Management Solutions
• Discuss and Implement General Security Guidelines and Best Practices on Mobile Platforms

IoT Device Security

• Understand IoT Devices, Application Areas, and Communication Models
• Discuss the Security in IoT-enabled Environments

Cryptography and PKI

• Discuss Cryptographic Techniques
• Discuss Various Cryptographic Algorithms
• Discuss Various Cryptography Tools
• Discuss Public Key Infrastructure (PKI)

Data Security

• Understand Data Security and its Importance
• Discuss Various Security Controls for Data Encryption
• Discuss Data Backup and Retention
• Discuss Data Loss Prevention Concepts

Network Traffic Monitoring

• Understand the Need and Advantages of Network Traffic Monitoring
• Determine Baseline Traffic Signatures for Normal and Suspicious Network Traffic
• Perform Network Monitoring for Suspicious Traffic

Information Security Fundamentals

• Discuss Information Security Fundamentals
• Discuss Various Information Security Laws and Regulations

Ethical Hacking Fundamentals

• Understand Cyber Kill Chain Methodology
• Discuss Hacking Concepts and Hacker Classes
• Understand Different Phases of Hacking Cycle
• Discuss Ethical Hacking Concepts, Scope, and Limitations
• Ethical Hacking Tools

Information Security Threats and Vulnerability Assessment

• Define Threat and Threat Sources
• Define Malware and its Types
• Define Vulnerabilities
• Define Vulnerability Assessment

Password Cracking Techniques and Countermeasures

• Discuss Password Cracking Techniques
• Discuss Password Cracking Tools
• Discuss Password Cracking Countermeasures

Social Engineering Techniques and Countermeasures

• Discuss Social Engineering Concepts and its Phases
• Discuss Social Engineering Techniques
• Discuss Insider Threats and Identity Theft
• Discuss Various Social Engineering Countermeasures

Network Level Attacks and Countermeasures

• Understand Packet Sniffing Concepts
• Discuss Sniffing Techniques
• Discuss Sniffing Countermeasures
• Discuss Types of DoS and DDoS Attacks
• Discuss DoS and DDoS Attack Countermeasures
• Discuss Types Session Hijacking Attacks
• Discuss Session Hijacking Attack Countermeasures

Web Application Attacks and Countermeasures

• Discuss Various Web Server Attacks
• Discuss Web Server Attack Countermeasures
• Understand Web Application Architecture and Vulnerability Stack
• Discuss Web Application Threats and Attacks
• Discuss Web Application Attack Countermeasures
• Discuss Types of SQL Injection Attacks
• Discuss SQL Injection Attack Countermeasures

Wireless Attacks and Countermeasures

• Understand Wireless Terminology
• Discuss Different Types of Wireless Encryption
• Describe Wireless Network-specific Attack Techniques
• Understand Bluetooth Attacks
• Discuss Wireless Attack Countermeasures

Mobile Attacks and Countermeasures

• Understand Mobile Attack Anatomy
• Discuss Mobile Platform Attack Vectors and Vulnerabilities
• Understand Mobile Device Management (MDM) Concept
• Discuss Mobile Attack Countermeasures

IoT and OT Attacks and Countermeasures

• Understand IoT Concepts

• Discuss IoT Threats and Attacks

• Discuss IoT Attack Countermeasures

• Understand OT Concepts

• Discuss OT Threats and Attacks

• Discuss OT Attack Countermeasures

Cloud Computing Threats and Countermeasures

• Understand Cloud Computing Concepts
• Understand Container Technology
• Discuss Cloud Computing Threats
• Discuss Cloud Attack Countermeasures

Penetration Testing Fundamentals

• Understand Fundamentals of Penetration Testing and its Benefits
• Discuss Strategies and Phases of Penetration Testing
• Guidelines and Recommendations for Penetration Testing

Computer Forensics Fundamentals

• Understand the Fundamentals of Computer Forensics
• Understand Digital Evidence
• Understand Forensic Readiness
• Identify the Roles and Responsibilities of a Forensic Investigator
• Understand Legal Compliance in Computer Forensics

Computer Forensics Investigation Process

• Understand the Forensic Investigation Process and its Importance
• Forensic Investigation Process - Preinvestigation Phase
• Forensic Investigation Process - Investigation Phase
• Forensic Investigation Process - Postinvestigation Phase

Understanding Hard Disks and File Systems

• Describe Different Types of Disk Drives and their Characteristics
• Explain the Logical Structure of a Disk
• Understand Booting Process of Windows, Linux, and Mac Operating Systems
• Understand Various File Systems of Windows, Linux, and Mac Operating Systems
• Examine the File System

Data Acquisition and Duplication

• Understand Data Acquisition Fundamentals
• Discuss Different Types of Data Acquisition
• Determine the Data Acquisition Format
• Understand Data Acquisition Methodology

Defeating Anti-forensics Techniques

• Understand Anti-forensics and its Techniques
• Discuss Anti-forensics Countermeasures

Windows Forensics

• Collect Volatile and Non-Volatile Information
• Perform Windows Memory and Registry Analysis
• Examine Cache, Cookie, and History Recorded in Web Browsers
• Examine Windows Files and Metadata

Linux and Mac Forensics

• Understand Volatile and Non-Volatile Data in Linux
• Analyze Filesystem Images Using The Sleuth Kit
• Demonstrate Memory Forensics
• Understand Mac Forensics

Network Forensics

• Understand Network Forensics Fundamentals
• Understand Event Correlation Concepts and Types
• Identify Indicators of Compromise (IoCs) from Network Logs
• Investigate Network Traffic

Investigating Web Attacks

• Understand Web Application Forensics
• Understand IIS and Apache Web Server Logs
• Investigating Web Attacks on Windowsbased Servers
• Detect and Investigate Various Attacks on Web Applications

Dark Web Forensics

• Understand the Dark Web
• Understand Dark Web Forensics
• Perform Tor Browser Forensics

Investigating Email Crimes

• Understand Email Basics
• Understand Email Crime Investigation and its Steps

Malware Forensics

• Understand Malware, its Components and Distribution Methods
• Understand Malware Forensics Fundamentals and Recognize Types of Malware Analysi
• Perform Static Malware Analysis
• Analyze Suspicious Word Documents
• Perform Dynamic Malware Analysis
• Perform System Behavior Analysis
• Perform Network Behavior Analysis

Weitere Schulungen zu Thema EC-Council