Overview

This 1 day course will introduce you to the basic technical concepts behind the various stages of a hacking attack, as well as some common tools used by hackers and security professionals alike. Examples are drawn from real-world breaches to show how lapses in security have resulted in high-profile damage to organisations and customers.

Assuming no prior information security knowledge, the course is ideally suited to anyone requiring a high-level understanding of techniques and current trends used in hacking without the need for practical know-how.

This is a multimedia theory-based course with group discussions. Should there be time and interest, there is also the opportunity to join a guided 'hack lab', in which you can try your hand at some simple web application attacks (Wi-Fi enabled device required).

Delegates interested in more hands-on technical content should look at other supplier's courses such as CSTA and CSTP.

Prerequisites

Delegates will learn how to

  • A hacker's mindset and motivations
  • The hacker methodology - insight into tools and tricks used
  • How an organisation is at risk from hackers
  • Various routes of attack eg Internet, employees, social engineering, emails, wireless
  • Details of some high profile attacks that have led to real damage, both financial and reputational.

Outline

  • Introduction - terminology, motivations, the lie of the land, methodology
  • Information gathering - from harvesting open-source information to social engineering
  • Target scanning, including port scanning
  • Vulnerability assessment, including the threat from client-side software
  • Exploitation, including attack pivoting
  • Privilege escalation, including password attacks
  • Retaining access, including botnets
  • Covering tracks
  • Team exercise - incident handling scenario
  • Web application attacks - threats, OWASP Top Ten
  • SQL injection
  • Conclusion - trends
  • Hack lab - practical attack scenarios