Q/EH® Qualified Ethical Hacker and Q/EH Exam (CEH™ Prep)
Q/EH Qualified Ethical Hacker class is SERIOUS TACTICAL hands-on hacking, a STEP-UP from the C/EH nowhere will you get a better ethical hacking class that will qualify your security defense skills and set you apart from your peers! SU is where "Qualified" happens.
Security University's Qualified Ethical Hacker curriculum /SU Educational Skills Certification is the only CNSS approved Ethical Hacking curriculum. Again, no where will you get more complete hacking knowledge & skills that are NSA/ CNSS approved. No old hacking tools, no death by powerpoint like C/EH V6. We know we wrote the book on C/EH V5!
SU wrote the CEH V5 Study Guide. For the Q/EH we stepped it up and created more than 35 hands-on tactical security labs just for this qualification. Now take the Q/EH® Qualified/ Ethical Hacker class from the experts in the "Art of Security Hacking". Q/EH exam the last day of class, once you pass, you'll achieve a SU CNSS-approved class Education certificate . Again the only Ethical Hacking class recognized by the NSA and awaiting NCOA Certification approval.
We want you to succeed. Security University has a 99% pass rate. We are dedicated to your success. We constantly add new tools and update SU hacking labs to keep you motivated and expand your tactical security knowledge & hacking skills.
New! Multiple VM's on each laptop, the latest BackTrack and Linux tool kits
Core Impact 8IP, 7-Day LICENSE FREE CD with every class registration!
New Saint Vulnerability scanner & exploitation tool and discount code
Expert Instructors
99% pass rate, highest pass rate in the industry
100% Satisfaction Guarantee
Qualified Training for Qualified Results! This class is CNSS-approved!
No book can substitute for the real thing... When you leave this intensive 5 day class you will be Qualified with a real life understanding of Ethical Hacking and Defense.
"Yes. Pls quote me, The instructor was great, he was very knowledgeable. I had CEH and CHFI training from another vendor and I did receive certification but I wish I had attended your classes instead, I would have learned much more." Americo 2008
Qualified Training for Qualified Results! Security University is CNSS /NSA-approved!
What is a Q/ISP "Qualified" Information Security Professional? A Q/ISP is a person who has successfully passed Security University's Q/ISP online 125 question certification exam. The Q/ISP certification does not require you to attend any classes. The Q/ISP certification is awaiting ANSI's 17042 approval.
A "Qualified" Q/ISP is a person that has an attained 4 SU Education Certifications from attending each of the 4 Q/ISP classes that validate tactical security skills - Q/EH, Q/SA with Q/PTL, Q/EP & Q/FE classes with hands-on labs and online exams. (awaiting NOCA Approval)
Prior to 2008, if you attended Security University's EC-Council Authorized CEH, ECSA,CHFI classes and passed the exams your eligible for the Q/ISP Qualified Education Certifications.
Since 2004 SU has certified over 680 ECSA/ Q/SA Qualified Security Analysts Penetration Testers in 3 countries!
Customize your Q/SA Q/PTL + ECSA training program today!
Download the 2008 SU Computer Security Class Roadmap.
Class Tuition & Bonuses
Instruction and review with an experienced master hacker
Q/EH Exam on site last day of class
Access to Security University's IT Professional Reference Library of targeted pre-class reading, with:
Free download of Linux & 400+ up-to-date hacking tools and exploits
QEH Qualified Ethical Hacker, tests on the following 22 domains.
1.
Reconnaissance
13.
Hacking Wireless Networks
2.
Scanning
14.
Hacking Web Servers
3.
Enumeration
15.
Web Application Vulnerabilities
4.
Sniffing
16.
Password Cracking Techniques
5
System Hacking
17
Physical security
6.
Buffer Overflows
18
Social Engineering
7.
SQL Injection
19
Hacking Linux
8.
Virus Worms Trojans Rootkits
20.
IDS, Firewalls and Honeypots
9
Denial of Service
21
Cryptography
10.
Session Hijacking
22.
Penetration Testing Methods
Q/EH class domains ( CEH Prep materials are provided as pre-class reading materials)
Footprinting • Define the term Footprinting
• Describe information gathering methodology
• Describe competitive intelligence
• Understand DNS enumeration
• Understand Whois, ARIN lookup
• Identify different types of DNS records
• Understand how traceroute is used in Footprinting
• Understand how e-mail tracking works
• Understand how web spiders work
Scanning • Define the term port scanning, network scanning and vulnerability scanning
• Understand the Q/EH scanning methodology
• Understand Ping Sweep techniques
• Understand nmap command switches
• Understand SYN, Stealth, XMAS, NULL, IDLE and FIN scans
• List TCP communication flag types
• Understand War dialing techniques
• Understand banner grabbing and OF fingerprinting techniques
• Understand how proxy servers are used in launching an attack
• How does anonymizers work
• Understand HTTP tunneling techniques
• Understand IP spoofing techniques
Enumeration • What is Enumeration?
• What is meant by null sessions
• What is SNMP enumeration?
• What are the steps involved in performing enumeration?
Sniffers • Understand the protocol susceptible to sniffing
• Understand active and passive sniffing
• Understand ARP poisoning
• Understand ethereal capture and display filters
• Understand MAC flooding
• Understand DNS spoofing techniques
• Describe sniffing countermeasure
System hacking • Understanding password cracking techniques
• Understanding different types of passwords
• Identifying various password cracking tools
• Understand Escalating privileges
• Understanding keyloggers and other spyware technologies
• Understand how to Hide files
• Understanding rootkits
• Understand Steganography technologies
• Understand how to covering your tracks and erase evidences
Buffer Overflows • Overview of stack based buffer overflows
• Identify the different types of buffer overflows and methods of detection
• Overview of buffer overflow mutation techniques
SQL Injection • What is SQL injection?
• Understand the Steps to conduct SQL injection
• Understand SQL Server vulnerabilities
• Describe SQL Injection countermeasures
Virus and Worms • Understand the difference between an virus and a Worm
• Understand the types of Viruses
• How a virus spreads and infects the system
• Understand antivirus evasion techniques
• Understand Virus detection methods
Trojans and Backdoors • What is a Trojan?
• What is meant by overt and covert channels?
• List the different types of Trojans
• What are the indications of a Trojan attack?
• Understand how “Netcat” Trojan works
• What is meant by “wrapping”
• How does reverse connecting Trojans work?
• What are the countermeasure techniques in preventing Trojans?
• Understand Trojan evading techniques
Denial of Service • Understand the types of DoS Attacks
• Understand how DDoS attack works
• Understand how BOTs/BOTNETS work
• What is “smurf” attack
• What is “SYN” flooding
• Describe the DoS/DDoS countermeasures
Session Hijacking • Understand Spoofing vs. Hijacking
• List the types of Session Hijacking
• Understand Sequence Prediction
• What are the steps in performing session hijacking
• Describe how you would prevent session hijacking
Wireless Hacking • Overview of WEP, WPA authentication systems and cracking techniques
• Overview of wireless Sniffers and SSID, MAC Spoofing
• Understand Rogue Access Points
• Understand Wireless hacking techniques
• Describe the methods in securing wireless networks
Hacking Web Servers • List the types of web server vulnerabilities
• Understand the attacks Against Web Servers
• Understand IIS Unicode exploits
• Understand patch management techniques
• Understand Web Application Scanner
• What is Metasploit Framework?
• Describe Web Server hardening methods
Web Application Vulnerabilities • Understanding how web application works
• Objectives of web application hacking
• Anatomy of an attack
• Web application threats
• Understand Google hacking
• Understand Web Application Countermeasures
Physical Security • Physical security breach incidents
• Understanding physical security
• What is the need for physical security?
• Who is accountable for physical security?
• Factors affecting physical security
Social Engineering • What is Social Engineering?
• What are the Common Types of Attacks
• Understand Dumpster Diving
• Understand Reverse Social Engineering
• Understand Insider attacks
• Understand Identity Theft
• Describe Phishing Attacks
• Understand Online Scams
• Understand URL obfuscation
• Social Engineering countermeasures
Linux Hacking • Understand how to a Linux Kernel
• Understand GCC compilation commands
• Understand how to install LKM modules
• Understand Linux hardening methods
IDS, Honeypots and Firewalls • List the types of Intrusion Detection Systems and evasion techniques
• List firewall and honeypot evasion techniques
Cryptography • Overview of cryptography and encryption techniques
• Describe how public and private keys are generated
• Overview of MD5, SHA, RC4, RC5, Blowfish algorithms
Penetration Testing Methodologies • Overview of penetration testing methodologies
• List the penetration testing steps
• Overview of the Pen-Test legal framework
• Overview of the Pen-Test deliverables
• List the automated penetration testing tools
