Ethical Hacking Syllabus

Unit I: Introduction

1. Hacking Impacts

2. The Hacker Framework:

   • Planning the Test

   • Sound Operations

   • Reconnaissance

   • Enumeration

   • Vulnerability Analysis

   • Exploitation

   • Final Analysis

   • Deliverable

   • Integration

3. Information Security Models:

   • Computer Security

   • Network Security

   • Service Security

   • Application Security

   • Security Architecture

4. Information Security Program:

   • The Process of Information Security

   • Component Parts of Information Security Program

   • Risk Analysis and Ethical Hacking

---

Unit II: The Business Perspective

1. Business Objectives

2. Security Policy

3. Previous Test Results

4. Business Challenges

5. Planning for a Controlled Attack:

   • Inherent Limitations

   • Imposed Limitations

   • Timing is Everything

   • Attack Type

   • Source Point

   • Required Knowledge

   • Multi-Phased Attacks

   • Teaming and Attack Structure

   • Engagement Planner

   • The Right Security Consultant

   • The Tester

   • Logistics

   • Intermediates

   • Law Enforcement

---

Unit III: Preparing for a Hack

1. Technical Preparation

2. Managing the Engagement

3. Reconnaissance:

   • Social Engineering

   • Physical Security

   • Internet Reconnaissance

---

Unit IV: Enumeration

1. Enumeration Techniques

2. Soft Objective

3. Looking Around or Attack

4. Elements of Enumeration

5. Preparing for the Next Phase

6. Exploitation:

   • Intuitive Testing

   • Evasion

   • Threads and Groups

   • Operating Systems

   • Password Crackers

   • RootKits

   • Applications

   • Wardialing

   • Network

   • Services and Areas of Concern

---

Unit V: Deliverable

1. The Deliverable

2. The Document

3. Overall Structure

4. Aligning Findings

5. Presentation Integration:

   • Integrating the Results

   • Integration Summary

   • Mitigation

   • Defense Planning

   • Incident Management

   • Security Policy

---