Penetration Testing PTS404
Page 1 of 6 Security Analysis Copyright © by EC-Council | Press
All Rights Reserved. Reproduction is Strictly Prohibited.
Course Title: Penetration Testing: Communication
Media Testing, 1st Edition
Course Description:
The Security Analyst Series from EC-Council | Press is comprised of five books covering a broad base of topics in advanced penetration testing and information security analysis. The content of this program is designed to expose the reader to groundbreaking methodologies in conducting thorough information security analysis, as well as advanced penetration testing techniques. Armed with the knowledge from the Security Analyst series along with proper experience, readers will be able to perform the intensive assessments required to effectively identify and mitigate risks to the security of the organization's infrastructure.
Penetration Testing: Communication Media Testing covers Wireless Network Penetration Testing, Advanced Wireless Testing, VoIP Penetration Testing, VPN Penetration Testing, War Dialing, Blue Tooth and Hand held Device Penetration Testing, Telecommunication and Broadband Communication Penetration Testing.
Certificate Info
Penetration Testing: Communication Media Testing
Who Should Attend?
This course will significantly benefit Network administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment profession als.
Course Duration: 2 days (9:00 – 5:00) CPE/ECE Qualification
16 ECE Credits awarded for attendance (1 for each classroom hour) Suggested Retail:
Penetration Testing PTS404
Page 3 of 6 Security Analysis Copyright © by EC-Council | Press
All Rights Reserved. Reproduction is Strictly Prohibited. Required Courseware:
Visit www.cengage.com/community/eccouncil and click on Training Workshops for ordering details.
What’s included? Physical Courseware
1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate
Course + Supplement Cost:
See the “Training Workshops” section at
www.cengage.com/community/eccouncil
for current pricing information.Related Certificates:
Penetration Testing: Security Analysis
Penetration Testing: Network and Perimeter Testing Penetration Testing: Network Threat Testing Penetration Testing: Procedures & Methodologies
Course Briefing:
1. Wireless Network Penetration Testing Module Brief:
This module explains security policies that need to be assessed after setting up the wireless network. This wireless assessment is necessary to check the security of the network. Wireless vulnerability testing and wireless penetration testing are important for the wireless network penetration testing. This module also familiarizes with various wireless penetration testing tools.
2. Advanced Wireless Testing Module Brief:
In this module, we review advanced techniques for wireless penetration testing. It will provide a brief study of various wireless concepts such as wireless components, standards, Wired Equivalent Privacy (WEP), its issues, flaws, and security. A glance on various wireless security technologies such as WPA, EAP, TKIP and discussion on different attacks and tools such as War Driving, NetStumbler, and MITM attacks.
3. VoIP Penetration Testing Module Brief:
The devices that are used for the VoIP are as vulnerable as the operating system on which they are running. The VoIP devices such as IP phones, Call Manager, Gateways, and Proxy servers take over the same vulnerabilities as that of the operating system. The module discusses VoIP risks and vulnerabilities, VoIP security threats, VoIP penetration testing steps, lists various VoIP security and sniffing tools.
4. VPN Penetration Testing Module Brief:
VPN penetration testing is a process of testing VPN network to secure the VPN’s network and maintain the VPN’s security. Penetration testing of VPN is straightforward and it is performed with various tools. Penetration testing is slightly different for both IPsec and SSL VPNs.
The module discusses VPN penetration testing steps: scanning, fingerprinting, PSK Crack, testing for default user accounts, testing for SSL VPN.
5. Wardialing Module Brief:
War Dialing is the exploitation of an organization's telephone, modem, and private branch exchange (PBX) system to infiltrate the internal network in order to abuse computing resources. A War Dialing attack to penetrate into a target network by attempting to bypass firewalls and intrusion detection systems (IDS) is considered illegal. It involves attempts to access a company’s internal resources such as modems and telephones using dial-in access.
The module discusses war dialing techniques, the reason for conducting war dialing penetration tests, gives guidelines for selecting software for war dialing, configuring the software, and various war dialing tools.
6. Bluetooth and Handheld Device Penetration Testing Module Brief:
This module explains about Jailbreaking, a process to unlock the iPhone and iPod touch devices to permit the installation of third-party applications and iDemocracy, third-party application installation solution for the Windows platform. It explains about iPhoneSimFree and anySIM which
Penetration Testing PTS404
Page 5 of 6 Security Analysis Copyright © by EC-Council | Press
All Rights Reserved. Reproduction is Strictly Prohibited. are the tools to unlock the iPhone. The methods such as Blackjacking, ActiveSync, BlueSnarfing, Blueprinting, and BlueSpam are introduced.
7. Telecommunication and Broadband Communication Penetration Testing Module Brief:
This module explains the Employees who are connected to the corporate and government networks via broadband communication may create vulnerability for attack and Internet connection involves risks such as unauthorized access, installation of malicious software thus launches denial of service attacks. In this module we learn to use additional encryption beyond WEP in order to secure the data and spyware stealthy computer monitoring software that allows to secretly recording all activities of a user over the network. We also learn how to disable SNMP on wireless base station and wireless client and see how file sharing can affect the system thereby an attacker can send any malicious files containing viruses which in turn affect the system over the network. Encrypting a file for transmission and storing the data safely can also be learnt.
Course Outline:
Chapter 1: Wireless Network Penetration Testing Introduction to Wireless Network Penetration Testing Security Policy Assessment
Wireless Monitoring
Wireless Penetration-Testing Steps Wireless Penetration-Testing Tools Chapter 2: Advanced Wireless Testing
Introduction to Advanced Wireless Testing Wireless Terminology
Wireless Standards Wi-Fi Equipment
Vulnerabilities to 802.1x and RADIUS Encryption Standards
Wireless Network Testing Wireless Penetration Testing Wireless Network Attacks Wireless Network Testing Tools Chapter 3: VoIP Penetration Testing
Introduction to VoIP Penetration Testing Vulnerability Assessment
VoIP Penetration Testing Steps VoIP Penetration Testing Tools
Chapter 4: VPN Penetration Testing Introduction to VoIP Penetration Testing VPN Penetration Testing Steps
Tools for VPN Penetration Testing Chapter 5: Wardialing
Introduction to Wardialing Wardialing Overview
Reasons to Conduct Wardialing Penetration Tests Prerequisites for Wardialing Penetration Testing Software Selection for Wardialing
Recommendations for an Effective Wardialing Penetration Testing Process Interpreting Wardialing Penetration Testing Results
Wardialing Tools
Wardialing Countermeasures Tool
Chapter 6: Bluetooth and Handheld Device Penetration Testing Introduction to Bluetooth and Handheld Device Penetration Testing iPhone and iPod Touch Penetration Testing
BlackBerry Penetration Testing PDA Penetration Testing Bluetooth Penetration Testing
Chapter 7: Telecommunication and Broadband Communication Penetration Testing Checking for firewalls
Testing firewalls
Configuring Web browsers for enhanced security Disabling cookies
Protecting against scripting attacks
Testing antivirus and antispyware software Checking for wiretapping
