Course Outline
Day 1: Overview of cybersecurity, ethical hacking, and contemporary architecture
Day 2: Active recognition
Day 3: System operation
Day 4: Exploitation and post-exploitation, and report drafting
Day 5: Certification Exam
Learning objectives
- Understand the fundamental concepts of ethical hacking and the technical knowledge required to perform and manage penetration tests;
- Master the concepts, approaches, standards, methods, and techniques used to operate an effective ethical hacking process;
- Acquire the expertise to conduct a penetration test following a logical path using a variety of tools and techniques;
- Develop the expertise to analyze testing results and produce effective reports that help organizations address vulnerabilities;
- Strengthen the personal qualities necessary to act with due professional care when conducting penetration tests;
- Be able to define and explain the different phases of cyberattacks;
- Become acquainted with the various tools used to collect information prior to performing an attack;
- Learn about the different attacks that affect an organization's network security;
- Learn how to perform the different steps of a penetration test (ethical hacking) and its associated tools by obtaining information, scanning, enumerating, and attacking;
- Learn about the most important aspects of Distributed Denial of Service (DDoS) attacks and their tools;
Educational approach
- This training combines theory and practical exercises, with a ratio of 40% theoretical content to 60% practical content. Practical exercises are integrated with tutorials to help candidates acquire the required skills.
- The laboratory environment is intensive, providing in-depth knowledge and practical experience regarding current security systems to each candidate.
- Learning by doing: Participants will engage in scenarios, situations, and decision-making processes that they are likely to encounter in their professional lives.
- Practical tests mirror the format of the Certification Exam.
Examination
The "PECB Certified Lead Ethical Hacker" exam meets all requirements of the PECB Examination and Certification Program (ECP). The exam covers the following competency domains:
Domain 1: Fundamental principles and concepts of ethical hacking
Domain 2: Attack mechanisms
Domain 3: Principles and reference frameworks on penetration tests
Domain 4: Planning and performing penetration tests using various tools and techniques
Domain 5: Drafting penetration testing reports
The examination consists of two parts. The first part is a paper-based exam featuring essay-type questions. The second part is technical, requiring candidates to conduct penetration testing exercises on a computer and draft an analysis report.
Participants are authorized to use their personal notes during both the paper-based exam and the practical portion.
For more information about exam details, please visit Examination Rules and Policies.
Certification
After successfully completing the exam, you can apply for the credentials listed in the table below. You will receive a certificate once you meet all requirements related to the selected credential. For more information about Ethical Hacking certifications and the PECB certification process, please refer to the Certification Rules and Policies.
To be considered valid, activities related to ethical hacking and penetration testing should follow best practices and include the following activities:
- Understanding the scope of ethical hacking
- Defining a penetration testing approach
- Understanding the steps that should be followed during an ethical hacking process
- Defining the penetration testing criteria
- Evaluating pen test scenarios and treatment options
- Understanding the methods that help in increasing the security of operation systems
- Reporting the penetration testing results
Requirements
A foundational knowledge of Information Security and advanced skills in operating systems (e.g., Microsoft, Linux, etc.) are required. Additionally, it is advantageous for candidates to possess knowledge of computer networks, operating system usage, and basic programming concepts.
Testimonials (1)
The trainer had an excellent knowledge of fortigate and delivered the content very well. Thanks a lot to Soroush.
