Licensed Penetration Tester (LPT) Master Bootcamp (CS6171)

EC-Council LPT Master - Eccentrix

Licensed Penetration Tester (LPT) - the highest level of certification from EC-Council in intrusion and penetration testing. One of the most recognized cybersecurity programs in the world.

Our training roadmap is offering the most important topics to master in the domain of ethical hacking. All of it providing knowledge that is a direct preparation to the certification exam - an exam based on a practical and complex lab scenario, with an intrusion methodology aimed at demonstrating your rigourous experience in the multiple challenges presented. 18 hours are allowed to get through nine challenges, divided in three levels of difficulty.

During the training, conceived steps will provide a comprehensive knowledge on offensive security for the ultimate objective - help you achieve your exam and become a Licensed Penetration Tester (LPT) Master!

EC-Council LPT Master - EccentrixEC-Council LPT Master - EccentrixEC-Council LPT Master - EccentrixEC-Council LPT Master - EccentrixEC-Council LPT Master - EccentrixEC-Council LPT Master - Eccentrix

Our topics are prensented through three different known EC-Council trainings:

EC-Council kursevi - Eccentrix

Pohađajte naše zvanične EC-Council obuke u Beogradu, putem virtuelne učionice (online, uživo) ili u vašim prostorijama (on-site).

Specijalni popusti se odobravaju prilikom prijave više učesnika koji istovremeno pohađaju obuku iz vaše kompanije, državni i neprofitni sektor, itd. Kontaktirajte nas da biste saznali više.

Termini obuke

Beograd
Planirani datumPlanirani datum
02.11.2020
5495€
 
Srpski
Novi Sad
Planirani datumPlanirani datum
02.11.2020
5495€
 
Srpski
Virtuelna učionica
Planirani datumPlanirani datum
02.11.2020
5195€
 
Srpski
Beograd
Planirani datumPlanirani datum
22.02.2021
5495€
 
Srpski
Novi Sad
Planirani datumPlanirani datum
22.02.2021
5495€
 
Srpski
Virtuelna učionica
Planirani datumPlanirani datum
22.02.2021
5195€
 
Srpski
5195€
Trajanje obuke: 
15 dana / 105 sati

Privatni trening

On-site / Online
Minimalan broj polaznika: 3
15 dana / 105 sati
Cena na zahtev
srpski ili engleski
Plan obuke: 

Certified Network Defender (CND) (CS6156)

The Certified Network Defender (CND) course is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on a job-task analysis and cybersecurity education framework by the National Initiative of Cybersecurity Education (NICE). The course has also been mapped to global job roles and to the Department of Defense (DoD) job roles for system/network administrators. 

The program prepares network administrators on network security technologies and operations to attain Defense-in-Depth network security preparedness. It covers the protect, detect and respond approach to network security. The course contains hands-on labs, based on major network security tools and techniques which will provide network administrators real world expertise on current network security technologies and operations. The study-kit provides over 10 GB of network security best practices, assessments and protection tools. The kit also contains templates for various network policies and white papers for additional learning.

Module 1: Computer Network and Defense Fundamentals

  • Network Fundamentals
  • Network Components 
  • TCP/IP Networking Basics
  • TCP/IP Protocol Stack
  • IP Addressing
  • Computer Network Defense (CND)
  • CND Triad
  • CND Process
  • CND Actions
  • CND Approaches

Module 2: Network Security Threats, Vulnerabilities, and Attacks

  • Essential Terminologies
  • Network Security Concerns
  • Network Security Vulnerabilities
  • Network Reconnaissance Attacks
  • Network Access Attacks
  • Denial of Service (DoS) Attacks
  • Distributed Denial-of-Service Attack (DDoS)
  • Malware Attacks

Module 3: Network Security Controls, Protocols, and Devices

  • Fundamental Elements of Network Security
  • Network Security Controls
  • Types of Access Control
  • User Identification, Authentication, Authorization and Accounting
  • Types of Authorization Systems
  • Authorization Principles
  • Cryptography
  • Security Policy
  • Network Security Devices
  • Network Security Protocols

Module 4: Network Security Policy Design and Implementation

  • What is Security Policy?
  • Internet Access Policies
  • Acceptable-Use Policy
  • User-Account Policy
  • Remote-Access Policy
  • Information-Protection Policy
  • Firewall-Management Policy
  • Special-Access Policy
  • Network-Connection Policy
  • Business-Partner Policy
  • Email Security Policy
  • Passwords Policy
  • Physical Security Policy
  • Information System Security Policy
  • Bring Your Own Devices (BYOD) Policy
  • Software/Application Security Policy
  • Data Backup Policy
  • Confidential Data Policy
  • Data Classification Policy
  • Internet Usage Policies
  • Server Policy
  • Wireless Network Policy
  • Incidence Response Plan (IRP)
  • User Access Control Policy
  • Switch Security Policy
  • Intrusion Detection and Prevention (IDS/IPS) Policy
  • Personal Device Usage Policy
  • Encryption Policy
  • Router Policy
  • Security Policy Training and Awareness
  • ISO Information Security Standards
  • Payment Card Industry Data Security Standard (PCI-DSS)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Information Security Acts: Sarbanes Oxley Act (SOX)
  • Information Security Acts: Gramm-Leach-Bliley Act (GLBA)
  • Information Security Acts: The Digital Millennium Copyright Act (DMCA) and Federal Information Security Management Act (FISMA)
  • Other Information Security Acts and Laws

Module 5: Physical Security

  • Physical Security
  • Access Control Authentication Techniques
  • Physical Security Controls
  • Other Physical Security Measures
  • Workplace Security
  • Personnel Security: Managing Staff Hiring and Leaving Process
  • Laptop Security Tool: EXO5
  • Environmental Controls
  • Physical Security: Awareness /Training
  • Physical Security Checklists

Module 6: Host Security

  • Host Security
  • OS Security
  • Linux Security
  • Securing Network Servers
  • Hardening Routers and Switches
  • Application/software Security
  • Data Security
  • Virtualization Security

Module 7: Secure Firewall Configuration and Management

  • Firewalls and Concerns
  • What Firewalls Does?
  • What should you not Ignore?: Firewall Limitations
  • How Does a Firewall Work?
  • Firewall Rules
  • Types of Firewalls
  • Firewall Technologies
  • Firewall Topologies
  • Firewall Rule Set & Policies
  • Firewall Implementation
  • Firewall Administration
  • Firewall Logging and Auditing
  • Firewall Anti-evasion Techniques
  • Why Firewalls are Bypassed?
  • Full Data Traffic Normalization
  • Data Stream-based Inspection
  • Vulnerability-based Detection and Blocking
  • Firewall Security Recommendations and Best Practices
  • Firewall Security Auditing Tools

Module 8: Secure IDS Configuration and Management

  • Intrusions and IDPS
  • IDS
  • Types of IDS Implementation
  • IDS Deployment Strategies
  • Types of IDS Alerts
  • IPS
  • IDPS Product Selection Considerations
  • IDS Counterparts

Module 9: Secure VPN Configuration and Management

  • Understanding Virtual Private Network (VPN)
  • How VPN works?
  • Why to Establish VPN ?
  • VPN Components
  • VPN Concentrators
  • Types of VPN
  • VPN Categories
  • Selecting Appropriate VPN
  • VPN Core Functions
  • VPN Technologies
  • VPN Topologies
  • Common VPN Flaws
  • VPN Security
  • Quality Of Service and Performance in VPNs

Module 10: Wireless Network Defense

  • Wireless Terminologies
  • Wireless Networks
  • Wireless Standard
  • Wireless Topologies
  • Typical Use of Wireless Networks
  • Components of Wireless Network
  • WEP (Wired Equivalent Privacy) Encryption
  • WPA (Wi-Fi Protected Access) Encryption
  • WPA2 Encryption
  • WEP vs. WPA vs. WPA2
  • Wi-Fi Authentication Method
  • Wi-Fi Authentication Process Using a Centralized Authentication Server
  • Wireless Network Threats
  • Bluetooth Threats
  • Wireless Network Security
  • Wi-Fi Discovery Tools
  • Locating Rogue Access points
  • Protecting from Denial-of-Service Attacks: Interference
  • Assessing Wireless Network Security
  • Wi-Fi Security Auditing Tool: AirMagnet WiFi Analyzer
  • WPA Security Assessment Tool
  • Wi-Fi Vulnerability Scanning Tools
  • Deploying Wireless IDS (WIDS) and Wireless IPS (WIPS)
  • WIPS Tool
  • Configuring Security on Wireless Routers
  • Additional Wireless Network Security Guidelines

Module 11: Network Traffic Monitoring and Analysis

  • Network Traffic Monitoring and Analysis(Introduction)
  • Network Monitoring: Positioning your Machine at Appropriate Location
  • Network Traffic Signatures
  • Packet Sniffer: Wireshark
  • Detecting OS Fingerprinting Attempts
  • Detecting PING Sweep Attempt
  • Detecting ARP Sweep/ ARP Scan Attempt
  • Detecting TCP Scan Attempt
  • Detecting SYN/FIN DDOS Attempt
  • Detecting UDP Scan Attempt
  • Detecting Password Cracking Attempts
  • Detecting FTP Password Cracking Attempts
  • Detecting Sniffing (MITM) Attempts
  • Detecting the Mac Flooding Attempt
  • Detecting the ARP Poisoning Attempt
  • Additional Packet Sniffing Tools
  • Network Monitoring and Analysis
  • Bandwidth Monitoring

Module 12: Network Risk and Vulnerability Management

  • What is Risk?
  • Risk Levels
  • Risk Matrix
  • Key Risk Indicators(KRI)
  • Risk Management Phase
  • Enterprise Network Risk Management
  • Vulnerability Management

Module 13: Data Backup and Recovery

  • Introduction to Data Backup
  • RAID (Redundant Array Of Independent Disks) Technology
  • Storage Area Network (SAN)
  • Network Attached Storage (NAS)
  • Selecting Appropriate Backup Method
  • Choosing the Right Location for Backup
  • Backup Types
  • Conducting Recovery Drill Test
  • Data Recovery
  • Windows Data Recovery Tool
  • RAID Data Recovery Services
  • SAN Data Recovery Software
  • NAS Data Recovery Services

Module 14: Network Incident Response and Management

  • Incident Handling and Response
  • Incident Response Team Members: Roles and Responsibilities
  • First Responder
  • Incident Handling and Response Process
  • Overview of IH&R Process Flow

Certified Ethical Hacker (CEHv10) (CS6154)

The Certified Ethical Hacker (CEH v10) training not only prepares you for the CEHv10 theory exam, but is also the key preparation to help you acquire the CEHv10 Practical certification - a rigourous practical test with a realistic lab environment. It is a class that every security professional should attend. It is the tenth version of the course - updated to provide you with skills, tools and techniques that cybercriminals use on computer networks. It gets you in the hackers universe to help you learn how cyberattackers are able to launch sophisticated attacks, aiming at discovering their techniques and helping you build a strong defense system. Think as a hacker and you will learn and know how to protect your systems! The CEHv10 uses a systematic approach to provide key knowledge based on ethical hacking principles.

You will learn how to scan networks, perform intrusion testing and the techniques to secure your information systems. This training dives in depth in the five phases of ethical hacking, that is reconnaissance, intrusions, network enumeration, network access and covering tracks. The tools and the techniques provided are unique and much detailed are delivered in an encyclopedic format.

Module 1: Introduction to Ethical Hacking

  • Information Security Overview
  • Information Security Threats and Attack Vectors
  • Hacking Concepts
  • Ethical Hacking Concepts
  • Information Security Controls
  • Penetration Testing Concepts
  • Information Security Laws and Standards

Module 2: Footprinting and Reconnaissance

  • Footprinting Concepts
  • Footprinting through Search Engines
  • Footprinting through Web Services
  • Footprinting through Social Networking Sites
  • Website Footprinting
  • Email Footprinting
  • Competitive Intelligence
  • Whois Footprinting
  • DNS Footprinting
  • Network Footprinting
  • Footprinting through Social Engineering
  • Footprinting Tools
  • Countermeasures
  • Footprinting Pen Testing

Module 3: Scanning Networks

  • Network Scanning Concepts
  • Scanning Tools
  • Scanning Techniques
  • Scanning Beyond IDS and Firewall
  • Banner Grabbing
  • Draw Network Diagrams
  • Scanning Pen Testing

Module 4: Enumeration

  • Enumeration Concepts
  • NetBIOS Enumeration
  • SNMP Enumeration
  • LDAP Enumeration
  • NTP Enumeration
  • SMTP and DNS Enumeration
  • Other Enumeration Techniques
  • Enumeration Countermeasures
  • Enumeration Pen Testing

Module 5: Vulnerability Analysis

  • Vulnerability Assessment Concepts
  • Vulnerability Assessment Solutions
  • Vulnerability Scoring Systems
  • Vulnerability Assessment Tools
  • Vulnerability Assessment Reports

Module 6: System Hacking

  • System Hacking Concepts
  • Cracking Passwords
  • Escalating Privileges
  • Executing Applications
  • Hiding Files
  • Covering Tracks
  • Penetration Testing

Module 7: Malware Threats

  • Malware Concepts
  • Trojan Concepts
  • Virus and Worm Concepts
  • Malware Analysis
  • Countermeasures
  • Anti-Malware Software
  • Malware Penetration Testing

Module 8: Sniffing

  • Sniffing Concepts
  • Sniffing Technique: MAC Attacks
  • Sniffing Technique: DHCP Attacks
  • Sniffing Technique: ARP Poisoning
  • Sniffing Technique: Spoofing Attacks
  • Sniffing Technique: DNS Poisoning
  • Sniffing Tools
  • Countermeasures
  • Sniffing Detection Techniques
  • Sniffing Pen Testing

Module 9: Social Engineering

  • Social Engineering Concepts
  • Social Engineering Techniques
  • Insider Threats
  • Impersonation on Social Networking Sites
  • Identity Theft
  • Countermeasures
  • Social Engineering Pen Testing

Module 10: Denial-of-Service

  • DoS/DDoS Concepts
  • DoS/DDoS Attack Techniques
  • Botnets
  • DDoS Case Study
  • DoS/DDoS Attack Tools
  • Countermeasures
  • DoS/DDoS Protection Tools
  • DoS/DDoS Penetration Testing

Module 11: Session Hijacking

  • Session Hijacking Concepts
  • Application Level Session Hijacking
  • Network Level Session Hijacking
  • Session Hijacking Tools
  • Countermeasures
  • Penetration Testing

Module 12: Evading IDS, Firewalls, and Honeypots

  • IDS, Firewall and Honeypot Concepts
  • IDS, Firewall and Honeypot Solutions
  • Evading IDS
  • Evading Firewalls
  • IDS/Firewall Evading Tools
  • Detecting Honeypots
  • IDS/Firewall Evasion Countermeasures
  • Penetration Testing

Module 13: Hacking Web Servers

  • Web Server Concepts
  • Web Server Attacks
  • Web Server Attack Methodology
  • Web Server Attack Tools
  • Countermeasures
  • Patch Management
  • Web Server Security Tools
  • Web Server Pen Testing

Module 14: Hacking Web Applications

  • Web App Concepts
  • Web App Threats
  • Hacking Methodology
  • Web App Hacking Tools
  • Countermeasures
  • Web App Security Testing Tools
  • Web App Pen Testing

Module 15: SQL Injection

  • SQL Injection Concepts
  • Types of SQL Injection
  • SQL Injection Methodology
  • SQL Injection Tools
  • Evasion Techniques
  • Countermeasures

Module 16: Hacking Wireless Networks

  • Wireless Concepts
  • Wireless Encryption
  • Wireless Threats
  • Wireless Hacking Methodology
  • Wireless Hacking Tools
  • Bluetooth Hacking
  • Countermeasures
  • Wireless Security Tools
  • Wireless Pen Testing

Module 17: Hacking Mobile Platforms

  • Mobile Platform Attack Vectors
  • Hacking Android OS
  • Hacking iOS
  • Mobile Spyware
  • Mobile Device Management
  • Mobile Security Guidelines and Tools
  • Mobile Pen Testing

Module 18: IoT Hacking

  • IoT Concepts
  • IoT Attacks
  • IoT Hacking Methodology
  • IoT Hacking Tools
  • Countermeasures
  • IoT Pen Testing

Module 19: Cloud Computing

  • Cloud Computing Concepts
  • Cloud Computing Threats
  • Cloud Computing Attacks
  • Cloud Security
  • Cloud Security Tools
  • Cloud Penetration Testing

Module 20: Cryptography

  • Cryptography Concepts
  • Encryption Algorithms
  • Cryptography Tools
  • Public Key Infrastructure (PKI)
  • Email Encryption
  • Disk Encryption
  • Cryptanalysis
  • Countermeasures

EC-Council Certified Security Analyst (ECSAv10) (CS6158)

The EC-Council Certified Security Analyst course is a rigourous hands-on program with labs and exercises that cover real world scenarios. By practicing the skills that are provided to you in the EC-Council Certified Security Analyst class, we are able to bring you up to speed with the skills to uncover the security threats that organizations are vulnerable to.

The training occurs with the use of EC-Council iLabs, a robust online lab platform that provided all the necessary tools, including operating systems and applications to assess vulnerabilities, try exploits, executs scripts and much more.

Our guided step-by-step labs include exercises with detailed tasks, supporting tools, and additional materials allowing you to launch a complete live range for any form of hacking or testing.

Module 1: Introduction to Penetration Testing and Methodologies

Module 2: Penetration Testing Scoping and Engagement Methodology

Module 3: Open-Source Intelligence (OSINT) Methodology

Module 4: Social Engineering Penetration Testing Methodology

Module 5: Network Penetration Testing Methodology – External

Module 6: Network Penetration Testing Methodology – Internal

Module 7: Network Penetration Testing Methodology – Perimeter Devices

Module 8: Web Application Penetration Testing Methodology

Module 9: Database Penetration Testing Methodology

Module 10: Wireless Penetration Testing Methodology

Module 11: Cloud Penetration Testing Methodology

Module 12: Report Writing and Post Testing Actions

Benefiti: 
  • Video snimak predavanja u periodu od 365 dana posle kraja obuke
  • Pristup laboratorijama putem Interneta 180 dana od kraja obuke

  • Tri vaučera za online polaganje ispita
  • Jednogodišnja pretplata na CodeRed platformu koja sadrži hiljade video snimaka iz domena informatičke bezbednosti
  • Ispitna pitanja (CND i CEH)

  • Materijal u elektronskom obliku
  • Zvaničan EC-Council sertifikat odslušanog kursa

  • Dodatna pogodnost za 2 ili više prijava: The STORM - sistem hakovanja sa svim vašim omiljenim alatima!

The STORM - Eccentrix

Poželjno predznanje: 
  • Knowledge of the operation of client and server operating systems (file systems, permissions, Windows security, Linux, etc.).
  • Basic knowledge of network protocols, for example TCP / IP.
  • General notions of server roles and services present in a network.
O sertifikaciji: 

The exam will require you to demonstrate mastery of deploying advanced pen testing techniques and tools including multi-level pivoting, OS vulnerabilities exploits, SSH tunnelling, host-based application exploits, privilege escalation, web server and web application exploitation such as arbitrary local and remote file upload, SQL injection and parameter manipulation, etc – all in a real life scenario on hardened machines, networks, and applications.

You will be facing the ticking clock and there’s no time to hesitate. There’s no time for second-guessing. Try either of these and be prepared to fail!

And you must know that while you are racing against time, you will be under the watchful eyes of the EC-Council proctors who will be online and live! This added pressure will test your mental strength.