Certified Ethical Hacking and

Security Professional
VS-1078
Certified Ethical Hacking and Security Professional
www.vskills.in


C CC Certified ertified ertified ertified Ethical Hacking and Security Ethical Hacking and Security Ethical Hacking and Security Ethical Hacking and Security
Professional Professional Professional Professional
Certification Code Certification Code Certification Code Certification Code VS-1078
Vskills certification for Ethical Hacking and Security Professional assesses the candidate for
testing and managing companys information security! "he certification tests the candidates
on #arious areas in ethical hacking and security $hich includes kno$ledge of ethics and
countermeasures for attacks on system% net$ork &$ired and $ireless'% operating system
&(indo$s and )inu*' and $e+ +ased attacks!
( (( (hy should one take this certification, hy should one take this certification, hy should one take this certification, hy should one take this certification,
"his Course is intended for professionals and graduates $anting to e*cel in their chosen
areas! -t is also $ell suited for those $ho are already $orking and $ould like to take
certification for further career progression!
Earning Vskills Ethical Hacking and Security Professional Certification can help candidate
differentiate in today.s competiti#e /o+ market% +roaden their employment opportunities +y
displaying their ad#anced skills% and result in higher earning potential!
(ho $ill +enefit from taking this certification, (ho $ill +enefit from taking this certification, (ho $ill +enefit from taking this certification, (ho $ill +enefit from taking this certification,
0o+ seekers looking to find employment in -" or information security department of
#arious companies% students generally $anting to impro#e their skill set and make their CV
stronger and e*isting employees looking for a +etter role can pro#e their employers the
#alue of their skills through this certification
"est 1etails "est 1etails "est 1etails "est 1etails
1ur 1ur 1ur 1uration2 ation2 ation2 ation2 30 minutes
4o! of 5uestions2 4o! of 5uestions2 4o! of 5uestions2 4o! of 5uestions2 60
7a*imum marks2 7a*imum marks2 7a*imum marks2 7a*imum marks2 60% Passing marks2 86 &609'
"here is no negati#e marking in this module!
:ee Structure :ee Structure :ee Structure :ee Structure
;s! <000=- &-ncludes all ta*es'
Companies Companies Companies Companies that hire Vskills Certified that hire Vskills Certified that hire Vskills Certified that hire Vskills Certified Ethical Hacking and Security Ethical Hacking and Security Ethical Hacking and Security Ethical Hacking and Security
Professional Professional Professional Professional
Ethical Hacking and Security professionals are in great demand! Pri#ate and pu+lic
companies are constantly hiring kno$ledgea+le professionals for their testing and
management of information security measures for a secured en#ironment!

Certified Ethical Hacking and Security Professional
www.vskills.in

Table of Contents

1! 1! 1! 1! -ntroduction -ntroduction -ntroduction -ntroduction
1.1 Ethical Hacking evolution and hacktivism
1.2 Need and technical terms
1.3 Skills needed and stages of hacking

8! 8! 8! 8! Ethics Ethics Ethics Ethics
2.1 Moral direction and hacker ethics principles
2.2 Security grey areas
2.3 Cyberlaws (IT Act, etc.)

<! <! <! <! Planning Planning Planning Planning
3.1 Maintain anonymity
3.2 Goal setting and target system identification
3.3 Structuring, executing and reporting penetration test

>! >! >! >! Cryptography Cryptography Cryptography Cryptography
4.1 Evolution and data encryption methods
4.2 Symmetric and Asymmetric key Cryptography
4.3 Private and public key exchange
4.4 Secret key cryptography
4.5 Message Authentication and Hash functions
4.6 Digital Signatures and public key infrastructure

6! 6! 6! 6! :ootprinting :ootprinting :ootprinting :ootprinting
5.1 Information gathering
5.2 DNS, whois and ARIN records
5.3 Using traceroute, e-mail and web spider tracing

3! 3! 3! 3! Social Engineering Social Engineering Social Engineering Social Engineering
6.1 Concepts
6.2 Attack types (phishing, identity theft, URL obfuscation)
6.3 Social network and call center social engineering

7! 7! 7! 7! Physic Physic Physic Physical Security al Security al Security al Security
7.1 Basics and need
7.2 Techniques employed (dumpster driving, smoking doors, etc.)

8! 8! 8! 8! 4et$ork 4et$ork 4et$ork 4et$ork Scanning and Enumeration Scanning and Enumeration Scanning and Enumeration Scanning and Enumeration
8.1 Scanning techniques (TCP scanning, ping sweep, OS fingerprinting, etc.)
8.2 Scanners and analyzers like Nmap, backtrack Linux, metasploit, etc.
8.3 HTTP tunneling and IP spoofing
8.4 Enumerating null sessions and SNMP enumeration
Certified Ethical Hacking and Security Professional
www.vskills.in

?! ?! ?! ?! 4et$ork @ttacks 4et$ork @ttacks 4et$ork @ttacks 4et$ork @ttacks
9.1 TCP/IP packet formats and ports
9.2 Router, switch and firewall vulnerability and security
9.3 DoS, DDoS, session hijacking

10! 10! 10! 10! (ireless 4et$orks (ireless 4et$orks (ireless 4et$orks (ireless 4et$orks
10.1 WEP, WPA authentication and WLAN discovery
10.2 Attack techniques like MAC spoofing, DoS, etc.
10.3 WLAN countermeasures

11! 11! 11! 11! System Hacking System Hacking System Hacking System Hacking
11.1 Password relevance, types and vulnerabilities
11.2 Spyware, root kit and steganography
11.3 Trojans, worms, backdoors and sniffers

18! 18! 18! 18! (indo$s Hacking (indo$s Hacking (indo$s Hacking (indo$s Hacking
12.1 Windows vulnerabilities
12.2 Null sessions, sharing, patches and NetBIOS
12.3 Windows memory protection, SEH and OllyDbg

1<! 1<! 1<! 1<! )inu* Hacking )inu* Hacking )inu* Hacking )inu* Hacking
13.1 Services and rhosts files
13.2 NFS and buffer overflow
13.3 Kernel patching

1>! 1>! 1>! 1>! (e+ Hacking (e+ Hacking (e+ Hacking (e+ Hacking
14.1 SSH, FTP, telnet and E-mail attacks, and cache poisoning
14.2 Web server misconfiguration and password cracking
14.3 XSS, CSRF, SQL injection and man in middle attack
14.4 VoIP attacks like eavesdropping, DoS, etc.

16! 16! 16! 16! Emerging "rends Emerging "rends Emerging "rends Emerging "rends
15.1 Cloud security
15.2 Mobile security












Certified Ethical Hacking and Security Professional
www.vskills.in

Course Autline Course Autline Course Autline Course Autline


-ntroduction -ntroduction -ntroduction -ntroduction
Understanding the evolution of ethical hacking and emerging concept of hacktivism
Explaining the need for ethical hacking and technical terms associated with it.
Describing the skills needed for ethical hacking and the various stages of hacking

Ethics Ethics Ethics Ethics
Illustrating the moral direction and hacker ethics principles to follow
Detailing the security grey areas to be careful of and cyber laws as IT Act, etc.

Planning Planning Planning Planning
Explaining the precautions for maintaining anonymity during hacking
Detailing the relevance of goal setting and target system identification for hacking
Describing the process of structuring, executing and reporting penetration test

Cryptography Cryptography Cryptography Cryptography
Illustrating the evolution of cryptography and different data encryption ciphers used
Detailing the concepts and techniques for symmetric and asymmetric key
cryptography and private and public key exchange
Understanding the various techniques of secret key cryptography
Explaining the basics of message authentication, hash function, digital signature and
public key infrastructure (PKI)

:ootprinting :ootprinting :ootprinting :ootprinting
Understanding the importance and need for information gathering in hacking
Utilizing the DNS, whois and ARIN records for footprinting
Using traceroute, e-mail and web spider tracing tools to scan the target

Social Engineering Social Engineering Social Engineering Social Engineering
Explaining the concepts of social engineering and
Describing the various attack types like phishing, identity theft, URL obfuscation, etc.
for social engineering and using social network and call center for the same.

Physical Security Physical Security Physical Security Physical Security
Detailing the basics and need for physical security
Illustrating various techniques employed like dumpster driving, smoking doors etc.

4et$ork 4et$ork 4et$ork 4et$ork Scanning and Enumeration Scanning and Enumeration Scanning and Enumeration Scanning and Enumeration
Understanding various scanning techniques like TCP scanning, ping sweep, OS
fingerprinting, etc. and usage of scanners and analyzers tools for same
Explaining the concepts of HTTP tunneling and IP spoofing
Describing the method for enumerating null sessions and SNMP enumeration

Certified Ethical Hacking and Security Professional
www.vskills.in

4et$ork @ttacks 4et$ork @ttacks 4et$ork @ttacks 4et$ork @ttacks
Understanding the various TCP/IP packet formats and ports used
Detailing vulnerabilities and security countermeasures for router, switch and firewall
Describing the concept of network attack like DoS, DDoS, session hijacking

(ireless 4et$orks (ireless 4et$orks (ireless 4et$orks (ireless 4et$orks
Illustrating the concepts of WEP, WPA authentication and WLAN discovery
Describing the application of attack techniques like MAC spoofing, DoS, etc.
Explaining the various WLAN countermeasures to use against attacks

System Hacking System Hacking System Hacking System Hacking
Detailing the relevance, types and vulnerabilities of password
Explaining the concepts and application of spy ware, rootkit, steganography, trojans,
worms, backdoors and sniffers

(indo$s Hacking (indo$s Hacking (indo$s Hacking (indo$s Hacking
Understanding the different vulnerabilities in windows operating system like null
sessions, sharing, patches and NetBIOS
Describing windows memory protection, SEH and usage of OllyDbg for debugging

)inu* Hacking )inu* Hacking )inu* Hacking )inu* Hacking
Explaining the importance of services and rhosts files in Linux
Describing the vulnerabilities in NFS, buffer overflow and kernel patching

(e+ Hacking (e+ Hacking (e+ Hacking (e+ Hacking
Illustrating the different attacks on SSH, FTP, telnet and E-mail and techniques for
DNS and ARP cache poisoning
Understanding the Web server misconfiguration vulnerability
Explaining the techniques of web server password cracking, XSS, CSRF, SQL
injection and man in middle attack
Describing the various VoIP attacks like eavesdropping, DoS, etc.

Emerging "rends Emerging "rends Emerging "rends Emerging "rends
Detailing emerging vulnerabilities and countermeasures for cloud and mobile security











Certified Ethical Hacking and Security Professional
www.vskills.in

Sample Buestions Sample Buestions Sample Buestions Sample Buestions
1! 1! 1! 1! "he "he "he "he term 11oS e*pands to term 11oS e*pands to term 11oS e*pands to term 11oS e*pands to CCCCCCC! CCCCCCC! CCCCCCC! CCCCCCC!
@! 1i#isi#e 1enial of Ser#ice
D! 1istri+uted 1enial of Ser#ice
C! 1etailed 1enial of Ser#ice
1! 4one of the a+o#e

8 88 8! "he ! "he ! "he ! "he soft$are 7etasploit is used for CCCCCCC! soft$are 7etasploit is used for CCCCCCC! soft$are 7etasploit is used for CCCCCCC! soft$are 7etasploit is used for CCCCCCC!
@! @nti-#irus
D! Vulnera+ility @ssessment
C! @nti-mal$are
1! 4one of the a+o#e

< << <! "he ! "he ! "he ! "he term ESS refers to term ESS refers to term ESS refers to term ESS refers to CCCCCCC! CCCCCCC! CCCCCCC! CCCCCCC!
@! eEtended Site Scripting
D! eEtreme Secured Ser#ices
C! Cross site scripting
1! 4one of the a+o#e

> >> >! "he ! "he ! "he ! "he tool All1+g is used for analyFing code for $hich operating system CCCCCCC! tool All1+g is used for analyFing code for $hich operating system CCCCCCC! tool All1+g is used for analyFing code for $hich operating system CCCCCCC! tool All1+g is used for analyFing code for $hich operating system CCCCCCC!
@! 7icrosoft (indo$s
D! )inu*
C! 7acintosh
1! 4one of the a+o#e

6 66 6! "he ! "he ! "he ! "he operating sy operating sy operating sy operating system +ack track is used for stem +ack track is used for stem +ack track is used for stem +ack track is used for CCCCCCC! CCCCCCC! CCCCCCC! CCCCCCC!
@! Penetration testing
D! Virus scanning and remo#al
C! 7al$are scanning and remo#al
1! 4one of the a+o#e


Answers: 1 (B), 2 (B), 3 (C), 4 (A), 5 (A)