• No results found

Certified Security Analyst

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Certified Security Analyst"

Copied!
13
0
0

Loading.... (view fulltext now)

Download now ( 13 Page )

Full text

(1)

Certified Security Analyst

Course ID

ECC200

Course Description

The EC–Council Certified Security Analyst (ECSA) program is a comprehensive, standards-based, methodology intensive training program which teaches information security professionals to conduct real life penetration tests by utilizing EC-Council’s published penetration testing methodology.

The ECSA Program is a 5-day complete hands-on training program. This Penetration Testing training course uses real-time scenarios to train students in penetration testing methodologies. EC-Council’s Certified Security Analyst (ECSA) course will help you master a documented

penetration testing methodology that is repeatable and that can be used in a penetration testing engagement, globally.

Prerequisites

• There are no prerequisites for this course

Audience

Network server administrators, firewall administrators, information security analysts, system administrators, and risk assessment professionals all benefit from the ECSA program.

Duration

(2)

Course Content

Need for Security Analysis

 Information Security Measures

 Risk Analysis

 Hardening Security

 Security Policies

 Sample Policies

 Information Security Standards

 Information Security Acts and Laws

TCP/IP Packet Analysis  Introduction to TCP/IP

 TCP/IP Connection

 Introduction to IPv6

 TCP/IP Security

 Internet Control Message Protocol (ICMP)

 TCP/IP in Mobile Communications

Penetration Testing Methodologies  Introduction to Penetration Testing

 Types of Penetration Testing

 Penetration Testing Methodology

 Pen Test Strategies

 Ethics of a Licensed Penetration Tester

Customers and Legal Agreements

 Why Do Organizations Need Pen Testing?

 Penetration Testing ‘Rules of Behavior’

 Legal Issues in Penetration Testing

 Penetration Testing Contract

Rules of Engagement

 Rules of Engagement (ROE)

 Steps for Framing ROE

 Clauses in ROE

Penetration Testing Planning and Scheduling  Test Plan and Its Purpose

 Content of a Test Plan

 Building a Penetration Test Plan

 Test Plan Identifier

 Test Deliverables

 Penetration Testing Planning Phase

(3)

 Internal Employees

 Penetration Testing Teams

 Tiger Team

 Meeting with the Client

 Contents of a Pen Testing Project Plan

 Work Breakdown Structure or Task List

 Penetration Testing Schedule

 Penetration Testing Hardware/Software Requirements

Pre-penetration Testing Steps Information Gathering

 Information Gathering Terminologies

 Information Gathering Steps

 Tools to Extract Company’s Data

 Search Telephone Numbers Using http://www.thephonebook.bt.com

 Geographical Location Search Using Google Earth

 People Search Online Services

 Link Popularity Search Online Services

 Competitive Intelligence

 Price Comparison Services

 DNS Interrogation Tools

 Domain Research Tool (DRT)

 DNS Interrogation Tools

 DNS Interrogation Online Tools

 Traceroute Analysis

 Website Mirroring Tools

 Email Tracking Tools

GHDB Screenshot

Vulnerability Analysis  Why Assessment

 Vulnerability Classification

 Types of Vulnerability Assessment

 How to Conduct a Vulnerability Assessment

 How to Obtain a High Quality Vulnerability Assessment

 Vulnerability Assessment

 Timeline

External Penetration Testing

 External Intrusion Test and Analysis

 Client Benefits

 External Penetration Testing

 Traffic Sniffing and Analysis Tool: Tstat

(4)

 WHOIS Lookup Tools

 Common Ports List

 Scanning Tools

 Hping2 IPID Example

 Look for Invalid Ranges in Input Fields

 Attempt Escape Character Injection

 Examine Server Side Includes (SSI)

 Recommendations to Protect Your System from External Threats

Internal Network Penetration Testing  Internal Testing

 Steps for Internal Network Penetration Testing

 Sniffer Tools

 Copying Commands in Knoppix

 Microsoft Diagnostics and Recovery Toolset (DART)

 Reset the Administrator’s Password

 Keyloggers and Spy Softwares

 WinMend Folder Hidden

 Whitespace Steganography

 Vulnerability Scanning Tools

Firewall Penetration Testing  Firewall Overview

 Packet Filtering

 Firewall Logging Functionality

 Periodic Review of Information Security Policies

 Firewall Implementation

 Build a Firewall Ruleset

 Maintenance and Management of Firewall

 Hardware Firewall

 Software Firewall

 Types of Firewalls

 Firewall Penetration Testing Tools

 Firewall Identification

IDS Penetration Testing  Introduction to IDS

 Application-based IDS

 Multi-Layer Intrusion Detection Systems

 Wireless Intrusion Detection Systems (WIDSs)

 Common Techniques Used to Evade IDS Systems

 IDS Penetration Testing Steps

 Packet Fragmentation

 TCP Flags

(5)

Password Cracking Penetration Testing  Password  LM Authentication  NTLM Authentication  Kerberos Authentication  LM, NTLMv1, and NTLMv2  People Search

 Dictionary Maker Tool: Word List Compiler

 Packet Sniffing Tools

 Man-in-the-Middle Attack Using Ettercap

 Elcomsoft Distributed Password Recovery

 Password Cracking Tools

 Keyloggers

Social Engineering Penetration Testing  Social Engineering Pen Testing

 Impact of Social Engineering on the Organization

 Common Targets of Social Engineering

 Requirements of Social Engineering

 Steps in Conducting Social Engineering Penetration Test

 Steps for Dumpster Diving

 Accomplice

 Identity Theft

 Satellite Picture of a Organization

 Telephone Recorders and Call Recorders

 Vehicle/Asset Tracking System Examples

 Spy Gadgets

Web Application Penetration Testing  Introduction to Web Applications

 Web Application Components

 Web App Pen Testing Phases

 Connection String Injection

 Connection String Parameter Pollution (CSPP) Attacks

 Connection Pool DoS

 Web Services

 Web Services XML Poisoning

 SOAP Injection

SQL Penetration Testing

 Introduction to SQL Injection

 SQL Injection Attacks

 SQL Injection Penetration Testing Steps

(6)

 Blind SQL Injection Attack

 Best Practices to Prevent SQL Injection

Penetration Testing Reports and Post Testing Actions  Penetration Testing Deliverables

 Writing Pen Testing Report

 Collect and document the information

 Pen Testing Report Format

 Result Analysis

 Post Testing Actions

 Report Retention

Router and Switches Penetration Testing  Router Testing Issues

 Test for HTTP Configuration Vulnerabilities in Cisco Routers

 Analyze the Router Configuration

 Need for Router Testing

 General Requirements

 Technical Requirements

 Steps for Router Penetration Testing

 The Process to Get Access to the Router

 Privileged Mode Attacks

 SNMP “Community String”

 TFTP Testing

 Router Testing Report

 Penetration Testing Steps for Switches

Recommendations for Router and Switches Penetration Testing

Wireless Network Penetration Testing  Wireless Penetration Testing

 Wireless Security Threats

 Wi-Fi Discovery Tools

 Active Wireless Scanner: inSSIDer

 Wireless Packet Sniffers

 Wi-Fi Jamming Devices

 WEP Cracking Tool

 WPA Brute Forcing Using Cain & Abel

 WPA-PSK Cracking Tool: Elcomsoft Wireless Security Auditor

 Wireless Penetration Testing Tools

Denial-of-Service Penetration Testing  Distributed Denial-of-Service Attack

 How Do Distributed Denial-of-Service Attacks Work?

 How to Conduct DoS Penetration Testing

(7)

 Recommendations to Prevent Denial of Service

Stolen Laptop, PDAs, and Cell Phones Penetration Testing  Stolen Digital Data

 Type of Information Lost in Laptop Theft

 Penetration Testing Steps

 Penetration Testing in Mobiles Using CORE IMPACT Pro

 Tools to Extract the Personal Information in Cell Phones

 Pen-Testing Tools for the Pocket PC

 Pen Testing for the Pocket PC Using MiniStumbler

 Cookies Screenshot

 Install Software

Source Code Penetration Testing  Introduction

 Need for Source Code Penetration Testing

 Prerequisites for Source Code Penetration Testing

 Vulnerable Components in an Application

 Attacker’s Goals

 Threat Models

 Application Decomposition

 Identify and Rank Threats

 Discover the Countermeasures and Mitigation

 Threat Analysis

 Steps for Source Code Penetration Testing

 Tools for Automated Source Code Penetration Testing for Java

 Tools for Automated Source Code Penetration Testing for C, C++, and .NET

 STRIDE Threat Model Countermeasures

 Authentication Countermeasures

 Authorization Countermeasures

 Countermeasures

Physical Security Penetration Testing  Physical Attacks

 Steps in Conducting Physical Security Penetration Testing

 Google Maps Image

Surveillance Camera Penetration Testing  Introduction to Surveillance Systems

 Pen Testing Requirements

 Surveillance Camera Network Architecture

 Need for Surveillance System Pen Testing

 Steps for Surveillance Camera Penetration Testing

 Try to Manipulate Resolution

(8)

 Check the Frame Rate

Database Penetration Testing

 Database Penetration Testing Steps

 McAfee Security Scanner for Databases

 Oracle Auditing – Wrong Statements Logged

 Possible Attacks Against Oracle Database Vault

 Try to Retrieve Sysxlogins Table Views

 SQL Server System Tables

 Oracle Server Testing

 Port Scanning Basic Techniques

 Port Scanning Advanced Techniques

 Oracle TNS Listener: Screenshot

 Finding the TNS Listener

 Listener Modes

 Database Password Cracking and Testing Tools

VoIP Penetration Testing

 Vulnerability Assessment

 Penetration and Vulnerability Testing

 VoIP Risks and Vulnerabilities

 VoIP Security Threat

 VoIP Penetration Testing Steps

 SNMP Enumeration Tools

 VoIP Tools

VPN Penetration Testing

 Virtual Private Network (VPN)

 VPN Penetration Testing Steps

 Port Scanning Tools

 Check for Split Tunneling

 Try to Recover and Decrypt Pre-Shared Key (PSK)

 SSL VPN Scan Tool

Cloud Penetration Testing

 What Is Cloud Computing?

 Cloud Computing Model

 Types of Cloud Computing Services

 Separation of Responsibilities in Cloud

 Security Benefits of Cloud Computing

 Security Risks Involved in Cloud Computing

 Key Considerations for Pen Testing in the Cloud

 Scope of Cloud Pen Testing

(9)

Virtual Machine Penetration Testing

 Prerequisites to Virtual Machine Pen Testing

 Virtualization Security Scenario

 Virtualization Security Issues

 Virtual Environment Pen Testing

 Virtual Machine Penetration Testing Steps

 Vulnerability Assessment Tool: VMinformer

 Configuration Management Tool

 Virtualization Best Practices

War Dialing

 War Dialing

 Recommendations to Improve Modem Security

Virus and Trojan Detection

 Indications of a Trojan or Virus Attack

 Different Ways a Trojan/Virus Can Get into a System

 How Does a Computer Get Infected by a Trojan/Virus?

 Port Monitoring Tools

 Process Monitoring Tools

 Registry Entry Monitoring Tools

 Device Drivers Monitoring Tools

 Windows Services Monitoring Tool: Process Hacker

 Windows 7 Startup Registry Entries

 Startup Programs Monitoring Tools

 File and Folder Integrity Checkers

 Detecting Trojans and Viruses with Capsa Network Analyzer

 Anti-Trojan/Anti-Spyware Tools

 Anti-Virus Tools

 Trojan Countermeasures

 Virus and Worms Countermeasures

Log Management Penetration Testing

 Steps for Log Management Penetration Testing

 Log Management Tools

 Log Monitoring Tools

 Checklist for Secure Log Management

File Integrity Checking

 Process to Check Integrity by Comparing CRC Checksum

 Checking and Comparing CRC Value

 Hash Value Calculation Tools

 Automated File Integrity Verification Tools

 Challenges in File Integrity Checking

(10)

Mobile Devices Penetration Testing

 Requirements for Mobile Device Penetration Testing

 Mobile Devices Market Share

 Pen Testing Android

 Android Architecture

 Penetration Testing iOS-based Devices

 iOS Architecture

 Major iOS Vulnerabilities and Attacks

 Jailbreaking

 BlackBerry Network Architecture

 Vulnerabilities in BlackBerry

 Bluetooth Stack

 Penetration Testing Steps for Bluetooth-enabled Devices

 Recommendations

Telecommunication and Broadband Communication Penetration Testing  Broadband Communication

 Risks in Broadband Communication

 Steps for Broadband Communication Penetration Testing

 Cookies Analysis Tool: IECookiesView

 Wardriving Tools

 WEP Cracking Tools

 Guidelines for Securing Telecommuting and Home Networking Resources

Email Security Penetration Testing

 Commonly Used Email Service Protocols

 SMTP Enumeration Tool: NetScanTools Pro

 Vulnerability Scanners

 Patch Management Tools

 Anti-Phishing Tools

 Common Spam Techniques

 Anti-Spamming Tools

Security Patches Penetration Testing  Patch Management

 Patch and Vulnerability Group (PVG)

 Steps for Security Patches Penetration Testing

 Security Patches Penetration Testing Tools

Data Leakage Penetration Testing  Data Leakage

 Data Leakage Statistics

 Data Leakage Statistics – Types of Incidents

(11)

 Data Leakage Penetration Testing Steps

 Data Privacy and Protection Acts

 Data Protection Tools

SAP Penetration Testing  SAP World

 The SAP RFC Library

 Methodology and Goals

 Setting Up the Assessment Platform

 Sapyto Architecture

 Connectors and Targets

 Installation of Sapyto

 SAP Penetration Testing

Standards and Compliance  Incident Handling

 Incident Response

 Need for Incident Response

 Goals of Incident Response

 Parameters of Investigations

 Laws

 Compliance Checklists

 Intellectual Property Rights

 Privacy Act

 Standards of Conduct

 Legal Issues Affecting Information Assurance

Information System Security Principles  Defense in Depth

 System Interconnection

 Monitoring Systems Interconnection

 System Interconnection Policy

 Aggregation

 Inference and Object Reuse

 Polyinstantiation

 How Security is Affected

 Threat from Aggregation

 Basic Security Requirements

 Information Valuation

 States of Information

 Protection Profiles

 Security Target

 Account Management

 Security Policy for Account Administration

(12)

 Configuration Management

 Change Control

 Configuration Management Plan

 Cryptanalysis

 Digital Signature

 Steganography and Watermarking

 Non-Repudiation

 Message Digest Tools

 Key Management

 Electronic Key Management System (EKMS)

 EKMS Requirements

 Public Key Infrastructure (PKI)

 Need for Public Key Infrastructure (PKI)

 Public Key Infrastructure Requirements

 Email Security

 Life Cycle Security

 System Security Plan (SSP)

 Access Control Models

 Business Aspects of Information Security

 Information Warfare (INFOWAR)

 Intellectual Property Rights

 COMSEC

 System Security Architecture

 Software Piracy

 Addressing Account Management

 Policy for Redeploying Classified Systems

 Hardware Asset Management Program

 Key Management Infrastructure (KMI)

 Development of Configuration Control Policies

 Report to the DAA the Deficiencies/Discrepancies in the Configuration Control Policy

 Improvements to the Security Plans Developed by Site Personnel

 Security Domains

 Administrative Security Procedures Appropriate for the System Certification

 Security Features Necessary to Support Site Operations

 Maintenance Procedures to Ensure Security against Unauthorized Access

 Procedures to Counter Potential Threats from Insiders or Outsiders of the Organization

 Physical Security

Information System Incident Handling and Response  EMSEC/TEMPEST

 Emergency/Incident Response Team

 Education, Training, and Awareness (ETA)

 Concept of Operations (CONOP)

 Business Continuity Plan (BCP)

(13)

 Disaster Recovery Planning (DRP)

 Business Continuity Plan Development and Planning

 Resource Requirements for Business Continuity Plan

 Security Policy for Backup Procedures

 Generally Accepted Systems Security Principles (GASSP)

 Personal Information Security Breaches

 Investigation of Personal Information Security Breaches

 Process of Responding to and Reporting Security Incidents

 Agency Specific Security Policies and Procedures

Information System Auditing and Certification  Certification and Accreditation

 National Information Assurance Partnership (NIAP)

 Information Technology Security Evaluation Criteria (ITSEC)

 Discuss the Concepts of Availability, Integrity, Confidentiality, Authentication, and Non-repudiation

 Key Participants of the Certification and Accreditation Process

 Information System Security Auditing and Logging

 Information Systems Monitoring Process

 Evaluation Assurance Levels (EALs)

 Assessment Use During Certification of Information Systems

 Systems Security Plan

 Budget/Resources Allocation/ Scheduling

 Information System Security Certification Requirements

 System Architectural Description Document

 Agency-specific C&A Guidelines

 Security Processing Mode

 Change Control Management Process

 Security Accreditation Package

References

Download now ( PDF - 13 Page - 658.85 KB )

Related documents

End-stage renal failure due to analgesic nephropathy, its changing pattern and cardiovascular mortality

Hence we may conclude that patients on RRT due to analgesic nephropathy have an overall mortality and cardiovascular death rates related to end-stage renal failure in general,

Comparative analysis of the organization of surveying profession in the selected countries

Organizacijo geodetske dejavnosti bi lahko opredelili kot racionalno, vnaprej premišljeno povezovanje in usklajevanje strokovnjakov s področja geodezije in njihovih

Wednesday 13 May 2020

• Answer all questions and ensure that your answers to parts of questions are clearly labelled.. • Answer the questions in the spaces provided – there may be more space than

Application of reinforcement learning methods for optimization of traffic control on arterial roads

Slika 5.31: Primerjava med krmiljenjem z učenjem Q in klasičnim prometno odvisnim krmiljenjem na podlagi povprečnih zamud na vozilo ter števila prepeljanih vozil skozi mrežo

GUIDELINES ON MINIMUM REQUIREMENTS FOR MANAGEMENT OFFICE OF LABUAN INSURANCE AND INSURANCE-RELATED COMPANIES

a) The management office must deploy a minimum of four qualified staff with adequate knowledge and expertise of the relevant Labuan insurance business. For this purpose, a

Can Collaborative Knowledge Building Promote Both Scientific Processes and Science Achievement?

This model of knowledge building postulates that knowledge advancement is the collective work of a community, analogous to scientific communities, and that knowledge is t is now

Bibliometric study of scientific production on educational inspection

Se observa que los textos científicos centrados en la inspección educativa son de una autoría, realizado por hombres, aplicando una metodología cualitativa, mediante el análisis

ANALISIS KUALITATIF TERHADAP KEMAMPUAN REPRESENTASI MATEMATIS SISWA KELAS IV (EMPAT) SEKOLAH DASAR PADA MATERI GEOMETRI BANGUN DATAR: Penelitian deskriptif kualitatif yang dilaksanakan pada siswa kelas IV (empat) sekolah dasar di Kecamatan Bungursari Kabu

Berdasarkan seluruh penjabaran latar belakang masalah di atas, penelitian yang akan dilaksanakan pada kesempatan kali ini berjudul “Analisis Kualitatif Terhadap