Course Outline CEH Version 7
CEHv7 Curriculum consists of instructor-led training and self-study. The Instructor will provide the details of self-study modules to the students beginning of the class.
1. Introduction to Ethical Hacking
2. Footprinting and Reconnaissance
3. Scanning Networks
4. Enumeration
5. System Hacking
6. Trojans and Backdoors
7. Viruses and Worms
8. Sniffers
9. Social Engineering
10. Denial of Service
11. Session Hijacking
12. Hacking Webservers
13. Hacking Web Applications
14. SQL Injection
15. Hacking Wireless Networks
16. Evading IDS, Firewalls and Honeypots
17. Buffer Overflows
18. Cryptography
19. Penetration Testing
Please NOTE: All modules will be taught in the class and basic concepts of Linux Operating System and System Networking for student new to computing
The CISSP curriculum covers subject matter in a variety of Information Security topics. The CISSP examination is based on what (ISC)² terms the Common Body of Knowledge (or CBK). According to (ISC)², "the CISSP CBK is a taxonomy -- a collection of topics relevant to information security professionals around the world. The CISSP CBK establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss, debate and resolve matters pertaining to the profession with a common understanding."
The CISSP CBK is fundamentally based on the CIA triad, the core information security and assurance tenets: confidentiality, integrity and availability, and attempts to balance the three across ten areas of interest, which are also called domains.
The ten CBK domains are:
Access Control
Telecommunications and Network Security
Software Development Security
Cryptography
Security Architecture and Design
Operations Security
Business Continuity and Disaster Recovery Planning
Legal, Regulations, Investigations and Compliance
Physical (Environmental) Security
Requirements
Candidates for the CISSP must meet several requirements:
Possess a minimum of five years of direct full-time security work experience in two or more of the ten (ISC)² information security domains (CBK). One year may be waived for having either a four-year college degree, a Master's degree in Information Security, or for possessing one of a number of other certifications from other organizations. A candidate not possessing the necessary five years of experience may earn the Associate of (ISC)² designation by passing the required CISSP examination. The Associate of (ISC)² for CISSP designation is valid for a maximum of six years from the date (ISC)² notifies the candidate of having passed the exam. During those six years a candidate will need to obtain the required experience and submit the required endorsement form for certification as a CISSP. Upon completion of the professional experience requirements the certification will be converted to CISSP status.
Attest to the truth of their assertions regarding professional experience and accept the CISSP Code of Ethics.
Answer four questions regarding criminal history and related background.
Pass the CISSP exam with a scaled score of 700 points or greater out of 1000 possible points. The exam is multiple choice, consisting of 250 questions with four options each, to be answered over a period of six hours. 25 of the questions are experimental questions which are not graded.
Have their qualifications endorsed by another CISSP in good standing. The endorser attests that the candidate's assertions regarding professional experience are true to the best of their knowledge, and that the candidate is in good standing within the information security industry.