This course examines applications necessary to secure a network from intrusion including firewalls, bastion hosts, proxy servers, and honeypots. Applications to perform vulnerability testing to determine network weaknesses are also employed.
The major objectives for a Certified Ethical Hacker (CEH) certification are structured around key areas of network security, ethical hacking, and vulnerability management. Here is an organized presentation of these objectives:
- Ethical Hacking Principles: Understand and apply principles to test systems responsibly without malicious intent.
- Network Security: Secure networks by identifying vulnerabilities in configurations and implementing appropriate controls.
- System Security: Protect systems like Windows from malware and unauthorized access through various security measures.
- Vulnerability Management: Discover, assess, and mitigate known and unknown vulnerabilities using tools like CVSS scores.
- Authentication: Implement secure authentication methods while ensuring legitimate user access is granted.
- Compromise Prevention: Prevent unauthorized access by understanding and applying effective security measures.
- Social Engineering Mitigation: Recognize and counteract tactics such as phishing to protect systems from human factors.
- Risk Management: Identify organizational risks and develop strategies for their effective mitigation, considering both internal and external factors.
- Penetration Testing: Conduct thorough tests simulating attacks to identify system weaknesses and exploit vulnerabilities.
- Incident Response Planning: Design and evaluate plans to minimize damage from security incidents based on incident severity and impact potential.
- Network Monitoring and Logging: Set up systems to detect threats in real-time and analyze logs to correlate events for threat detection.
- Professionalism and Ethics: Adhere to ethical standards, understand responsibilities associated with security issues, and maintain a commitment to professional conduct.