Cocok Banget Sama Kamu
Student
Fresh Graduate
Profesional

Ethical Hacking Essentials

Biaya :

  • Rp 850.000 (mahasiswa)
  • On Call (umum professional/non professional)

 

Informasi tambahan:

  • Pelatihan dilaksanakan secara Daring (online)
  • Materi dapat diakses secara self-learning setelah pendaftaran.
  • Mendapat fasilitas latihan persiapan ujian bersama tutor hingga 4 sesi secara daring (Online).

Materi Yang Akan Kamu Dapetin

Keamanan informasi adalah bidang yang kompleks dengan berbagai tantangan, seperti ancaman terhadap data dan sistem yang terus berkembang serta regulasi yang perlu dipatuhi. Penguasaan dasar-dasar etika peretasan (ethical hacking) sangat penting untuk memahami dan mengidentifikasi potensi ancaman serta kerentanannya. Ini mencakup pemahaman berbagai jenis malware, teknik peretasan kata sandi, dan cara menghadapinya. Teknik rekayasa sosial, ancaman dari dalam organisasi, pencurian identitas, serta serangan tingkat jaringan seperti sniffing, denial-of-service, dan pengambilalihan sesi memerlukan perhatian khusus, begitu juga dengan serangan di tingkat aplikasi seperti serangan terhadap server web, aplikasi web, dan SQL injection. Keamanan jaringan nirkabel dan ancaman terkait, serta pengelolaan perangkat mobile dan keamanan IoT (Internet of Things) juga merupakan area yang sangat penting. Terlebih lagi, ancaman yang berkembang pada platform cloud dan pengetahuan tentang uji penetrasi (pen testing) menjadi keterampilan kunci dalam melindungi sistem dari berbagai jenis serangan yang semakin canggih.

Kurikulum

  • Information Security Fundamentals
  • Information Security Laws and Regulations

Topics Covered:

  • Cyber Kill Chain Methodology
  • Hacking Concepts and Hacker Classes
  • Different Phases of Hacking Cycle
  • Ethical Hacking Concepts, Scope, and Limitations
  • Ethical Hacking Tools

Lab Exercise

  • Passive Footprinting to Gather Information About a Target
  • Network Scanning to Identify Live Hosts, Open Ports and Services and Target OS in the Network
  • Enumeration on a System or Network to Extract Usernames, Machine Names, Network Resources, Shares, etc

Topics Covered:

  • Threat and Threat Sources
  • Malware and its Types
  • Malware Countermeasures
  • Vulnerabilities
  • Vulnerability Assessment

Lab Exercise

  • Vulnerability Assessment to Identify Security Vulnerabilities in the Target System or Network

Topics Covered:

  • Password Cracking Techniques
  • Password Cracking Tools
  • Password Cracking Countermeasures

Lab Exercise

  • Perform Active Online Attack to Crack the System’s Password
  • Audit System Passwords

Topics Covered:

  • Social Engineering Concepts and its Phases
  • Social Engineering Techniques
  • Insider Threats and Identity Theft
  • Social Engineering Countermeasures

Lab Exercise

  • Social Engineering using Various Techniques to Sniff Users’ Credentials
  • Detect a Phishing Attack

Topics Covered:

  • Packet Sniffing Concepts
  • Sniffing Techniques
  • Sniffing Countermeasures
  • DoS and DDoS Attacks
  • DoS and DDoS Attack Countermeasures
  • Session Hijacking Attacks
  • Session Hijacking Attack Countermeasures

Lab Exercise

  • Perform MAC Flooding to Compromise the Security of Network Switches
  • Perform ARP Poisoning to Divert all Communication between Two Machines
  • Detect ARP Attacks using ARP Spoofing Detection Tools to Ensure Data Privacy
  • Perform DoS and DDoS Attacks using Various Techniques on a Target Host to Prevents Access to System Resources for Legitimate Users
  • Detect and Protect Against DDoS Attack
  • Perform Session Hijacking to Seize Control of a Valid TCP Communication Session Between Two Computers
  • Detect Session Hijacking Attempts using Manual Method

Topics Covered:

  • Web Server Attacks
  • Web Server Attack Countermeasures
  • Web Application Architecture and Vulnerability Stack
  • Web Application Threats and Attacks
  • Web Application Attack Countermeasures
  • SQL Injection Attacks
  • SQL Injection Attack Countermeasures

Lab Exercise

  • Perform a Web Server Attack to Crack FTP Credentials
  • Perform a Web Application Attack to Compromise the Security of Web Applications to Steal Sensitive Information
  • Perform SQL Injection Attacks on a Target Web Application to Manipulate the Backend Database
  • Detect SQL Injection Vulnerabilities using SQL Injection Detection Tools

Topics Covered:

  • Wireless Terminology
  • Wireless Encryption
  • Wireless Network-Specific Attack Techniques
  • Bluetooth Attacks
  • Wireless Attack Countermeasures

Lab Exercise

  • Perform Wi-Fi Packet Analysis
  • Perform Wireless Attacks to Crack Wireless Encryption

Topics Covered:

  • Mobile Attack Anatomy
  • Mobile Platform Attack Vectors and Vulnerabilities
  • Mobile Device Management (MDM) Concept
  • Mobile Attack Countermeasures

Lab Exercise

  • Hack an Android Device by Creating Binary Payloads
  • Secure Android Devices using Various Android Security Tools

Topics Covered:

  • IoT Concepts
  • IoT Threats and Attacks
  • IoT Attack Countermeasures
  • OT Concepts
  • OT Threats and Attacks
  • OT Attack Countermeasures

Lab Exercise

  • Perform Footprinting using Various Footprinting Techniques
  • Capture and Analyze IoT Device Traffic

Topics Covered:

  • Cloud Computing Concepts
  • Container Technology
  • Cloud Computing Threats
  • Cloud Attack Countermeasures

Lab Exercise

  • Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools
  • Exploit S3 Buckets

Topics Covered:

  • Fundamentals of Penetration Testing and its Benefits
  • Strategies and Phases of Penetration Testing
  • Guidelines and Recommendations for Penetration Testing

Fasilitator

Verified by MonsterInsights