Q/EH® Qualified/ Ethical Hacker Certification Exam and Class
Q/EH Qualified/ Ethical Hacker class is your next class after Security+ or CISSP. Are you ready for SERIOUS tactical Ethical Hacker skills training to defend networks from cyber attack? Step up to Qualified with the Q/EH Certification, voted Best Professional Security Training Company Finalist 2009 - by SC Magazine.
"Yes. Pls quote me, The instructor was great, he was very knowledgeable. I had CEH and CHFI training from another vendor and I did receive certification but I wish I had attended your classes instead, I would have learned much more." Americo 2008
Our Q/EH study guide engages you in real world scenarios, no old hacking tools, no death by power point like other Certified Ethical Hacking classes. More than 35 hands-on tactical security labs to ensure your qualified and validated to defend networks from cyber threats.
We are dedicated to your tactical security success. We constantly add new security tools, white papers and update SU hacking labs to keep you motivated and expand your tactical security knowledge & hacking skills.
New! Multiple VM's on each laptop, the latest BackTrack and Linux tool kits
New Saint Vulnerability Exploit tool with discount code
Core Impact 8IP, 7-Day LICENSE FREE CD with every class registration!
Expert Instructors
99% pass rate, highest pass rate in the industry
100% Satisfaction Guarantee
Instruction and review with an experienced master hacker
Q/EH Exam on site last day of class
Access to Security University 's IT Professional Reference Library of targeted pre-class reading
Free download of Linux & 400+ up-to-date hacking tools and exploits
"Where Qualified Happens"
No book substitutes for the real thing
The Q/ISP Qualified/ Information Security Professional Certification Program has been short-listed as finalists for SC Magazine's Best Professional Security Training Program 2009. Click here to view the press release.
Class Tuition & Bonuses
Instruction and review with an experienced master hacker
Q/EH Exam on site last day of class
Access to Security University's IT Professional Reference Library of targeted pre-class reading, with:
Free download of Linux & 400+ up-to-date hacking tools and exploit
The business of Ethical Hacking your network
Incident Management
Laws & Legislation
White & Black Box Testing
Software Security Testing
Code Review
DRP Disaster Recovery Planning
Reconnaissance/ footprinting Define the term Footprinting
Describe information gathering methodology
Describe competitive intelligence
Understand DNS enumeration
Understand Whois, ARIN lookup
Identify different types of DNS records
Understand how traceroute is used in Footprinting
Understand how e-mail tracking works
Understand how web spiders work
Scanning Define the term port scanning, network scanning and vulnerability scanning
Understand the Q/EH scanning methodology
Understand Ping Sweep techniques
Understand nmap command switches
Understand SYN, Stealth, XMAS, NULL, IDLE and FIN scans
List TCP communication flag types
Understand War dialing techniques
Understand banner grabbing and OF fingerprinting techniques
Understand how proxy servers are used in launching an attack
How does anonymizers work
Understand HTTP tunneling techniques
Understand IP spoofing techniques
Enumeration What is Enumeration?
What is meant by null sessions
What is SNMP enumeration?
What are the steps involved in performing enumeration?
Sniffers Understand the protocol susceptible to sniffing
Understand active and passive sniffing
Understand ARP poisoning
Understand ethereal capture and display filters
Understand MAC flooding
Understand DNS spoofing techniques
Describe sniffing countermeasure
System hacking Understanding password cracking techniques
Understanding different types of passwords
Identifying various password cracking tools
Understand Escalating privileges
Understanding keyloggers and other spyware technologies
Understand how to Hide files
Understanding rootkits
Understand Steganography technologies
Understand how to covering your tracks and erase evidences
Buffer Overflows Overview of stack based buffer overflows
Identify the different types of buffer overflows and methods of detection
Overview of buffer overflow mutation techniques
SQL Injection What is SQL injection?
Understand the Steps to conduct SQL injection
Understand SQL Server vulnerabilities
Describe SQL Injection countermeasures
Virus and Worms Understand the difference between an virus and a Worm
Understand the types of Viruses
How a virus spreads and infects the system
Understand antivirus evasion techniques
Understand Virus detection methods
Trojans and Backdoors What is a Trojan?
What is meant by overt and covert channels?
List the different types of Trojans
What are the indications of a Trojan attack?
Understand how Netcat Trojan works
What is meant by wrapping
How does reverse connecting Trojans work?
What are the countermeasure techniques in preventing Trojans?
Understand Trojan evading techniques
Denial of Service Understand the types of DoS Attacks
Understand how DDoS attack works
Understand how BOTs/BOTNETS work
What is smurf attack
What is SYN flooding
Describe the DoS/DDoS countermeasures
Session Hijacking Understand Spoofing vs. Hijacking
List the types of Session Hijacking
Understand Sequence Prediction
What are the steps in performing session hijacking
Describe how you would prevent session hijacking
Wireless Hacking Overview of WEP, WPA authentication systems and cracking techniques
Overview of wireless Sniffers and SSID, MAC Spoofing
Understand Rogue Access Points
Understand Wireless hacking techniques
Describe the methods in securing wireless networks
Hacking Web Servers List the types of web server vulnerabilities
Understand the attacks Against Web Servers
Understand IIS Unicode exploits
Understand patch management techniques
Understand Web Application Scanner
What is Metasploit Framework?
Describe Web Server hardening methods
Web Application Vulnerabilities Understanding how web application works
Objectives of web application hacking
Anatomy of an attack
Web application threats
Understand Google hacking
Understand Web Application Countermeasures
Physical Security Physical security breach incidents
Understanding physical security
What is the need for physical security?
Who is accountable for physical security?
Factors affecting physical security
Social Engineering What is Social Engineering?
What are the Common Types of Attacks
Understand Dumpster Diving
Understand Reverse Social Engineering
Understand Insider attacks
Understand Identity Theft
Describe Phishing Attacks
Understand Online Scams
Understand URL obfuscation
Social Engineering countermeasures Linux Hacking Understand how to a Linux Kernel
Understand GCC compilation commands
Understand how to install LKM modules
Understand Linux hardening methods
IDS, Honeypots and Firewalls List the types of Intrusion Detection Systems and evasion techniques
List firewall and honeypot evasion techniques
Cryptography Overview of cryptography and encryption techniques
Describe how public and private keys are generated
Overview of MD5, SHA, RC4, RC5, Blowfish algorithms
Penetration Testing Methodologies Overview of penetration testing methodologies
List the penetration testing steps
Overview of the Pen-Test legal framework
Overview of the Pen-Test deliverables
List the automated penetration testing tools
Appendix I, II, II
C&A Review
Event Correlation
Incident Mgt
Law & Legislation
Snort Rules
Black Box Testing
PKI
Software Security Testing
Code Review
COOP
BCP Business Continuity Planning
DRP Disaster Recovery Planning
What is a Q/ISP"Qualified" Information Security Professional? A Q/ISP is a person who has successfully passed Security University's Q/ISP online 125 question certification exam.
The Q/ISP certification does not require you to attend any classes.
The Q/ISP certification is awaiting ANSI's 17042 & NOCA approval.
A "Qualified" Q/ISP is a person that has an attained 4 SU Education Certifications from attending each of the 4 Q/ISP classes that validate tactical security skills - Q/EH, Q/SA with Q/PTL, Q/ND & Q/FE classes with hands-on labs and online exams. (awaiting NOCA Approval)
Prior to 2008, if you attended Security University's EC-Council Authorized CEH, ECSA,CHFI classes ( we have since dropped the ATC) but can still prep you for the EC-Council Classes and passed the exams your eligible for the Q/ISP Qualified Education Certifications.
Since 2004 SU has certified over 680 ECSA/ Q/SA Qualified Security Analysts Penetration Testers in 3 countries!
Customize your Q/SA Q/PTL + ECSA prep training program today!