Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Hacking in Practice: Certified Ethical Hacking MEGA Course
Introduction to cyber threats
Introduction to Current Cyber Threats (4:46)
IT Prehistory (4:41)
Let’s look a few years back (4:42)
Cyber crimes – an evolution not revolution (4:25)
Current Cyber Threats – notes for the examination
IT security popular myths
Popular myths about IT security – origins (5:33)
Myths #1 – you’ll never be hacked (5:55)
Myths #2 – you don’t need any protection software or hardware (5:11)
Myths #3 – IT security is always a priority (1:13)
Popular Myths About Computer System Security – notes for the examination
IT security trends
Trends in IT Security (3:44)
The birth of technology society (3:16)
EXERCISE: How much info can you gather? (3:59)
Fake identity (5:03)
Online privacy (6:14)
Analyzing sniffing software (3:33)
Cyber War (8:23)
Changing IT Security Trends – notes for the examination
Data security
Objective #1 – Data security – Introduction (6:58)
Confidentiality of data (5:33)
EXERCISE: Finding confidential data with search engines (6:05)
Integrity of data (7:04)
Data security – notes for the examination
Security policies
Security policies – introduction (1:56)
What is security? (3:53)
Information security (4:13)
Information security – level up (4:04)
Security issues (4:50)
Why are security solutions fallible? (5:42)
Security policy issues (4:50)
Introduction to threat modelling and classification (5:14)
Threat modelling – STRIDE (4:06)
STRIDE: Spoofing identity (5:03)
STRIDE: Tampering with data (4:28)
STRIDE: Denial of Service (3:51)
Threat Modelling and Classification – notes for the examination
Risk management
Introduction to Risk Management (1:27)
Attack Methods (6:42)
Local attacks (2:56)
Target scanning and enumeration techniques #1 (5:52)
Target scanning and enumeration techniques #2 (3:30)
Passive scanning (5:36)
Attack Methodologies – notes for the examination
Introduction to risk assessment (6:20)
DREAD: Risk assessment model (4:50)
DREAD: Exploitability (5:24)
EXERCISE: Risk Assessment (7:17)
Risk Assessment – notes for the examination
Introduction to Social Engineering and rogue software (4:19)
Manipulation tactics (9:01)
EXERCISE: Social Engineering attacks (6:44)
SE with KALI / BackTrack (7:06)
Rogue Software (2:28)
Fraud tools #1 (7:10)
Fraud tools #2 (6:32)
Social Engineering and Rogue Software – notes for the examination
Defence in depth
Introduction to Defence in depth (1:32)
How to use Defence in depth model? (5:45)
DiD: OS and LAN layers (6:39)
DiD: Perimeter and Physical Access Layers (6:06)
DiD: Demonstration (2:48)
Automated attack targeting a service (5:23)
Automated user-targeting attack (4:31)
The Defence in Depth Model – notes for the examination
Introduction to Immutable laws of security – Law #1 (4:35)
Law #2 (2:56)
Law #3 (2:23)
Law #4 (1:52)
Law #5 (3:28)
Law #6 (2:07)
Law #7 (1:11)
Law #8 (1:43)
Law #9 (3:57)
Law #10 (0:48)
Laws for administrators (5:59)
Immutable Laws of Security – notes for the examination
Disaster recovery
Introduction to Disaster Recovery (1:33)
How to reduce losses? (5:24)
Ensuring continous availability (4:08)
Threat discovery #1 (4:28)
Threat discovery #2 (3:40)
Audit users and keep control accounts (5:18)
High risk users (3:23)
Collecting and analysing evidence (7:13)
Forensics example (3:52)
CONFICKER: CASE STUDY (7:11)
How to reduce losses – notes for the examination
Computer network security - network protocols
Network security – introduction (5:44)
OSI MODEL #1 – Physical layer (5:45)
OSI MODEL #2 – Data link layer (4:46)
Threats: MAC spoofing (5:54)
Threats: ARP Poisoning (6:38)
EXERCISE: Data Link Layer Attack (7:32)
OSI MODEL #3 – Network layer (6:58)
TCP Tunnelling over ICMP (7:39)
Network Protocols – notes for the examination
Transport protocols
OSI MODEL #4 – Transport Layer (6:04)
Threats: Enumerating Remote Computers (3:40)
EXERCISE: Transport Layer Attack using METASPLOIT – part 1 (5:27)
EXERCISE: Transport Layer Attack using METASPLOIT – part 2 (5:13)
OSI MODEL #5 – Session Layer (3:33)
Transport Protocols – notes for the examination
Application protocols
OSI MODEL #6 – Presentation Layer (6:52)
OSI MODEL #7 – Application Layer (3:48)
EXERCISE: Application Layer Attacks (6:03)
KALI / Backtrack: Attack Demonstration (3:34)
Man-in-the-Middle and Denial of Service Attacks (2:49)
Modifying Transmitted Packets (4:45)
Unencrypted protocols (2:58)
Application Protocols – notes for the examination
Designing secure computer networks
Designing Computer Networks – introduction (2:19)
Subnetting IPv6 (3:18)
Subnetting IPv4 (7:01)
IPv6 address notation (6:46)
DMZ: DeMilitarized Zone (6:28)
Subnetting – notes for the examination
Protocols and services: IP SEC (9:33)
IP SEC: Phase 1 (7:27)
Network Address Translation (12:18)
Network access control: RADIUS (10:04)
Protocols and Services – notes for the examination
Network administration and monitoring
Introduction to Monitoring Transmitted Data (1:07)
Monitoring Transmitted Data – Basic information (8:03)
Intrusion detection systems (7:43)
Why are firewalls and NDIS not enough? (5:41)
Wireshark – Introduction to network analysis (6:29)
How to use Wireshark? (8:27)
Analyzing captured data (5:43)
How to analyze telnet protocol? (8:09)
Intrusion detection (7:48)
Scanning computers (7:47)
Monitoring transmitted data – notes for the examination
Wireless networks security
Wireless Networks (1:16)
WIFI security solutions – introduction (5:44)
WIFI – working principles (5:48)
Other wireless technologies (2:56)
Threats and risks (4:38)
Ineffective solutions (4:11)
Authentication methods (8:31)
802.11 WEP (7:06)
802.11 WPA (6:24)
Standards and Security Solutions – notes for the examination
Threats of WIFI networks (5:58)
Client Attacks: Launching a rogue access point (7:03)
Client Attacks: Evil twin (4:51)
Client Attacks: Denial of service (9:17)
EXERCISE: WPA attack (3:24)
Wi-Fi Security Threats – notes for the examination
Operating systems security
Operating systems security – introduction (9:10)
Security boundaries (4:44)
Three core (7:15)
EXERCISE: OS boundaries (7:54)
Process isolation (6:30)
Kernel Mode Code Signing (6:24)
Java Virtual Machine and code access security (4:17)
OS Security Boundaries – notes for the examination
Malware (12:09)
EXERCISE: Vulnerability attacks (10:26)
EXERCISE: Identifying suspicious processes (6:54)
Demonstration: Process Explorer (9:13)
EXERCISE: Removing malware (8:38)
Rootkits (6:14)
EXERCISE: Detecting rootkits (11:07)
EXERCISE: Security evaluation (6:00)
Malware – notes for the examination
Access control
Authentication and authorisation – Introduction (1:57)
Authentication - users (6:56)
How secure is your password? (5:03)
Authentication protocols and services (8:25)
LM Hash (7:02)
Cached Credentials (4:29)
KERBEROS (11:30)
Authentication – notes for the examination
Identity Theft (9:13)
EXERCISE: Offline attacks (12:22)
Using online cracking services (8:41)
Identity Theft – notes for the examination
Windows security
Windows Security – what you’ll learn (1:17)
User Account Control (6:22)
UAC configuration (8:02)
Additional Security Features – ASLR and DEP (11:39)
PatchGuard (1:34)
Techniques and Methods – notes for the examination
Encryption – key protection (9:31)
Drive encryption (8:25)
BitLocker (7:57)
BitLocker To Go Reader (4:43)
File and folder encryption – EFS (7:30)
EXERCISE: EFS (5:36)
Encryption – notes for the examination
Application security
Introduction to Application Security (8:18)
Attacks on applications (10:18)
SQL Injection (8:10)
EXERCISE: Analyze the application (13:31)
Blind SQL Injection (9:33)
Automated SQL Injection (11:44)
Cross-site scripting – XSS (10:10)
Program security assessment (5:10)
Unsafe applications (10:11)
Application Attacks – notes for the examination
Program Security Assessment – notes for the examination
Application security - Configuration and management
Here’s what you’ll learn in this module (1:05)
Software updates (2:39)
MS Update (6:53)
System Center Configuration Manager (2:46)
Managing applications (8:26)
Blocking applications (7:35)
Software restrictions policies (5:57)
EXERCISE: Application control rules (12:11)
Isolating applications (6:30)
How to protect users without interrupting their work – notes for the examination
Cryptography
Introduction to cryptography (9:42)
History of ciphers (10:57)
Symmetric and asymmetric ciphers (6:13)
Symmetric-key algorithms (5:49)
Block ciphers (6:01)
Data encryption standard (6:51)
DES-X (7:35)
Advanced encryption standards (5:28)
Block cipher modes (7:16)
Stream Ciphers – RC4 (3:40)
Asymmetric-key algorithms (8:11)
RSA (5:33)
ELGAMAL (2:05)
HASH functions (5:56)
Digital signature (5:56)
Hybrid Schemes (6:24)
Symmetric and Asymmetric Ciphers – notes for the examination
Public Key Infrastructure
Introduction to cryptology (2:12)
Public key infrastructure (6:10)
Implementing public key infrastructure (5:39)
What will PKI allow you? (6:29)
EXERCISE: Certificates (8:37)
Certificate life cycle (6:24)
Planning the PKI (8:33)
PKI Administration (7:29)
Public Key Infrastructure – Trust but verify – notes for the examination
PatchGuard
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock