The advent of information technology has left many organisations vulnerable to the damaging activities of cyber-criminals – activities that need a skilled workforce to detect and deflect them.
The Certificate of Ethical Hacking is an online professional development course that will provide you with the skills and knowledge required in an IT, auditing or site administration role to help you improve an organisation’s internet and system security.
In this ethical hacking course, you will be immersed in an environment that will help you evaluate not just the logical, but the physical security aspects of IT systems.
You will also acquire an understanding of cyber and network threats, gain an insight into hacker motives, and learn how to detect intrusion, fix system vulnerabilities and deflect attacks.
On completion of this course, you will be empowered with the skills and knowledge to safeguard systems and networks in order to not only protect your identity but to fight back against cyber criminals.
EC Council Certification Preparation Program
Course Structure
Unit 1 - Ethical hacking overview and threats
- Threats
- General threat landscape
- Basic terms, and common IT security objectives
- Motivations common to the threat actor
- Threat categories and attack vectors
- Types of defences against threats
- Hacking concepts
- Concepts of hackers
- Common phases of hacking
- What makes a good hacker
- Types of hackers (Script Kiddies, White Hats and Black Hats)
- Covert data gathering
- Cloud computing threats
- Cloud computer attacks
- Password attacks
- High and low tech approaches to password attacks
- Using Medusa and Hydra software
- Packet sniffing tools
- Popular password cracking tools
- GUI based password cracking tools
- Man-in-the-middle attacks
- Pass-the-hash to gain access without cracking the password hash
- Privilege Escalation
- DLL hijacking
- File/folder permission exploitation
- Gaining higher privileges using scheduled tasks and insecure sudo implementations
- Operating system vulnerabilities and webshells
- techniques to gain unauthorised privileges
Unit 2 – Cloud computing
- Cloud computer attacks
- Vulnerabilities and attacks that lead to cloud systems being compromised
- Cloud computing threats
- Cloud computer attacks
- Cloud computing concepts
- Basic cloud computing
- Understanding cloud computing attacks
- Concepts and key characteristics of cloud computing and accepted service models
- Cloud deployment models and cloud actors
Unit 3 - Common web app threats
- Threats against web apps and injection-based attacks
- Unauthorised remote access and code execution
- Attacks against web apps using weak or broken authentication methods
- Cross-site scripting
- Dangers of broken and weak authentication methods
- Data leaking with poor or no encoding
- Using cross-site scripting (XSS) to execute code
- Dangers of using indirect object references (IDOR)
Unit 4 - Cracking and mobile hacking
- Mobile hacking
- Challenges of managing a BYOD environment.
- the process of cracking WEP encrypted wireless networks
- Aircrack-ng suite of wireless hacking tools
- The process of cracking WPA encrypted wireless networks using the Aircrack-ng suite of wireless hacking tools
Unit 5 - Cryptography
- Cryptography attacks
- Attack a cryptographic system
- Cryptography concepts
- Cryptography concepts and the goals of cryptography
- digital signatures
- Symmetric cryptography
- Asymmetric cryptography
- Cryptanalysis, cryptology, and collision
- Symmetric and asymmetric key algorithms and management
- types of cryptosystems, hashing algorithms, and digital signatures
- Public Key Infrastructure, digital certificates, certificate lifecycle, key wrapping, and key encrypting keys
Unit 6 - Denial of service
- Distributed denial of service attacks
- Types of attacks
- DoS/DDoS attacks,
- Amplification and reflective DoS attacks
- Volumetric attacks
- Protocol type attacks
- Application layer
Unit 7 - Evading IDS, firewalls, and honeypots
- IDS and firewalls
- Using Nmap to evade firewalls
- Honeypot setups
- Install and test Snort intrusion detection software
- Snort post-installation
- Structure of a ruleset
Unit 8 - Footprinting
- Footprinting tools and techniques
- Footprinting and web-based tools
- Using whois, traceroute, recon-ng, and other tools to collect info on a target website
Unit 9 - Hacking web servers
- Common web server attack tactics
- Motivations for targeting web servers.
- Exploiting vulnerabilities associated with web servers
- Common methodologies
- Hidden files and covering tracks
- Necessity of hiding files
- How to cover tracks
- Alternate data streams and steganography
- Disabling auditing systems and clearing logs
- Host discovery and scanning with Nmap
- Discovering hosts
- Common system tools
- Scripting to perform host discovery
- Nmap host scanning techniques
- Using Nmap to target specific hosts
Unit 10 - loT
- IoT Attacks
- IoT vulnerabilities
- Common IoT attack areas and threats
- IoT concepts
- Concept of IoT
- IoT communication models
- Challenges associated with the use of IoT
- IoT Hacking and Countermeasures
- IoT hacking methodology
- Countermeasures for securing IoT devices
Unit 11 - Malware
- Malware distribution
- Malware distribution methods
- Malware threats
- Malware threats used to attack a system
- Malware types and components
Unit 12 - SQL
- SQL Injection
- SQL Injection attacks
- SQL Injection to bypass authentication on a web app
- SQL Injection types and tools
- Error-based and blind SQL Injection
- Using SQL Injection to read, write, and execute files on a remote system
Unit 13 – Wireless hacking
- Wireless hacking common threats
- Common threats against wireless networks
- Recognising complex wire network attacks
- Wireless hacking concepts
- Wireless hacking technologies and concepts
- Wireless terms and standards
- Authentication mechanisms
- Encryption schemes
- Wireless hacking tools
- Using wireless hacking tools
- Common wireless hacking tools
Unit 14 - Additional topics
- Networking sniffing purposes
- Sniffing network traffic
- Types phases, and methodologies of penetration testing
- Common security laws, regulations and standards
- Methods of web app hacking
- Configuration of a web app
- Bypass security features using ProxyChains
- Perform enumeration
- Things commonly targeted during enumeration
- Explore Security policies
- Protecting information, systems, networks and physical threats
- Workplace policies and physical security policies
- Risk management and threat modelling
- Impacts of successful hijacking attacks
- Conduct a session replay attack
- Token prediction, cross-site request gorgery (CSRF/XSRF), session fixation, and man-in-the-browser attacks
- Network-layer session hijacking
- Mitigation strategies
- Using tactics like to gain access or information from their targets
- Using social engineering techniques to gain information from a target
- Gathering information using malicious apps from a target
- Vulnerability management life-cycle
- Vulnerability assessments
- Vulnerability tools
Assessment
Assessment Information
When you study with Australian Online Courses, you will be assessed using a competency-based training method.
Competency-based training focuses on the achievement of skills and knowledge against set criteria to ensure your competency is industry relevant. You will not be benchmarked against other students.
If you do not achieve a competency result on your first attempt, you have two more attempts to pass your assessment. So, you have three attempts in total to obtain a competency result.
In this way, you can complete your course in your own time and at your own pace with the assistance of unlimited tutor support.
In this course, you will be assessed via multiple-choice questions to determine your mastery of details and specific knowledge gained during your studies to achieve a ‘competent’ or ‘not yet competent’ result.
Benefits of Multiple-Choice Assessments
- Appropriate for assessing students’ mastery of details and specific knowledge.
- Can be used to assess both simple knowledge and complex concepts.
- Questions can be answered quickly to accurately assess a students’ mastery of many topics relatively quickly.
- Assessment can be quickly and reliably scored to achieve a ‘competent’ or ‘not yet competent’ result.
- As the answers are visible, multiple-choice questions offer the opportunity for the continuation of the learning process, offering educational value.
Course FAQs
Why Choose Australian Online Courses?
- Professional development that is widely recognised and respected;
- Improve your employment opportunities;
- Study online, anywhere via our elearning system;
- High-quality professional development programs written by industry experts;
- No entry requirements;
- All course materials provided online – no textbooks to buy;
- Unlimited tutor support;
- Easy to understand course content;
- We offer twelve (12) months’ access, with extensions available upon application (fees apply);
- Certificate of Attainment/Completion issued for your CV (hard copy provided); and
- Course may be tax deductible; see your tax advisor.
How long will it take to complete this course?
The approximate study hours for this course is 50 hours. We offer twelve (12) months’ access, with extensions available upon application (fees apply).
Can I purchase optional printed materials?
While printed materials are not available for purchase, transcripts of video lectures and other learning resources are available for printing via our elearning system.
When can I start this course?
You can start within 60 minutes during business hours when you enrol and pay in full with a credit card!
Credit card: Within 60 mins during business hours.
BPAY: Within 1-2 working days.
Internet Banking: Within 1-2 working days.
Cheque/Money Order: Upon receipt of mailed cheque.
Will I receive a certificate upon completion of this course?
Yes! You will receive a Certificate of Attainment upon successful completion of your assessment.
Do I need to attend classes or undertake any work placements?
No. All courses are delivered online via our e-learning system and there are no work placement requirements in this course.
What support can I expect from Australian Online Courses?
Unlimited tutor support is available throughout your studies via email during business hours Monday to Friday. Our Administrative team are available Monday to Friday via email, live chat and telephone.
I am an international student. Can I enrol into this course?
Yes! We accept enrolments from individuals both within Australia and internationally; location is no barrier to entry into our programs.
Career Pathways
Future growth
Strong
Unemployment
Low
- Information Technology Support Staff
- Website Administrator