Hacking insight: hands-on - general

course description
this course is a hands-on journey into the hacking mindset, examining and practically applying the tools and techniques that hackers use. delivery is in an interactive format with the use of multi-media and practical hands-on workshops. open discussion is strongly encouraged. a 1 hour examination is held on the final day, assessing delegate understanding of the objectives. passing this examination (combined with satisfactory completion of practical workshops) will result in the certified security testing associate (csta) qualification being awarded.

course benefits

• delegates will learn about the hacker mindset and become familiar with the tools used to attack systems.
• our state-of-the-art class environment covers windows and unix operating systems and associated server software. *a wide range of hacking tools is featured.
• the course is designed to educate for the purpose of properly defending systems from hacking attacks.

course objectives
delegates will learn:

• how to use the tools, techniques and methodologies employed by hackers in a purpose-built lab environment
• how hackers can accurately collect and assimilate information about an organisation''''s infrastructure whilst avoiding detection
• how information may be used to assess weaknesses and subsequently launch an attack against a target
• typical techniques used to gain or force access into a system
• the types of tools used to leverage access on a system
• how hackers conceal their tracks and the route through which access to a target may be maintained
• limitations of firewalls and the tools used to bypass them
• how hackers bypass intrusion detection systems (ids)
• measures to secure and protect information against hacker attacks

audience
those responsible for the security of it systems within an organisation, including but not limited to: systems / network administrators, auditors, security officers, it security professionals and those with an interest in this fascinating subject.

pre-requisites
a basic understanding of tcp/ip and a background in microsoft windows and / or unix is essential.

course content

• hacking - an introduction
  a background into hacking
  hacker genres
  overview of several high profile attacks

• risks to business
  impacts to business and reputation
  operational and financial risks

• a background to tcp/ip
  a descriptive overview of tcp/ip & networking
  spoofing & session hijacking
  denial of service (dos)
• methodology overview
  the anatomy of a typical attack
• tools & techniques
  types of tools and techniques employed by hackers
• information discovery
  how information about a target may be discretely gathered
• target scanning & system detection
  examining the target landscape
  sophisticated scanning types including operating system detection
• vulnerability assessment
  how attackers probe & test for weakness
  the use of ''''firewalking'''' to map out access controls
• exploitation & privilege escalation
  how access may be gained & privilege escalated to achieve full control
  of windows and unix systems
• trojans, back-doors & root kits
  practical hands-on use of ''''trojan horses'''' & ''''back doors''''
  working with root kits to hide the presence of a hacker at the
  application and kernel level
• firewall & ids evasion
  how attacks may traverse a firewall
  the role of intrusion detection & how it may be evaded using advanced
  techniques
  
• hacking prevention
  security policy, system integrity, hardening & monitoring
  security tools, vulnerability assessment & penetration testing