Certified Professional Ethical Hacker

To protect an information system you need to be able to see that system through the eyes of the attacker. The Certified Professional Ethical Hacker certification course is the foundational training to Mile2’s line of penetration testing courses because it teaches you to think like a hacker.

First, you will learn the value of vulnerability assessments. Then, you will discover how to use those assessments to make powerful changes in an information system’s security. Additionally, you will learn how malware and destructive viruses function and how to implement counter response and preventative measures when it comes to a network hack.

The CPEH course provides in-depth labs that focus on both open source and commercial based tools with industry best practices. These hands on labs emulate real world hacking scenarios and equip the candidate to assess your company’s security posture, help implement controls to better secure your company’s network infrastructure and how to combat against hackers and/or viruses, etc.

The CPEH certification training is a 5 day instructor led course

Upon completion, the Certified Professional Ethical Hacker candidate will be able to competently take the CPEH exam. The Certified Professional Ethical Hacker exam is taken online through Mile2’s Assessment and Certification System (“MACS”), which is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple-choice questions. A minimum grade of 70% is required for certification.

Mile2 is Accredited by the NSA-CNSS, Approved on Homelands Security NICCS Framework, and is on the FBI’s Tier 1-3 Certification Training Chart.

Module 1 – Introduction to Ethical Hacking

1. What and Why?
2. Differences
3. Security Definitions
4. Risk Management
5. Methodologies

Module 2 – Linux Fundamentals 

1. Core Concepts
2. The shell and other items you need to know
3. Managing users
4. Basic Commands

 Module 3 – Protocols 

1. Network Models
2. Protocols & Services

 Module 4 – Cryptography 

1. Understanding Cryptography
2. Symmetric Encryption
3. Asymmetric Encryption
4. Hashing
5. Cryptography in Use
6. Crypto Attacks

 Module 5 – Password Cracking 

1. What and Why
2. Attacks and Tools of the Trade
3. Countermeasures

 Module 6 – Malware 

1. DOS & DDOS
2. Viruses & Backdoors
3. Trojans and Backdoors
4. Ransomeware 

Module 7 – Security Devices

1. Basic Security Elements
2. Security Appliances

 Module 8 – Information Gathering 

1. What are we looking for?
2. Where/How do we find this information?
3. Are there tools to help?

Module 9 – Social Engineering

1. Social Engineering Types
2. Phishing Scams

Module 10 – Reconnaissance 

1. What are we looking for?
2. Port Scanning
3. Are there tools to help?
4. Banner Grabbing
5. Enumeration

Module 11 – Vulnerability Assessment 

1. What is a Vulnerability Assessment
2. Tools of the Trade
3. Testing Internal and External Systems

 Module 12 - Network Attacks

1. Sniffing Techniques
2. Hijacking

 Module 13 – Hacking Servers 

1. Servers, What are they good for?
2. What is an Exploit?
3. Tools of the Trade

Module 14 – Hacking Web Technologies

1. OWASP Top 10
2. SQL Injection
3. XSS

Module 15 – Hacking Wireless Networks

1. Wireless Technologies
2. Mobile and IoT Technologies
3. Various Tools Used
4. Hacking Techniques
5. Countermeasures

Module 16 – Maintaining Access and Covering Tracks

1. Maintaining Access
2. Covering Tracks

Detailed Labs Outline:

Lab 1 – Intro to C)PEH Setup

a. Recording Ips and Logging into VMs
b. Joining the Domain

Lab 2 - Linux Fundamentals

a. Command Line Tips and Tricks
b. Linux Networking for Beginners
c. Using FTP during a Pentest

Lab 3 – Understanding Protocols

a. Analyze http session

Lab 4 - Cryptography Lab

a. Hashing Data of all Sorts
b. The Basics of Cryptographic Algorithms

Lab 5 – Password Cracking

Lab 6 - Malware

a. Creating a virus
b. Beast Trojan

Lab 7 – Information Gathering

a. Google Queries
b. Searching Pastebin
c. Maltego
d. People Search Using the Spokeo Online Tool
e. Recon with Chrome
f. Nslookup

Lab 8 – Information Gathering – Active Reconnaissance

a. Scanning with Nmap
b. Scanning with Hping
c. Banner Grabbing
d. Enumerating a local System with Hyena
e. SMTP Enumeration
f. Ad Enumeration

Lab 9 – Vulnerability Assessment

a. Vulnerability Assessment with Nessus
b. Vulnerability Assessment with Saint

Lab 10 – Network Sniffing/IDS

a. Sniffing Passwords with Wireshark
b. Performing MtM with Cain
c. Performing MtM with sslstrip

Lab 11 - Windows Hacking

a. Attack Windows 7 with Client-Side Exploit
b. Windows 2012 Reverse TCP Exploit
c. Cracking with John the Ripper

Lab 12 – Attacking Databases

a. Attacking MySQL Database
b. Manual SQL Injection

Lab 13 – Attacking Web Applications

a. Attacking with XSS
b. Attacking with CSRF

Lab 13 - Backdoors

a. Setting up a Backdoor

• 12 months of IT security experience
• 12 months of Networking Experience

• IS Security Owners
• Security Officers
• Ethical Hackers
• Information Owners
• Penetration Testers
• System Owners and Managers
• Cyber Security Engineers