Scribd Logo
Upload

Welcome to Scribd!

  • CEH - 00 - Introduccion

    Uploaded by

    Johny
    67 views17 pages
    Introduccion al CEH

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Introduccion al CEH

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    67 views17 pages

    CEH - 00 - Introduccion

    Uploaded by

    Johny
    Introduccion al CEH

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 17

    Profesor

    MatiasKatz
    ConsultorIT
    TrainerIT
    EspecialistaenSeguridadInformtica
    8aosdeexperiencia
    Mail:matias@matiaskatz.com
    Blog:www.matiaskatz.com

    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    02

    Presentaciones

    Nombre
    Empresa
    Cargo/Rol
    ResponsabilidadesdelCargo
    ExperienciaenInfraestructurasInformticas
    ExperienciaenSeguridadInformtica
    ExpectativasdelCurso
    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    03

    Terminologas
    Hacker:
    Unapersonacuriosayentusiastaquedisfrutadeaprendersobrelossistemas
    decomputacinylasposibilidadesdeexpandirsusalcancesmediante
    tcnicasavanzadasdeusodeequiposinformticos
    Hacking:
    Prcticaqueabarcaeldesarrolloyusodesistemasymetodologas
    paralaexpansindedichosalcances,confinesacadmicos
    Cracker:
    Unapersonaqueutilizasusconocimientos
    deHackingconfinesmaliciosos
    (Tambinselallamaas alagalletitasalada)
    EthicalHacker:
    Unprofesionaldeseguridadqueutilizasus
    conocimientosdeHackingconfinesdefensivos
    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    04

    TareasdeunEthicalHacker
    Determinarelniveldeseguridaddeunainfraestructuraysuinformacin:
    Qu niveldeaccesoalainformacinyrecursosdelsistematiene
    unusuarionoautorizado?
    Qu medidaspreventivas,detectivasy/ocorrectivashayestablecidas
    parareducirdichonivel?
    Estamosenriesgo?
    Paralograrlo,sedebenrealizarlassiguientestareas:
    PenetrationTesting
    VulnerabilityAssessments
    PlanesdeProteccin
    AuditorasConstantes
    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    05

    CEH
    SiglasdeCertifiedEthicalHacker
    EsunacertificacinotorgadaporelECCouncil (www.eccouncil.org)
    Est dirigidaaAdministradoresdeSistemasyResponsablesdeSeguridad
    Requieredeunbackgroundtcnicoavanzado
    PasosparaCertificar:
    Demostrar2aosdeexperienciaenSeguridadInformtica
    CompletarelCommonBodyofKnowledge(67mdulos)
    Llenarelformulariodeadmisinyesperarsuaprobacin
    AprobarelExamenEC0350
    ReCertificarobteniendoECCouncilContinuing
    EducationCredits(ECE)
    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    06

    CEH(Cont.)
    ExamendeCertificacin
    AsistidoporComputadora
    4HorasdeDuracin
    100%MultipleChoice
    Aprobacinconun70%
    Costo:U$S250
    RegistracinatravsdePrometric
    Links:
    www.eccouncil.org/certification/certified_ethical_hacker.aspx
    www.eccouncil.org/training/assessments.aspx
    www.eccouncil.org/certification/exam_information/ceh_exam_31250.aspx
    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    07

    CommonBodyofKnowledge 67Mdulos
    Module01:IntroductiontoEthicalHacking
    Module02:HackingLaws
    Module03:Footprinting
    Module04:GoogleHacking
    Module05:Scanning
    Module06:Enumeration
    Module07:SystemHacking
    Module08:TrojansandBackdoors
    Module09:VirusesandWorms
    Module10:Sniffers
    Module11:SocialEngineering
    Module12:Phishing
    Module13:HackingEmailAccounts
    Module14:DenialofService
    Module15:SessionHijacking
    Module16:HackingWebServers
    Module17:WebApplication
    Vulnerabilities

    Module18:WebBasedPassword
    CrackingTechniques
    Module19:SQLInjection
    Module20:HackingWirelessNetworks
    Module21:PhysicalSecurity
    Module22:LinuxHacking
    Module23:EvadingIDS,Firewallsand
    DetectingHoneyPots
    Module24:BufferOverflows
    Module25:Cryptography
    Module26:PenetrationTesting
    Module27:CovertHacking
    Module28:WritingVirusCodes
    Module29:AssemblyLanguageTutorial
    Module30:ExploitWritingModule31:
    SmashingtheStackforFunandProfit
    Module32:WindowsBasedBuffer
    OverflowExploitWriting

    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    08

    CommonBodyofKnowledge 67Mdulos(Cont.)
    Module33:ReverseEngineering
    Module34:MACOSXHacking
    Module35:HackingRouters,cable
    ModemsandFirewalls
    Module36:HackingMobilePhones,PDA
    andHandheldDevices
    Module37:BluetoothHacking
    Module38:VoIPHacking
    Module39:RFIDHacking
    Module40:Spamming
    Module41:HackingUSBDevices
    Module42:HackingDatabaseServers
    Module43:CyberWarfare Hacking,Al
    QaidaandTerrorism
    Module44:InternetContentFiltering
    Techniques
    Module45:PrivacyontheInternet
    Module46:SecuringLaptopComputers

    Module47:SpyingTechnologies
    Module48:CorporateEspionage Hacking
    UsingInsiders
    Module49:CreatingSecurityPolicies
    Module50:SoftwarePiracyandWarez
    Module51:HackingandCheatingOnline
    Games
    Module52:HackingRSSandAtom
    Module53:HackingWebBrowsers
    (Firefox,IE)
    Module54:ProxyServerTechnologies
    Module55:DataLossPrevention
    Module56:HackingGlobalPositioning
    System(GPS)
    Module57:ComputerForensicsand
    IncidentHandling
    Module58:CreditCardFrauds
    Module59:HowtoStealPasswords

    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    09

    CommonBodyofKnowledge 67Mdulos(Cont.)
    Module60:FirewallTechnologies
    Module61:ThreatsandCountermeasures
    Module62:CaseStudies
    Module63:Botnets
    Module64:EconomicEspionage
    Module65:PatchManagement
    Module66:SecurityConvergence
    Module67:IdentifyingtheTerrorist

    Osea,muchsimos

    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    10

    Currculadelcurso
    ConceptosdelHacking
    Hacking101
    Hacking&Software
    InternetHacking
    SystemHacking
    DeviceHacking
    NetworkHacking
    PenetrationTesting
    HackingPrevention
    WebHacking
    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    11

    Contenidosincludosenelcurso
    Teora
    Prctica
    Debates
    Demostraciones
    Autoestudio
    Mailings
    Workshops
    Materiales
    Exmenes

    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    12

    PreguntadeExamenEjemplo 1

    Inthecontextofpassword,whatisabruteforceattack?

    A. Youblackmailsomeonetomakethemgiveuptheirpassword
    B. Youcreatehashesofalargenumberofwordsandcompareitwith the
    encryptedpasswordvalue
    C. Youtryeverysinglepossibility
    D. Youwaituntilthepasswordexpires

    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    13

    PreguntadeExamenEjemplo 2
    Whatportswouldyoublockonyourfirewalltoensurethat
    NetBIOStrafficisNOTcomingthroughthefirewallifyouhave
    amixedWindowsNT,2000and2003environment?
    (Chooseallthatapply)
    A.21
    B.25
    C.53
    D.110
    E.111
    F.135
    G.139
    H.389
    I.445
    J.1024
    K.1434
    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    14

    PreguntadeExamenEjemplo 3
    Yourassessmentteamisconductingapentestagainsta
    company'sinternalwebsite.Oneoftheteammembers
    receivedthefollowingerrorswhilereviewingthesite:
    "MicrosoftOLEDBProviderforODBCDriverserror80040e14.
    Whatdoesthismean?
    A. ThesiteisvulnerabletotheUnicodeexploit
    B. ThesiteisvulnerabletoSQLinjection
    C. Theteammemberhasattemptedtoaccesstheglobal.asafileandhascaused
    abufferoverflow
    D. Theteammemberhasaccessedawebpagethatcontainsawebbugorerror

    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    15

    BeneficiosdecertificarCEH

    Paraelprofesional:
    Adquirirconocimientos
    Diferenciarsedelresto
    Posibilidaddeaplicaraunmejorempleo
    Demostraraprendizajeyexperienciaenelrea
    Paralaorganizacin:
    Cumplirconnormasy/oregulaciones
    Diferenciarsedelresto
    Crecerenelmercado
    Afianzarsuimagenycalidaddeservicioantepotencialesclientes

    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    16

    Referencias

    http://www.eccouncil.org
    http://www.cccure.org
    http://www.wikipedia.org
    http://www.amazon.com
    http://www.mkit.com.ar
    http://www.matiaskatz.com
    Mailsalprofe

    CertifiedEthicalHackerTraining IntroduccinaCEH
    Copyright MkitArgentina www.mkit.com.ar

    17

    You might also like