EC-Council


International Council of E-Commerce Consultants, also known as EC-Council, is a multidisciplinary institution of global Information Security organization, dedicated at creating knowledge, facilitating innovation, executing research, implementing development, and nurturing subject matter experts in-order to provide their unique skills and niche expertise in cyber security. The world’s leading organizations including the Pentagon, White House, US Army, US Navy, DoD, FBI, Microsoft, IBM, and the United Nations have trusted EC-Council to develop and advance their security infrastructure. 40+ Certifications with Content Created & IP Owned by EC-Council | 237,000+ Certified Members | 3000+ Tools & Technologies | 2800+ Training Partners | 2000+ Certified Instructors | 350+ Subject Matter Experts | Presence in 145+ Countries | Training Modes - Classroom Training (ILT), Live Online Training (VILT) & Self-paced Training

Our Cyber Security Course Portfolio

  • Computer & Network Security Fundamentals
  • Vulnerability Assessment & Penetration Testing (Including Ethical Hacking)
  • Cyber Forensics
  • Network Defence and Operations
  • Software Securities
  • Governance
  • Certifications

    Certified Ethical Hacker (CEH) – 40 Hours / 5 Days

    Overview

    Certified Ethical Hacker (CEH) course is a comprehensive ethical hacking and information systems security assessment program focusing on latest security threats, advanced attack vectors and practical real time demonstration of latest hacking techniques, methodologies, tools, tricks and security measures. This cyber security course also focuses on the latest hacking attacks targeted to mobile platform and tablet computers and covers countermeasures to secure mobile infrastructure. It addresses latest development in mobile and web technologies including Andriod OS 4.1 and Apps, iOS 6 and Apps, BlackBerry 7 OS, Windows Phone 8 and HTML 5.

    The Certified Ethical Hacker (CEH) is a core training program for an information security professional, also referred to as a white-hat hacker, who systematically attempts to inspect network infrastructure with the consent of its owner to find security vulnerabilities which a malicious hacker could potentially exploit. The course helps you assess the security posture of an organization by identifying vulnerabilities in the network and system infrastructure to determine if unauthorized access is possible. The Certified Ethical Hacker program is the most comprehensive Ethical Hacking program in the world.

    This program will train you on the most advanced tools and techniques used by black and grey hat hackers alike to break into an organization to assess, document, and remediate vulnerabilities from a vendor neutral perspective. CEH will put you in the driver’s seat of an interactive, hand’s-on learning environment that challenges you to test the integrity of systems and networks by hacking them!


    Course Benefits
  • Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
  • Inform the public that credentialed individuals meet or exceed the minimum standards.
  • Reinforce ethical hacking as a unique and self-regulating profession.
  • Exam Info
  • Number of Questions: 125
  • Test Duration: 4 Hours
  • Test Format: Multiple Choice
  • Test Delivery: ECC EXAM, VUE
  • Exam Prefix: 312-50 (ECC EXAM), 312-50 (VUE EXAM)

  • CEH Practical Exam E/V (CEH) - 6 Hours Exam

    CEH Practical is a 6-hour, rigorous exam that requires you to demonstrate skills and abilities of ethical hacking techniques such as:

  • Port scanning tools (e.g., Nmap, Hping)
  • Vulnerability detection
  • Attacks on a system (e.g., DoS, DDoS, session hijacking, webserver and web application attacks, SQL injection, wireless threats)
  • SQL injection methodology and evasion techniques
  • Web application security tools (e.g., Acunetix WVS)
  • SQL injection detection tools (e.g., IBM Security AppScan)
  • Communication protocols and more…
  • Port scanning tools (e.g., Nmap, Hping)
  • Vulnerability detection
  • Attacks on a system (e.g., DoS, DdoS, session hijacking, webserver and web application attacks, SQL injection, wireless threats)
  • SQL injection methodology and evasion techniques
  • Web application security tools (e.g., Acunetix WVS)
  • SQL injection detection tools (e.g., IBM Security AppScan)
  • Communication protocols
  • Scanning (e.g., Port scanning, banner grabbing, vulnerability scanning, network discovery, proxy chaining, IP spoofing)
  • Cryptography
  • Cryptography toolkit (e.g., OpenSSL)
  • Web server attack methodology
  • Operating environments (e.g., Linux, Windows, Mac)
  • Web application hacking methodology
  • Encryption algorithms
  • System hacking (e.g., password cracking, privilege escalation, executing applications, hiding files, covering tracks)
  • Vulnerability scanning
  • Exploitation tools
  • Application/file server
  • Database structures
  • Wireless and Bluetooth hacking methodology
  • Wireless terminologies
  • Wireless encryption
  • Network/wireless sniffers (e.g., Wireshark, Airsnort)
  • Malware (e.g., Trojan, virus, backdoor, worms)
  • Botnet
  • Malware analysis
  • Network sniffing
  • Backups and archiving (e.g., local, network)
  • Data analysis
  • Log analysis tools
  • Cryptanalysis tool (e.g., CrypTool)

  • This is the next step to become a CEH Master after you have achieved your CEH certification. Within CEH Practical you will have a limited amount of time to complete 20 challenges testing your skills and proficiency in a performance-based cyber range. This exam is NOT a simulation and incorporates a live corporate network of VM’s and applications with solutions to uncover vulnerabilities.

    CEH Masters

    Upon Completing the CEH (Master) program, consisting of CEH and CEH (Practical), the CEH (Master) designation is awarded. Once you have achieved both the CEH and CEH Practical certifications you are now a CEH Master. CEH Masters have shown proficiency at a master level in the Knowledge, Skills, and abilities of Ethical Hacking with a total 6 hours of testing to prove their competency.


    Computer Hacking Forensic Investigator (CHFI) – 40 Hours / 5 Days

    Overview

    Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer crime in today’s cyber world is on the rise. Computer Investigation techniques are being used by police, government and corporate entities globally and many of them turn to EC-Council for our Computer Hacking Forensic Investigator CHFI Certification Program. Computer Security and Computer investigations are changing terms. More tools are invented daily for conducting Computer Investigations, be it computer crime, digital forensics, computer investigations, or even standard computer data recovery. The tools and techniques covered in EC-Council’s CHFI program will prepare the student to conduct computer investigations using groundbreaking digital forensics technologies. Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information known as computer data recovery.


    Course Benefits
  • Perform electronic evidence collections
  • Perform digital forensic acquisitions
  • Conduct thorough examinations of computer hard disk drives and other electronic data storage media
  • Utilize forensic tools and investigative methods to find electronic data, including Internet use history, word processing documents, images and other files
  • Perform anti-forensics detection
  • Apply advanced forensic tools and techniques for attack reconstruction
  • Exam Info
  • Number of Questions: 150
  • Test Duration: 4 Hours
  • Test Format: Multiple Choice
  • Test Delivery: ECC EXAM
  • Exam Prefix: 312-49 (ECC EXAM)
  •  

    Who Is It For?

    The CHFI program is designed for all IT professionals involved with information system security, computer forensics, and incident response.

    ·         Target Audience

    ·         Police and other law enforcement personnel

    ·         Defense and Military personnel

    ·         e-Business Security professionals

    ·         Systems administrators

    ·         Legal professionals

    ·         Banking, Insurance and other professionals

    ·         Government agencies

    ·         IT managers

    * * * * * * *

     

    EC-Council Certified Security Analyst (ECSA) - 40 Hours / 5 Days

     

    Overview

    The EC-Council Certified Security Analyst (ECSA) certification is a security credential like no other. The ECSA program offers a seamless learning progress, continuing where the CEH program left off. Unlike most other pen-testing programs that only follow a generic kill chain methodology; the ECSA presents a set of distinguishable comprehensive methodologies that are able to cover different pentesting requirements across different verticals. This ECSA penetration testing course provides you with a real world, hands-on penetration testing experience while you prepare to take the ESCA exam. Elevate your ethical hacking skills by utilizing EC-Council’s published penetration testing methodology.

     

    Course Benefits

                        Prepare for the EC-Council Certified Security Analyst (ECSA) exam

                        Apply your hacking skills in a penetration test scenario

                        Test modern infrastructures, operating systems, and application environments

                        Document and write a penetration testing report

     

    Exam Info

    The ECSA v10 exam includes 2 required stages: report writing and multiple-choice exam. The report writing stage requires candidates to perform various penetration testing exercises on EC-Council’s iLabs before submitting a penetration test report to EC-Council for assessment. Candidates that submit reports to the required standards will be provided with exam vouchers for the multiple-choice exam.

                        ECSA Exam Details:

                        Credit Towards Certification: ECSA v10

                        Number of Questions: 150

                        Passing Score: 70%

                        Test Duration: 4 Hours

     

     

     

    Who Is It For?

                        Ethical Hackers

                        Penetration Testers

                        Network server administrators

                        Firewall Administrators

                        Security Testers

                        System Administrators and Risk Assessment professionals

     

    * * * * * * *

     

    ECSA Practical Exam E/V (ECSA) – 12 Hours Exam

     

    Overview

    ECSA (Practical) is a 12-hour, rigorous practical exam built to test your penetration testing skills.

    ECSA (Practical) presents you with an organization and its network environment, containing multiple hosts. The internal network consists of several subnets housing various organizational units. It is made up of militarized and demilitarized zones, connected with a huge pool of database servers in a database zone. As a security precaution, and by design, all the internal resource zones are confi­gured with different subnet IPs. The militarized zone houses the domain controllers and application servers that provide application frameworks for various departments of the organization.

    The candidates are required to demonstrate the application of the penetration testing methodology that is presented in the ECSA program, and are required to perform a comprehensive security audit of an organization, just like in the real world. You will start with challenges requiring you to perform advanced network scans beyond perimeter defenses, leading to automated and manual vulnerability analysis, exploit selection, customization, launch, and post exploitation maneuvers.

     

    Course Benefits

    ECSA (Practical) Credential Holders Are Proven To Be Able To:

    ·         Perform advanced network scans beyond perimeter defenses, leading to automated and manual vulnerability analysis, exploit selection, customization, launch and post exploitation maneuvers.

    ·         Customize payloads

    ·         Make critical decisions at different phases of a pen-testing engagement

    ·         Perform advanced network scans beyond perimeter defenses

    ·         Perform automated and manual vulnerability analysis

    ·         Customization, launch, and post exploitation maneuvers

    ·         Perform a full fledged Penetration Testing engagement

    ·         Create a professional pen-testing report

    ·         Demonstrate the application of penetration testing methodology presented in the ECSA program

     

    Who Is It For?

    ·         Ethical Hackers

    ·         Penetration Testers

    ·         Network server administrators

    ·         Firewall Administrators

    ·         Security Testers

    ·         System Administrators and Risk Assessment professionals

     

    * * * * * * *

    Licensed Penetration Tester - LPT (Master)

     

    Overview

    The LPT (Master) is the world’s first fully online, remotely proctored LPT (Master) practical exam, which challenges the candidates through a grueling 18 hours of performance based, hands-on exam categorized into three practical exams for six-hour duration each, which will test your perseverance and focus by forcing you to outdo yourself with each new challenge. The exam requires the candidates to demonstrate a methodical approach to test and validate security defenses. The LPT (Master) exam is developed with close collaboration with SMEs and practitioners around the world after a thorough job role, job task, and skills-gap analysis.

     

    There are good penetration testers and then there are great penetration testers. We know that the only way to find out what you are made of is by testing you at the brink of exhaustion — which is why the LPT (Master) exam is 18 hours long!

     

    Your pen testing skills will be challenged over three levels, each with three challenges, against a multi-layered network architecture with defense-in-depth controls. You will be required to make knowledgeable decisions under immense pressure at critical stages while selecting your approach and exploits.

     

    As you progress along these levels, you will need to maneuver web application, network, and host penetration testing tools and tricks in an internal and external context to ultimately pwn the hosts and exfiltrate data required for the completion of the challenges.

     

    LPT (Master) certified professional can:

                        Demonstrate a repeatable and measurable approach to penetration testing

                        Perform advanced techniques and attacks to identify SQL injection, Cross site scripting (XSS), LFI, RFI vulnerabilities in web applications

                        Submit a professional and industry accepted report that achieves management and technical buy-in

                        Get access to proprietary EC-Council penetration testing methodologies

                        Write exploit codes to gain access to a vulnerable system or application

                        Exploit vulnerabilities in Operating systems such as Windows, Linux

                        Perform privilege escalation to gain root access to a system

                        Demonstrate ‘Out-of-the-box’ and ‘lateral’ thinking

                        Ensure the integrity and value of the penetration testing certification, in a fully online, remotely proctored certification exam

     

    * * * * * * *

     

    Certified Application Security Engineer (.NET/JAVA) - CASE.NET/CASE JAVA - 24 hours / 3 Days

     

    Overview

    The CASE credential tests the critical security skills and knowledge required throughout a typical software development life cycle (SDLC), focusing on the importance of the implementation of secure methodologies and practices in today’s insecure operating environment. The training program encompasses security activities involved in all phases of the Software Development Lifecycle (SDLC): planning, creating, testing, and deploying an application. Unlike other application security trainings, CASE goes beyond just the guidelines on secure coding practices and includes secure requirement gathering, robust application design, and handling security issues in post development phases of application development.

     

    Course Benefits

    The CASE certified training program is developed concurrently to prepare software professionals with the necessary capabilities that are expected by employers and academia globally. It is designed to be a hands-on, comprehensive application security course that will help software professionals create secure applications.

                        In-depth understanding of secure SDLC and secure SDLC models

                        Knowledge of OWASP Top 10, threat modelling, SAST and DAST

                        Capturing security requirements of an application in development

                        Defining, maintaining, and enforcing application security best practices

                        Performing manual and automated code review of application

                        Conducting application security testing for web applications to assess the vulnerabilities

                        Driving development of a holistic application security program

                        Rating the severity of defects and publishing comprehensive reports detailing associated risks and mitigations

                        Working in teams to improve security posture

                        Application security scanning technologies such as AppScan, Fortify, WebInspect, static application security testing (SAST), dynamic application security testing (DAST), single sign-on, and encryption

                        Following secure coding standards that are based on industry-accepted best practices such as OWASP Guide, or CERT Secure Coding to address common coding vulnerabilities.

                        Creating a software source code review process that is a part of the development cycles (SDLC, Agile, CI/CD)

     

    About the Exam

    CASE allows application developers and testers to demonstrate their mastery of the knowledge and skills required to handle common application security vulnerabilities.

                        Number of Questions: 50

                        Test Duration: 2 Hours

                        Test Format: Multiple Choice Questions

                        Passing Score: 70%

                        Availability: EC-Council Exam Portal

     

    Who Is It For?

                        .NET Developers with a minimum of 2 years of experience and individuals who want to become application security engineers/analysts/testers

                        Individuals involved in the role of developing, testing, managing, or protecting wide area of applications

     

    * * * * * * *

     

    Certified Network Defender (CND) - 40 Hours / 5 Days

     

    Overview

    The Certified Network Defender (CND) certification program focuses on creating Network Administrators who are trained on protecting, detecting and responding to the threats on the network. Network administrators are usually familiar with network components, traffic, performance and utilization, network topology, location of each system, security policy, etc. A CND will get the fundamental understanding of the true construct of data transfer, network technologies, software technologies so that the they understand how networks operate, understand what software is automating and how to analyze the subject material. In addition, network defense fundamentals, the application of network security controls, protocols, perimeter appliances, secure IDS, VPN and firewall configuration, intricacies of network traffic signature, analysis and vulnerability scanning are also covered which will help the Network Administrator design greater network security policies and successful incident response plans..

    CND is a skills-based, lab intensive program based on a job-task analysis and cybersecurity education framework presented by the National Initiative of Cybersecurity Education (NICE).

     

    Course Benefits

                        Install, configure, and manage network security controls and devices

                        Design, implement, and monitor security policies

                        Harden hosts to secure them against intrusions

                        Implement and configure VNPs and wireless network technologies

                        Perform risk, threat, and vulnerability assessments

     

    Exam Info

                        Exam title: CND

                        Exam code: 312-38

                        Number of questions: 100

                        Duration: 4 Hours

                        Availability: ECC Exam

                        Test Format: Interactive Multiple Choice Questions

     

    Who Is It For?

                        Network Administrators

                        Network security Administrators

                        Network Security Engineer

                        Network Defense Technicians

                        CND Analyst

                        Security Analyst

                        Security Operator

                        Anyone who involves in network operations

     

    * * * * * * *

     

    Disaster Recovery (EDRP) - 40 Hours / 5 Days

     

    Overview

    The EDRP certification is aimed at educating and validating a candidate’s ability to plan, strategize, implement, and maintain a business continuity and disaster recovery plan. This courses is guided towards

    ·         IT Professionals in the BC/DR or System Administration domain

    ·         Business Continuity and Disaster Recovery Consultants

    ·         Individuals wanting to establish themselves in the field of IT Business

    ·         Continuity and Disaster Recovery

    ·         IT Risk Managers and Consultants

    ·         CISOs and IT Directors

     

    Course Benefits

    EDRP provides the professionals with a strong understanding of business continuity and disaster recovery principles, including conducting business impact analysis, assessing of risks, developing policies and procedures, and implementing a plan. It also teaches professionals how to secure data by putting policies and procedures in place, and how to recover and restore their organization’s critical data in the aftermath of a disaster.

     

    Exam Info

                        Number of Questions: 150

                        Passing Score: 70%

                        Test Duration: 4 hours

                        Test Format: MCQ

                        Test Delivery: ECC Exam Portal

     

    Who Is It For?

                        IT Professionals in the BC/DR or System Administration domain

                        Business Continuity and Disaster Recovery Consultants

                        Individuals wanting to establish themselves in the field of IT Business

                        Continuity and Disaster Recovery

                        IT Risk Managers and Consultants

                        CISOs and IT Directors

     

    * * * * * * *

     

    EC-Council Incident Handling (ECIH) - 24 hours / 3 Days

     

    Overview

    The EC-Council Certified Incident Handler (ECIH) program is designed to provide the fundamental skills to handle and respond to the computer security incidents in an information system. The course addresses various underlying principles and techniques for detecting and responding to current and emerging computer security threats. Students will learn how to handle various types of incidents, risk assessment methodologies, and various laws and policies related to incident handling. After attending this course, they will be able to create incident handling and response policies as well as deal with various types of computer security incidents. The IT incident management training program will enable students to be proficient in handling and responding to various security incidents such as network security incidents, malicious code incidents, and insider attack threats. In addition, students will learn about computer forensics and its role in handling and responding to incidents. The course also covers incident response teams, incident management training methods, and incident recovery techniques in detail. The ECIH certification will provide professionals greater industry acceptance as the seasoned incident handler.

     

    Course Benefits

                        Prepare for the EC-Council Certified Incident Handler (ECIH) exam

                        Handle various types of cyber security incidents

                        Utilize risk assessment methodologies

                        Navigate laws and policy related to incident handling

     

    Exam Info

                        E|CIH allows cybersecurity professionals to demonstrate their mastery of the knowledge and skills required for Incident Handling

                        Exam Title: EC-Council Certified Incident Handler

                        Exam Code: 212-89

                        Number of Questions: 100

                        Duration: 3 hours

                        Availability: EC-Council Exam Portal

                        Test Format: Multiple Choice

                        Passing Score: 70%

     

    Who Is It For?

    The incident handling skills taught in E|CIH are complementary to the job roles below as well as many other cybersecurity jobs:

                        Penetration Testers

                        Vulnerability Assessment Auditors

                        Risk Assessment Administrators

                        Network Administrators

                        Application Security Engineers

                        Cyber Forensic Investigators/ Analyst and SOC Analyst

                        System Administrators/Engineers

                        Firewall Administrators and Network Managers/IT Managers

    E|CIH is a specialist-level program that caters to mid-level to high-level cybersecurity professionals.

     

    * * * * * * *

     

    Certified Threat Intelligence Analyst (CTIA) - 24 hours / 3 Days

     

    Overview

    Certified Threat Intelligence Analyst (C|TIA) is designed and developed in collaboration with cybersecurity and threat intelligence experts across the globe to help organizations identify and mitigate business risks by converting unknown internal and external threats into known threats. It is a comprehensive, specialist-level program that teaches a structured approach for building effective threat intelligence.

    C|TIA is a method-driven Threat Intelligence program that uses a holistic approach, covering concepts from planning the threat intelligence project to building a report to disseminating threat intelligence. These concepts are highly essential while building effective threat intelligence and, when used properly, can secure organizations from future threats or attacks.

     

    Course Benefits

    ·         To enable individuals and organizations with the ability to prepare and run a threat intelligence program that allows ‘evidence-based knowledge’ and provides ‘actionable advice’ about ‘existing and unknown threats’.

    ·         To ensure that organizations have predictive capabilities rather than just proactive measures beyond active defense mechanism.

    ·         To empower information security professionals with the skills to develop a professional, systematic, and repeatable real-life threat intelligence program.

    ·         To differentiate threat intelligence professionals from other information security professionals.

    ·         For individuals: To provide an invaluable ability of structured threat intelligence to enhance skills and boost their employability.

     

    Exam Info

                        Number of Questions: 50

                        Duration: 2 hours

                        Availability: EC-Council Exam Portal

                        Test Format: Multiple Choice

                        Passing Score: 70%

     

    Who Is It For?

                        Ethical Hackers

                        Security Practitioners, Engineers, Analysts, Specialist, Architects, and Managers

                        Threat Intelligence Analysts, Associates, Researchers, Consultants

                        Threat Hunters

                        SOC Professionals

                        Digital Forensic and Malware Analysts

                        Incident Response Team Members

    Any mid-level to high-level cybersecurity professionals with a minimum of 2 years of experience.

    Individuals from the information security profession and who want to enrich their skills and knowledge in the field of cyber threat intelligence.

    Individuals interested in preventing cyber threats.

     

    * * * * * * *

     

    Certified SOC Analyst (CSA) - 24 Hours / 3 Days

     

    Overview

    The Certified SOC Analyst (CSA) program is the first step to joining a security operations center (SOC). It is engineered for current and aspiring Tier I and Tier II SOC analysts to achieve proficiency in performing entry-level and intermediate-level operations.

     

    CSA is a training and credentialing program that helps the candidate acquire trending and in-demand technical skills through instruction by some of the most experienced trainers in the industry. The program focuses on creating new career opportunities through extensive, meticulous knowledge with enhanced level capabilities for dynamically contributing to a SOC team. Being an intense 3-day program, it thoroughly covers the fundamentals of SOC operations, before relaying the knowledge of log management and correlation, SIEM deployment, advanced incident detection, and incident response. Additionally, the candidate will learn to manage various SOC processes and collaborate with CSIRT at the time of need.

     

    Course Benefits

                        Gain Knowledge of SOC processes, procedures, technologies, and workflows.

                        Gain a basic understanding and in-depth knowledge of security threats, attacks, vulnerabilities, attacker’s behaviors, cyber killchain, etc.

                        Able to recognize attacker tools, tactics, and procedures to identify indicators of compromise (IOCs) that can be utilized during active and future investigations.

                        Able to monitor and analyze logs and alerts from a variety of different technologies across multiple platforms (IDS/IPS, end-point protection, servers, and workstations).

                        Gain knowledge of the Centralized Log Management (CLM) process.

                        Able to perform Security events and log collection, monitoring, and analysis.

                        Gain experience and extensive knowledge of Security Information and Event Management.

                        Gain knowledge of administering SIEM solutions (Splunk/AlienVault/OSSIM/ELK).

                        Understand the architecture, implementation and fine-tuning of SIEM solutions (Splunk/AlienVault/OSSIM/ELK).

                        Gain hands-on experience in SIEM use case development process.

                        Able to develop threat cases (correlation rules), create reports, etc.

                        Learn use cases that are widely used across the SIEM deployment.

                        Plan, organize, and perform threat monitoring and analysis in the enterprise.

                        Able to monitor emerging threat patterns and perform security threat analysis.

                        Gain hands-on experience in the alert triaging process.

                        Able to escalate incidents to appropriate teams for additional assistance.

                        Able to use a Service Desk ticketing system.

                        Able to prepare briefings and reports of analysis methodology and results.

                        Gain knowledge of integrating threat intelligence into SIEM for enhanced incident detection and response.

                        Able to make use of varied, disparate, constantly changing threat information.

                        Gain knowledge of Incident Response Process.

                        Gain understating of SOC and IRT collaboration for better incident response.

     

    Who is it for?

                        SOC Analysts (Tier I and Tier II)

                        Network and Security Administrators, Network and Security Engineers, Network Defense Analyst, Network Defense Technicians, Network Security Specialist, Network Security Operator, and any security professional handling network security operations

                        Cybersecurity Analyst

                        Entry-level cybersecurity professionals

                        Anyone who wants to become a SOC Analyst.

     

    Exam Info

                        Exam Title: Certified SOC Analyst

                        Exam Code: 312-39

                        Number of Questions: 100

                        Duration: 3 hours

                        Availability: EC-Council Exam Portal (please visit https://www.eccexam.com)

                        Test Format: Multiple Choice

                        Passing Score: 70%

     

    * * * * * * *

     

    EC-Council Certified Encryption Specialist (ECES) - 20 Hours / 3 Days

     

    Overview

    The EC-Council Certified Encryption Specialist (ECES) program introduces professionals and students to the field of cryptography. The participants will learn the foundations of modern symmetric and key cryptography including the details of algorithms such as Feistel Networks, DES, and AES. Other topics introduced:

                        Overview of other algorithms such as Blowfish, Twofish, and Skipjack

                        Hashing algorithms including MD5, MD6, SHA, Gost, RIPMD 256 and others.

                        Asymmetric cryptography including thorough descriptions of RSA, Elgamal, Elliptic Curve, and DSA.

                        Significant concepts such as diffusion, confusion, and Kerkchoff’s principle.

     

    Participants will also be provided a practical application of the following:

                        How to set up a VPN

                        Encrypt a drive

                        Hands-on experience with steganography

                        Hands on experience in cryptographic algorithms ranging from classic ciphers like Caesar cipher to modern day algorithms such as AES and RSA.

    Course Benefits

                        Types of Encryption Standards and their differences

                        How to select the best standard for your organization

                        How to enhance your pen-testing knowledge in encryption

                        Correct and incorrect deployment of encryption technologies

                        Common mistakes made in implementing encryption technologies

                        Best practices when implementing encryption technologies

     

    Exam Info

                        Number of Questions:50

                        Passing Score: 70%

                        Test Duration: 2 Hours

                        Test Format: Multiple Choice

                        Test Delivery:EC-Council Exam Center (ECC EXAM)

                        Course/Class Duration: 3 days / 20 hours

     

    Who is it for?

    Anyone involved in the selection and implementation of VPN’s or digital certificates should attend this course. Without understanding the cryptography at some depth, people are limited to following marketing hype. Understanding the actual cryptography allows you to know which one to select. A person successfully completing this course will be able to select the encryption standard that is most beneficial to their organization and understand how to effectively deploy that technology.

     

    This course is excellent for ethical hackers and penetration testing professionals as most penetration testing courses skip cryptanalysis completely. Many penetration testing professionals testing usually don’t attempt to crack cryptography. A basic knowledge of cryptanalysis is very beneficial to any penetration testing.

     

    * * * * * * *

     

    EC-Council Security Specialist (ECSS) - 40 Hours / 5 Days

     

    Overview

    EC-Council Certified Security Specialist (ECSS) allows students to enhance their skills in three different areas namely information security, network security, and computer forensics.

    Information security plays a vital role in most organizations. Information security is where information, information processing, and communications are protected against the confidentiality, integrity, and availability of information and information processing. In communications, information security also covers trustworthy authentication of messages that covers identification of verifying and recording the approval and authorization of information, non-alteration of data, and the non-repudiation of communication or stored data.

     

    Course Benefits

    This course will benefit students who are interested in learning the fundamentals of information security, network security, and computer forensics.

     

    Exam Info

    The ECSS exam will be conducted on the last day of training. Students need to pass the online EC-Council Exam to receive the ECSS certification.

                        Exam Details:

                        Number of Questions: 50

                        Passing Score: 70%

                        Test Duration: 2 Hours

                        Test Format: Multiple Choice

                        Test Delivery: EC-Council Exam Porta

     

    Who is it for?

    This course will benefit students who are interested in learning the fundamentals of information security, network security, and computer forensics.

     

    * * * * * * *

     

    Certified Secure Computer User (CSCU) - 16 Hours / 2 Days

     

    Overview

    The purpose of the CSCU training program is to provide individuals with the necessary knowledge and skills to protect their information assets. This class will immerse students into an interactive environment where they will acquire a fundamental understanding of various computer and network security threats such as identity theft, credit card fraud, online banking phishing scams, virus and backdoors, emails hoaxes, sex offenders lurking online, loss of confidential information, hacking attacks and social engineering. More importantly, the skills learned from the class helps students take the necessary steps to mitigate their security exposure. 

    Course Benefits

    After a comprehensive introduction to security, you will learn about securing operating systems. From there you will explore malware and antivirus before moving on to internet security with a particular emphasis on social networking security, email security and security on mobile devices, the Cloud and network connections. Finally, you will complete your new skillset by learning about data backup and disaster recovery. The overall aim of the course is to provide you with the vital knowledge to protect all your online information assets. The interactive environment is designed to equip you with a fundamental understanding of various common computer and network security threats such as identity theft, credit card fraud, phishing scams, viruses, email hoaxes, online sexual predators, loss of confidential information, hacking attacks and social engineering. In short, by gaining certification you will be confident when it comes to mitigating your security exposure.

    Fundamentals of Information Security (FD IS) - 16 Hours / 2 Days

     

    Exam Info

                        Exam Name: CSCU (112-12) Exam

                        Credit Towards Certification: Secure Computer User Specialist (CSCU)

     

    Exam Details:

                        Number of Questions: 50

                        Passing Score: 70%

                        Test Duration: 2 Hours

                        Test Format: Multiple Choice

                        Test Delivery: EC-Council Exam Portal

     

    Who Is It For?

                        This course is specifically designed for todays’ computer users who use the internet extensively to work, study and play.

     

    * * * * * * *

     

     

    Fundamentals of Computer Forensics (FD CF) - 16 Hours / 2 Days

     

    Overview

    Computer Forensics Fundamentals (C|FF) is an entry-level security program covering the fundamental concepts of information security. Through this program, students can build skills to identify information security threats which reflect on the security posture of the organization and implement general security controls.

    This program gives a holistic overview of the key components of computer forensics. It provides a solid fundamental knowledge required for a career in computer forensics.

    The Computer Forensics Fundamentals course significantly benefits students interested in learning the fundamentals of computer forensics.

     

    Course Benefits

                        It facilitates your entry into the world of computer forensics

                        It provides a professional understanding of the concepts of computer forensics

                        It enhances your skills as a Computer Forensics Specialist and increases your employability

     

    Learning Objectives of the C|FF Program

                        Understanding the key issues plaguing the computer forensics

                        Learn the trademark, copyright, and patents

                        Master the incident handling and response process

                        Master cyber-crime and computer forensics investigation methodology

                        Understand the different types of digital evidence and digital evidence examination process

                        Understand the different types of file systems and their comparison (based on limit and features)

                        Learn to gather volatile and non-volatile information from Windows and network forensics analysis mechanism

                        Understand steganography and its techniques

                        Gain an understanding of the different types of log capturing, time synchronization, and log capturing tools

                        Master the art of e-mail tracking and e-mail crime investigation

                        Learn to write an investigation report

     

    Who is it for?

    The Computer Forensics Fundamentals course is designed for anyone looking to enhance their skills and build a career in information security and computer forensics.

     

    * * * * * * *

     

    Fundamentals of Network Security (FD NS) - 16 Hours / 2 Days

     

    Overview

    Network Security Fundamentals (N|SF) is an entry-level security program covering the fundamental concepts of network security. It enables students with the skills to identify information security threats which reflect on the security posture of the organization and implement general security controls.

    This program will give a holistic overview of the key components of network security. It provides a solid fundamental knowledge required for a career in network security.

    This course is designed for those interested in learning the various fundamentals of network security.

     

    Course Benefits

                        It facilitates your entry into the world of network security

                        It provides a professional understanding of the concepts of network security

                        It provides best practices to improve organizational security posture

                        It enhances your skills as a Network Security Specialist and increases your employability

     

    Learning Objectives of the N|SF Program

                        Understanding the key issues plaguing the network security world

                        Learn the fundamentals of networks and various components of the OSI and TCP/IP model

                        Master the various network security protocols

                        Master identification, authentication, and authorization concepts

                        Decode the types of information security threats and attacks, and their countermeasures

                        Learn the fundamentals of IDS, general indications of intrusion, and types of IDS

                        Learn the fundamentals of firewall and firewall technologies such as Bastion Host, DMZ, Proxy Servers, Network Address Translation, and Virtual Private Network

                        Understand all data backup techniques and VPN security

                        Gain an understanding of the fundamentals of wireless network

     

    Who is it for?

    The Network Security Fundamentals course is designed for anyone looking to enhance their skills and build a career in information security and network security.

     

    * * * * * * *

     

    Fundamentals of Ethical Hacking – (FD EH) 16 Hours / 2 Days

     

    Overview

    Ethical Hacking Fundamentals (E|HF) is an entry-level security program covering the fundamental concepts of information security. It equips students with the skills required to identify the increasing information security threats which reflect on the security posture of the organization and implement general security controls.

    This program gives a holistic overview of the key components of information security. It provides a solid fundamental knowledge required for a career in information security.

    The E|HF is designed for those interested in learning the various fundamentals of information security.

     

    Course Benefits

    ·         It facilitates your entry into the world of information security

    ·         It provides a professional understanding of the concepts of information security

    ·         It provides best practices to improve organizational security posture

    ·         It enhances your skills as a Security Specialist and increases your employability

     

    Learning Objectives of the E|HF Program

    ·         Understanding the various key issues plaguing the information security

    ·         Gain an understanding of the different stages of hacking cycle

    ·         Master the fundamentals of ethical hacking and pen testing

    ·         Learn the various types of information security threats and attacks

    ·         Understand the various types of malware (Virus, Worms, Trojans)

    ·         Understand the different types of attack techniques such as social engineering, password cracking, etc. and their countermeasures

    ·         Understand the different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools

    ·         Understand the different types of web server and web application attacks, and countermeasures

    ·         Gain an understanding of wireless network, wireless encryption, wireless threats, wireless hacking tools, and Wi-Fi security

    ·         Master the fundamentals of IDS and IDS evasion techniques

    ·         Master the fundamentals of firewall and honeypot, and different techniques for bypassing firewall

     

    Who is it for?

    The Ethical Hacking Fundamentals course is designed for anyone looking to enhance their skills and build a career in information security and ethical hacking.

     

    * * * * * * *