Comprehensive introduction to Ethical Hacking

The EXIN Ethical Hacking Foundation certification provides IT professionals with a solid understanding and technical knowledge of the principles behind Ethical Hacking.

The exam explains the different methods used to test and determine the security of the IT infrastructure within an organization.

Overview

The purpose of ethical hacking is to evaluate the security of a computer system or network through the discovery and exploitation of vulnerabilities in a legal manner.

Today’s technology is moving fast and changing the way we do business. Companies digitize all information by default, store their data in the cloud and use open source software. This raises information security issues related to network and system infrastructure.

The EEHF: EXIN Ethical Hacking Foundation module covers the basic steps of ethical hacking: intelligence gathering, scanning computer network/systems, and penetrating systems. Candidates are expected to be very aware of the difference between legal and illegal hacking, and the consequences of misuse.

In more detail the candidate will develop an understanding of the following topics:

  • Network sniffing (gathering information from network traffic)
  • Cracking a WEP and WPA(2) key from a wireless network
  • Network vulnerability scanning
  • Basic penetration of computer systems
  • Password cracking
  • Web-based hacking, containing SQL Injections (SQLi), Cross-Site Scripting (XSS), Remote File Inclusions (RFI)

The EXIN Ethical Hacking Foundation exam tests the knowledge of the candidate on:

  • the basics of Ethical Hacking, and
  • the practice of Ethical Hacking.

Skills Covered

  • Introduction to Ethical Hacking
  • Network Sniffing
  • Hacking Wireless Networks
  • System Penetration
  • Web-based Hacking

Prerequisites

Knowledge of Linux and cybersecurity skills are highly recommended. If you’re new to cybersecurity, consider opting for the CITSF: Cyber and IT Security Foundation certification prior to joining this course.

Target Audience

This cybersec credential is meant for security officers, network architects, network administrators, security auditors, security professionals, computer programmers and networking experts, managers working in the field of ethical hacking and anyone who is interested in improving and/or testing the security of an IT infrastructure.

The module is also meant for (beginning) ethical hackers who want to get certified and verify their knowledge.

Course Curriculum

Module 1: Introduction to Ethical Hacking
1.1 Hacking Ethics

  • Understand the legal implications of hacking.
  • Different types of hackers.

1.2 Basic Principles

  • The difference between the white and black box test.
  • Different phases in the hacking process.

Module 2: Network Sniffing
2.1 Tools

  • Different kind of tools for Network Sniffing.
  • The most common tools for Network Sniffing.

2.2 Extracting Information

  • The function of HTTP headers.
  • Extract information from HTTP headers.

Module 3: Hacking Wireless Networks
3.1 Preparation

  • Find information of his own network adapter.

3.2 Aircrack-NG

  • Airodump-NG.
  • The different kind of functions of tools within Aircrack.
  • What ESSID&BSSID means.

Module 4: System Penetration
4.1 Intel Gathering

  • Knows how to find information on a target online.
  • Knows how to find information on a target within a network.

4.2 Software Tools (Nmap, Metasploit)

  • Can scan a target.
  • Knows how to combine tools.

4.3 Fingerprinting and Vulnerabilities

  • Knows how to find vulnerabilities based on scanning results.
  • Knows how to perform manual fingerprinting.

4.4 Exploitation and Post Exploitation

  • Knows how to exploit a vulnerability with Metasploit.
  • Knows how to extract system information after exploitation

Module 5: Web-based Hacking
5.1 Database Attacks

  • Knows the steps to test for SQLi vulnerabilities.
  • How to extract data with SQLi.
  • Functions: CONCAT, LOAD_FILE, UNION, SELECT,
    @@version, ORDER BY, LIMIT
    what they do.

5.2 Client Side Attacks

  • Knows how to create an XSS PoC (Proof of Concept).
  • Knows the basics of session hijacking i/c/w XSS.
  • Knows how to bypass basic XSS filters.

5.3 Server Side Attacks

  • Knows how RFI is performed.
  • Knows basic functionalities of php shells such as r57 and c99.
  • Knows the difference between Bind & Back connect shells and what they do.

Dates & Locations

Let’s make it work for you

Can’t find a date that fits? Need to train your whole team? Looking for a discount?
Speak to one of our learning experts today.

x Clear all selections
Trainocate exam and cert

Exam & Certification

EXIN Ethical Hacking Foundation

Training & Certification Guide

  • Duration: 01 hour
  • Number of Questions: 40 (Multiple Choice)
  • Pass mark: 65%
  • Open book: No
  • Electronic equipment allowed: No
  • Level: Foundation
  • ECTS Credits: 2
  • Languages: English, Portuguese
  • Requirements for certification: An Ethical Hacking Foundation training and knowledge of Linux is highly recommended.

CHFI: Computer Hacking Forensic Investigator

The CHFI: Computer Hacking Forensic Investigator certification includes all the essentials of digital forensics analysis and evaluation required for today’s digital world. From identifying the footprints of a breach to collecting evidence for a prosecution, CHFI v10 walks students through every step of the process with experiential learning. This course has been tested and approved by veterans and top practitioners of the cyber forensics industry.

RCCE1: Rocheston Certified Cybersecurity Engineer – Level 1

The RCCE1: Rocheston Certified Cybersecurity Engineer – Level 1 course will delve into the basics of cybersecurity along with hands-on labs. You will gain an insight into hacking technologies and tools. Level 1 covers the foundation of hacking technologies. For instance, it looks at Web application attacks, Trojans and Malware, Denial of Service attacks, metasploit, firewalls, cryptography, cracking passwords, hacking the cloud etc. The RCCE Level 1 is a mandatory requirement, to move to the Level 2 program. The course is 100% Linux based.

CISSP: Certified Information System Security Professional Prep Course

This CISSP: Certified Information System Security Professional Prep course is designed for information security professional’s with deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.

CT-CYSA+: CompTIA Cybersecurity Analyst

This CompTIA CyberSecurity Analyst certification course covers the duties of cybersecurity analysts who are responsible for monitoring and detecting security incidents in information systems and networks, and for executing a proper response to such incidents. Depending on the size of the organization, this individual may act alone or may be a member of a cybersecurity incident response team (CSIRT).

Frequently Asked Questions

EXIN Ethical Hacking has been created for security officers, network administrators, network architects, security auditors and any other professional who wishes to improve IT security. This certification confirms a candidate’s competences on the subject of cyber security which is relevant to a wide range of job roles and areas of business.

Speak to a Training Consultant

All courses are HRD Claimable.
Get in touch with our team via the form or WhatsApp us on +6011-5119 6631

Preferred mode of training
Checkboxes