img
img

Course Details!

Description

EC-Council Certified Security Specialist (ECSS) is an entry level security program covering the fundamental concepts of information security, computer forensics, and network security.
It enables students to identify information security threats which reflect on the security posture of the organization and implement general security controls.
This program will give a holistic overview of the key components of information security, computer forensics, and network security.
This program provides a solid fundamental knowledge required for a career in information security.
ECSS is designed for anyone who want to enhance their skills and make career in information security, network security, and computer forensics fields.

What Will I Learn?

  • After finishing course each student will be aware of :
  • Key issues plaguing the information security, network security, and computer
  • Forensics Fundamentals of networks and various components of the OSI and TCP
  • IP model
  • Various types of information security threats and attacks, and their countermeasures
  • Identification, authentication, and authorization concepts
  • Social engineering techniques, identify theft, and social engineering countermeasures.
  • Different stages of hacking cycle
  • Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools
  • Fundamentals of IDS and IDS evasion techniques
  • Data backup techniques and VPN security
  • Wireless Encryption, wireless threats, wireless hacking tools, and Wi-Fi security
  • Different types of web server and web application attacks, and countermeasures
  • Fundamentals of ethical hacking and pen testing
  • Cyber-crime and computer forensics investigation methodology
  • Different types of digital evidence and digital evidence examination process
  • Different type of file systems and their comparison (based on limit and features)
  • Steganography and its techniques
  • Different types of log capturing, time synchronization, and log capturing tools
  • E-mails tracking and e-mail crimes investigation

Module 01: Information Security Fundamentals

  • Data Breach Statistics
  • Data Loss Statistics
  • The Global State of Information Security Survey 2016 Information Security
  • Need for Security
  • Elements of Information Security
  • The Security, Functionality, and Usability Triangle
  • Security Challenges
  • Information Security Attack Vectors
  • Information Security Threat Categories
  • Types of Attacks on a System Trends in Security
  • Information Security Laws and Regulations

Module 02: Networking Fundamentals

  • Introduction
  • Types of Networks
  • OSI (Open Systems Interconnection) Reference Model
  • OSI Reference Model: Diagram
  • Application Layer
  • Presentation Layer
  • Session Layer
  • Transport Layer
  • Network Layer
  • Data Link Layer
  • Physical Layer
  • OSI Layers and Device Mapping
  • Protocols
  • TCP
  • IP Model
  • Comparing OSI and TCP
  • IP
  • Network Security
  • Essentials of Network Security
  • Data Security Threats over a Network
  • Basic Network Security Procedures
  • Network Security Policies
  • Types of Network Security Policies
  • Data Policy: Example
  • Computer Usage Policy: Example
  • E-mail Policy

Module 03: Secure Network Protocols

  • Introduction
  • Terminology
  • Secure Network Protocols E-mail Security Protocol – S
  • MIME
  • E-mail Security Protocol – PGP
  • Web Security Protocol – SSL
  • Steps to Establish Connection Between Browser and Web server using SSL
  • Web Security Protocol – SSH (Secure Shell)
  • Web Security Protocol – HTTPS
  • VPN Security Protocol – IPSec
  • VPN Security Protocol – PPTP VPN Security Protocol – L2TP
  • Wireless Security Protocol – WEP
  • VoIP Security Protocol – H.323
  • VoIP Security Protocol – SIP
  • Public Key Infrastructure (PKI)
  • Access Control List (ACL)
  • Authentication, Authorization, and Accounting (AAA)
  • RADIUS
  • Kerberos
  • Internet Key Exchange Protocol (IKE)

Module 04: Information Security Threats and Attacks

  • The Global State of Information Security Survey 2016
  • Understanding Threat, Vulnerability and Exploit
  • Internal Threats
  • Sniffing
  • Sniffing Countermeasures
  • ARP Spoofing
  • ARP Spoofing Diagram
  • ARP Spoofing Countermeasures
  • External Threats
  • Malware Attacks
  • Virus
  • Introduction to Viruses
  • Virus History
  • Stages of Virus Life
  • Indications of Virus Attack
  • How does a Computer Get Infected by Viruses?
  • Computer Worms
  • . How is a Worm Different from a Virus?
  • Virus Detection Methods
  • Virus and Worms Countermeasures
  • Anti-Virus Tools
  • Trojan
  • What is a Trojan?
  • Purpose of Trojans
  • Indications of a Trojan Attack
  • Different Ways a Trojan Can Get into a System
  • How to Detect Trojans?
  • Trojan Countermeasures
  • Anti-Trojan Softwares
  • Social Engineering
  • Spamming
  • Eavesdropping
  • Eavesdropping Countermeasures
  • Password Cracking
  • Password Complexity
  • Password Cracking Techniques
  • Wire Sniffing
  • Password Sniffing
  • Man-in-the-Middle and Replay Attack
  • Password Guessing
  • Trojan
  • Spyware
  • Keylogger
  • Non-Electronic Attacks
  • Default Passwords
  • Password Cracker
  • L0phtCrack
  • Ophcrack
  • Cain & Abel
  • RainbowCrack
  • . How to Defend against Password Cracking?
  • Scanning
  • Scanning Countermeasures
  • Denial-of-Service (DoS)
  • DoS Countermeasures
  • Distributed DoS (DDoS)
  • Distributed DoS Diagram
  • Spoofing
  • IP Spoofing
  • IP Spoofing Diagram and Countermeasures
  • Man-in-the-Middle Attack (MITM)
  • TCP Session Hijacking
  • Session Hijacking Countermeasures
  • Corporate Espionage
  • Accidental Security Breach
  • Automated Computer Attack

Module 05: Social Engineering

  • What is Social Engineering?
  • Behaviors Vulnerable to Attacks
  • Why is Social Engineering Effective?
  • Impact on the Organization
  • Common Targets of Social Engineering
  • Types of Social Engineering
  • Technical Support Example
  • Authority Support Example
  • Human-based Social Engineering
  • Eavesdropping
  • Shoulder Surfing
  • Dumpster Diving
  • Tailgating
  • In Person
  • Third-Party Authorization
  • Reverse Social Engineering
  • Piggybacking
  • Computer-based Social Engineering
  • Computer-based Social Engineering: Phishing
  • Social Engineering Through Impersonation on Social Networking Sites
  • Identify Theft
  • How to Steal an Identity?
  • Social Engineering Countermeasures
  • How to Detect Phishing Emails?
  • Anti-Phishing Toolbar: Netcraft
  • Identity Theft Countermeasures

Module 06: Hacking Cycle

  • What is Hacking?
  • Who is a Hacker?
  • Hacker Classes
  • Hacktivism
  • Stages of Hacking Cycle
  • Phase 1 – Reconnaissance
  • Phase 2 – Scanning
  • Phase 3 – Gaining Access
  • Phase 4 – Maintaining Access
  • Phase 5 – Covering Tracks

Module 07: Identification, Authentication, and Authorization

  • Identification, Authentication and Authorization
  • Identification
  • Authentication
  • Authorization
  • Need for Identification, Authentication and Authorization
  • Types of Authentication
  • Basic Authentication
  • Password Based Authentication
  • Digest Authentication
  • Form-based Authentication
  • RSA SecurID Token
  • Digital Certificates
  • Certificate-based Authentication
  • Biometrics Authentication
  • Face Recognition
  • Retina Scanning
  • Fingerprint-based Identification
  • Identification Based on Hand Geometry
  • Factors of Authentication

Module 08: Cryptography

  • Terminology
  • Cryptography
  • Types of Cryptography
  • Ciphers
  • Advanced Encryption Standard (AES)
  • Data Encryption Standard (DES)
  • RC4, RC5, RC6 Algorithms
  • The DSA and Related Signature Schemes
  • RSA (Rivest Shamir Adleman)
  • Example of RSA Algorithm
  • The RSA Signature Scheme
  • Message Digest Function: MD5
  • Secure Hashing Algorithm (SHA)
  • What is SSH (Secure Shell)?
  • Public Key Infrastructure (PKI)
  • Certification Authorities
  • Digital Signature
  • SSL (Secure Sockets Layer)
  • Transport Layer Security (TLS)
  • Disk Encryption
  • Disk Encryption Tool: VeraCrypt

Module 09: Firewalls

  • Firewall
  • Features of Firewalls
  • Firewall Architecture
  • Types of Firewall
  • Packet Filtering Firewall
  • Circuit-Level Gateway Firewall
  • Application-Level Firewall
  • Stateful Multilayer Inspection Firewall
  • Role of Firewalls in Network Security
  • Advantages of Firewall
  • Limitations of Firewalls
  • Firewall Technologies
  • Bastion Host
  • Need for Bastion Host
  • Positioning the Bastion Host
  • Types of Bastion Hosts
  • Basic Principles for Building a Bastion Host
  • Setting Up Bastion Hosts
  • Hardware Requirements for the Bastion Host
  • Selecting the Operating System for the Bastion Host
  • Auditing the Bastion Host
  • Tool: IPSentry
  • IPSentry: Automated Output Statistics HTML
  • DMZ
  • What is DMZ?
  • Different Ways to Create a DMZ
  • Proxy Servers
  • What are Proxy Servers?
  • Benefits of Proxy Server
  • Functioning of a Proxy Server
  • Proxy Server-to-Proxy Server Linking
  • Proxy Servers vs Packet Filters
  • Types of Proxy Servers
  • Transparent Proxies
  • Non-transparent Proxy
  • Application Proxy
  • SOCKS Proxy
  • Anonymous Proxy
  • Reverse Proxy
  • How to Configure Proxy Server
  • Steps to Configure Proxy Server on IE
  • Ultrasurf
  • Proxifier
  • Limitations of Proxy Server
  • List of Proxy Sites
  • Network Address Translation
  • Virtual Private Network
  • Honeypot
  • Types of Honeypots
  • Honeypot Tool: KFSensor
  • Honeypot Tool: SPECTER
  • Bypassing Firewalls
  • Firewall Identification
  • Port Scanning
  • Firewalking
  • Banner Grabbing
  • IP Address Spoofing
  • Source Routing
  • Bypass Blocked Sites Using IP Address in Place of URL
  • Bypass Blocked Sites Using Anonymous Website Surfing Sites
  • Bypass a Firewall Using Proxy Server

Module 10: Intrusion Detection System

  • Terminologies
  • Intrusion Detection System (IDS)
  • Characteristics of IDS
  • Importance of IDS
  • IDS Vs Firewalls
  • IDS Placement
  • How IDS Works?
  • Ways to Detect an Intrusion
  • General Indications of System Intrusions
  • General Indications of File System Intrusions
  • General Indications of Network Intrusions
  • Types of IDS
  • IDS for an Organization
  • Selecting an IDS
  • Deploying the IDS
  • Maintaining the IDS
  • Limitations of Intrusion Detection System
  • System Integrity Verifiers (SIV)
  • Intrusion Detection Tools
  • Snort
  • Snort for Windows
  • Running Snort on Windows
  • Testing Snort
  • Configuring Snort (snort.conf)
  • Snort Rules
  • SnortSam OSSEC (Open Source Security)
  • Sguil
  • Evading IDS
  • Insertion Attack
  • Evasion
  • DoS Attack
  • Obfuscating
  • False Positive Generation
  • Session Splicing
  • Unicode Evasion Technique

Module 11: Data Backup

  • Introduction to Data Backup
  • Identifying Critical Business Data
  • Selecting Backup Media
  • Backup Media
  • Storage Area Network (SAN)
  • Advantages of SAN
  • Network Attached Storage (NAS)
  • Selecting Appropriate Backup Method
  • Choosing the Right Location for Backup
  • Backup Types
  • Selecting Backup Types: Advantages and Disadvantages
  • Choosing Right Backup Solution
  • Data Backup Software: AOMEI Backupper
  • Data Backup Tools

Module 12: Virtual Private Network

  • What is a VPN?
  • VPN Deployment
  • Tunneling
  • Types of Tunneling
  • Popular VPN Tunneling Protocols
  • VPN Security
  • Authentication, Authorization and Accounting (AAA)
  • VPN via SSH and PPP
  • VPN via SSL and PPP
  • VPN via Concentrator
  • Other Methods
  • VPN Registration and Passwords
  • Introduction to IPSec
  • IPSec Services
  • Combining VPN and Firewalls
  • VPN Vulnerabilities

Module 13: Wireless Network Security

  • Wireless Networks
  • Wireless Terminologies
  • Types of Wireless Networks
  • Wireless Standards
  • Wireless Network Topology
  • Wireless Local Area Networks (WLANs)
  • Wireless Personal Area Networks (WPANs)
  • Wireless Metropolitan Area Network (WMANs)
  • Wireless Wide Area Network (WWANs)
  • Antennas
  • Service Set Identifier (SSID)
  • Types of Wireless Encryption
  • WEP Encryption
  • How WEP Works?
  • Limitations of WEP Security
  • Temporal Key Integration Protocol (TKIP) and Advanced Encryption Standard (AES)
  • What is WPA?
  • How WPA Works?
  • What is WPA2?
  • How WPA2 Works?
  • WEP vs. WPA vs. WPA2
  • Wireless Threats
  • Effects of Wireless Attacks on Business
  • Wi-Fi Chalking
  • Access Control Attacks
  • Integrity Attacks
  • Confidentiality Attacks
  • Availability Attacks
  • Authentication Attacks
  • Rogue Access Point Attack
  • Denial of Service Attacks
  • Man-in-the-Middle Attack (MITM)
  • Locating Rogue Access Points
  • Wi-Fi Discovery Tools
  • NetStumbler
  • inSSIDer
  • Aircrack-ng
  • Kismet
  • Wireless Security
  • Wireless Transportation Layer Security (WTLS)
  • Extensible Authentication Protocol (EAP) Methods
  • Securing Wireless Networks
  • Maximum Security: Add VPN to Wireless LAN
  • How to Defend Against Wireless Attacks?

Module 14: Web Security

  • Introduction to Web Applications
  • Web Application Components
  • How Web Applications Work?
  • Website Defacement
  • Why Web Servers are Compromised?
  • Impact of Webserver Attacks
  • Web Application Threats
  • Web Application Countermeasures
  • How to Defend Against Web Server Attacks?

Module 15: Ethical Hacking and Pen Testing

  • What is Ethical Hacking?
  • Why Ethical Hacking is Necessary
  • What Do Ethical Hackers Do?
  • Scope and Limitations of Ethical Hacking
  • Skills of an Ethical Hacker
  • Defense in Depth
  • What is Penetration Testing?
  • Why Penetration Testing?

Module 16: Incident Response

  • Common Terminologies
  • Data Classification
  • Information as Business Asset
  • Computer Security Incident
  • Types of Computer Security Incidents
  • Incident Response
  • Signs of an Incident
  • Incident Categories
  • Incident Reporting
  • Incident Reporting Organizations
  • Incident Handling and Response Process
  • Step 1: Preparation for Incident Handling and Response
  • Step 2: Detection and Analysis
  • Step 3: Classification and Prioritization
  • Step 4: Notification and Planning
  • Step 5: Containment
  • Step 6: Forensic Investigation
  • Step 7: Eradication and Recovery
  • Step 8: Post-Incident Activities
  • CSIRT Overview
  • Need for CSIRT
  • CSIRT Steps to Handle Cases
  • Best Practices for Creating a CSIRT
  • CERT
  • World CERTs
  • GFIRST
  • FIRST

Module 17: Computer Forensics Fundamentals

  • Cyber Crime
  • Computer Facilitated Crimes
  • Modes of Attacks
  • Examples of Cyber Crime
  • Types of Computer Crimes
  • Investigating Computer Crime
  • Cyber Criminals
  • Cyber Crime Investigation
  • Forensics Science
  • Computer Forensics
  • Aspects of Organizational Security
  • Evolution of Computer Forensics
  • Objective of Computer Forensics
  • Need for Computer Forensics
  • Why and When Do You Use Computer Forensics?
  • Goals of Forensics Readiness
  • Benefits of Forensics Readiness
  • Computer Forensics Investigation Methodology
  • Key Steps in Forensics Investigation
  • Rules of Forensics Investigation
  • Role of Digital Evidence
  • Review Policies and Laws
  • Forensics Laws
  • Why you Should Report Cybercrime?
  • Who to Contact at the Law Enforcement?
  • Federal Local Agents Contact
  • More Contacts

Module 18: Digital Evidence

  • Definition of Digital Evidence
  • Increasing Awareness of Digital Evidence
  • Challenging Aspects of Digital Evidence
  • The Role of Digital Evidence
  • Characteristics of Digital Evidence
  • Fragility of Digital Evidence
  • Types of Digital Data
  • Rules of Evidence
  • Best Evidence Rule
  • Electronic Devices: Types and Collecting Potential Evidence
  • Digital Evidence Examination Process
  • Evidence Assessment
  • Evidence Acquisition
  • Handling Digital Evidence
  • Evidence Examination
  • Documenting the Evidence
  • Evidence Examiner Report

Module 19: Understanding File Systems

  • Understanding File Systems
  • Types of File Systems
  • Understanding System Boot Sequence
  • Windows File Systems
  • Exploring Microsoft File Structures
  • FAT vs. NTFS
  • Popular Windows File Systems
  • FAT Structure
  • NTFS Architecture
  • Encrypting File Systems (EFS)
  • Components of EFS
  • Exploring Microsoft File Structures: Cluster
  • Gathering Evidence on Windows Systems
  • Gathering Volatile Evidence on Windows
  • Example: Checking Current Processes with Forensic Tool PsList
  • Example: Checking Open Ports With Forensic Tool Fport
  • Checking Registry Entries
  • Forensic Tool: Registrar Registry Manager
  • Linux File Systems
  • Linux Overview
  • Exploring Unix
  • Linux Disk Data Structures
  • Understanding Unix
  • Linux Boot Process
  • Understanding Linux Loader
  • Linux File System Architecture
  • Popular Linux File Systems
  • Mac OS X File Systems
  • HFS vs. HFS Plus
  • CD-ROM
  • DVD Fle Systems
  • Compact Disc File System (CDFS)
  • Comparison of File Systems (Limits)
  • Comparison of File Systems (Features)

Module 20: Windows Forensics

  • Volatile Information
  • Non-Volatile Information
  • Registry Settings
  • Event Logs
  • Other Non-Volatile Information
  • Cache, Cookie, and History Analysis: Google Chrome
  • Cache, Cookie, and History Analysis: Microsoft Edge
  • Analysis Tools
  • Message Digest Function: MD5
  • Why MD5 Calculation?
  • MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles
  • Recycle Bin
  • Metadata
  • Types of Metadata
  • Metadata Analysis Tool: Metashield Analyzer
  • Understanding Events
  • Event Logon Types
  • Searching with Event Viewer
  • Windows Forensics Tool: OS Forensics
  • Windows Forensics Tool: X-Ways Forensics
  • Windows Forensics Tools

Module 21: Network Forensics and Investigating Network Traffic

  • Network Forensics
  • Network Forensics Analysis Mechanism
  • Network Addressing Schemes
  • Overview of OSI Reference Model and Network Protocols
  • TCP
  • IP Model
  • Network Vulnerabilities
  • Types of Network Attacks
  • IP Address Spoofing
  • Man-in-the-Middle Attack
  • Enumeration
  • Denial-of-Service Attack
  • Session Sniffing
  • Buffer Overflow
  • Trojan Horse
  • Why Investigate Network Traffic?
  • Evidence Gathering via Sniffing
  • Capturing Live Data Packets Using Wireshark

Module 22: Steganography

  • What is Steganography?
  • Steganography Vs. Cryptography
  • How Steganography Works?
  • Legal Use of Steganography
  • Unethical Use of Steganography
  • Steganography Techniques
  • Application of Steganography
  • Classification of Steganography
  • Technical Steganography
  • Types of Steganography based on Cover Medium
  • Image Steganography
  • Image Steganography Tool: QuickStego
  • Audio Steganography
  • Audio Steganography Tool: DeepSound
  • Video Steganography
  • Video SteganographyTool : OmniHide PRO
  • Document Steganography Tool: wbStego and SNOW
  • Issues in Information Hiding

Module 23: Analyzing Logs

  • Importance of Logs in Forensics
  • Computer Security Logs
  • Operating System Logs
  • Application Logs
  • Security Software Logs
  • Examining Intrusion and Security Events
  • Syslog
  • Syslog-ng OSE
  • Kiwi Log Viewer
  • Windows Log File
  • Configuring Windows Logging
  • Why Synchronize Computer Times?
  • Event Correlation
  • EventLog Analyzer

Module 24: E-mail Crime and Computer Forensics

  • Email Terminology
  • Email System
  • Email Clients
  • Email Server
  • SMTP Server
  • POP3 and IMAP Servers
  • Email Message
  • Importance of Electronic Records Management
  • Email Crime
  • Email Spamming
  • Mail Bombing
  • Mail Storm
  • Phishing
  • Email Spoofing
  • Example of Email Header
  • List of Common Headers
  • Why to Investigate Emails
  • Investigating Email Crime and Violation
  • Obtain a Search Warrant and Seize the Computer and Email Account
  • Obtain a Bit-by-Bit Image of Email Information
  • Examine Email Headers
  • Viewing Email Headers in Microsoft Outlook
  • Viewing Email Headers in AOL
  • Viewing Email Headers in Gmail
  • Viewing Email Headers in Yahoo Mail
  • Forging Headers
  • Analyzing Email Headers
  • Email Header Fields
  • Received Headers
  • E-mail Forensics Tools
  • Recover My Email
  • Email Trace - Email Tracking
  • eMailTrackerPro
  • Forensic Toolkit (FTK)
  • Abuse.Net

Module 25: Writing Investigation Report

  • Computer Forensics Report
  • Salient Features of a Good Report
  • Aspects of a Good Report
  • Computer Forensics Report Template
  • Investigative Report Format
  • Case Report Writing and Documentation
  • Create a Report to Attach to the Media Analysis Worksheet
  • Best Practices for Investigators
  • Sample Forensics Report

Ahmed Aziz

Linux Admin I -II -ECSS -CND -CEH

Comments

Course Instructor

user

Ahmed Aziz

Member Since November 2017
See All Course