Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Cisel1 d
1. Certified Information Security Expert (CISE level 1 v2)
Detailed Course Module
Certified Information Security Expert (CISEv20)
Innobuzz Knowledge Solutions Pvt Ltd is high quality-training provider
for courses in the field of Information Security, Systems and Open-
Source
The hands on security courses in the field of offensive security are built
by the Innobuzz Knowledge Solutions Pvt Ltd members to ensure real
world experience
www.innobuzz.in
2. Chapter 1 – Introduction
Concept of Security
Physical and Digital Assets
Security Triangle
Introduction: Ethical hacking
Types of Ethical Hackers
Basic Terminologies
Elements of Security
5 Phases of Hacking
Profile of an Ethical Hacker
Security Testing, Computer Crimes and Law
History of Hacking & Famous Hackers
Chapter 2 – Networking & Basics
Concept of Networking
Types of Networks and Networking Devices
Concept of Network and Ports
TCP, IP & UDP
Addressing and Types of Addressing
IP Address and Classes
Client Server Relationship
Domain name and DNS
ARP, RARP, ICMP, FTP, Telnet, SMTP, SNMP, HTTP, POP
Virtualization and Advantages of Virtualization
Chapter 3 – Footprinting
Footprinting/Information Gathering
Steps of Information Gathering
Crawling and Mirroring of Websites
Whois and Domain Registry
Gathering Target Information
Parallel Domain
MX Entry
Trace Route
Archive Pages
Banner Grabbing
3. Chapter 4 – Google Hacking
Introduce Google
Working of Google – Outline
Working of Google – Crawling, Indexing & Searching
Vulnerable Objects
Using Cache and Google as Proxy
Directory Listing and Locating Directory Listings along with specific folders
Google Hacking and what it is about
The basics of Google Hacking: Advanced Search in Google
Advance Search Operators: site:, filetype:, inurl:, intitle:, cache:, info:
Wildcard and Quotes
Understanding and Viewing Robots.txt for important Files
Normal Countermeasures
o Robottxt
o Metatag and Google Official Remove
o Hiding Detailed Error Messages
o Disabling Directory Browsing
Chapter 5 – Scanning
Definition of Scanning
Types of Scanning
Diff b/w Port and Network Scanning
Objectives and Benefits of Scanning
TCP three way hands shake
Various Classification of Scanning
Fragments, UDP, ICMP, Reverse Ident, List & Idle, RPC, Window Scan, Ping Sweep
Concept of War Dialer (History)
OS Finger Printing and Types – Active & Passive
Chapter 6 – Windows Hacking
Definition and Objectives of Windows Hacking
Types of Passwords
Manual & Automatic Password Cracking Algorithm
Types of Password Attacks – Dictionary, Brute Force, and Hybrid
LMHash and SAM File
Password Cracking Countermeasures
4. Syskey
Privilege Escalation
Hiding Files
Concept of Alternate Data Stream and Advantages
Detecting ADS
NTFS Streams countermeasures
Keystroke Loggers and Types – Software & Hardware
Concept of Auditing, Logs and Covering Tracks
Concept of Application Isolation
Chapter 7 – Linux Hacking
Introduction of Linux as an OS
Advantages of using Linux
Basics about linux – Commands, Shell types and User types
Why Linux is hacked?
Recent Linux Vulnerabilities
Password cracking in Linux
Introduction and explanation of IP Tables & IP Chains
TCP wrappers
Remote connection using SSH
Log and Traffic Monitors in Linux
Understanding Post Install Linux Security Auditing
Understanding and using Backtrack
Chapter 8 – Trojans & Backdoors
Definition and Objectives of Trojans & Backdoors
Overt and Covert Channels
Working of Trojans
Different Types of Trojans – Remote Access, Data Sending, Destructive, DOS, Proxy
Trojans
Target Data Types of Trojans
Different Modes of Trojan Infection
Auto-run of Trojans
Common Symptoms of a Trojan Infection
Ports used by Famous Trojans
Wrappers & Binders
Uses of Wrappers and Binders
5. Reverse Connection in relation to Trojans
Detecting a Trojan in a computer
Anti-Trojan Software
Tips to Avoid Trojan Infection
Concept of Rootkit
Effects and Types of Rootkit
Countermeasures of Rootkit
Chapter 9 – Virus & Worms
Introduction to Virus & Worms
Diff. between Virus & Worms
Characteristics, Symptoms of a Virus
History and Terminologies used for a Virus
Types of Virus Damage
Effects of a Virus Attack
Access Methods of a Virus
Modes of Virus infection
Life Cycle of a Virus
Types of Virus Programs – What and how?
Famous Virus & Worms
Batch File programming
Concept of Virus Construction Kit
Virus Detection Methods
Virus Incident Response
Sheep Dip
Tips on Prevention from Virus Infection
Types of Worms
Zombies
Botnets
Antivirus Program
Popular Antivirus programs
Chapter 10 – Proxy Server & Packet filtering
Proxy Server
Advantages of using Proxy Servers
Proxy Server Based Firewalls
6. Types of Proxy Servers – Software Proxy, Proxy Websites, and Server Proxy
Diff. between Transparent, Anonymous and Elite Proxies
Anonymizers
Socks Chain Proxy
Http Tunnel Proxy
Countermeasures of Proxy
Packet Filtering
Packet Filtering Devices and Approaches
Stateless Packet Filtering
Different Types of Filtering Based on IP Header, TCP, TCP/UDP, ICMP, ACK flags,
Fragmentation and Packet Contents
Filtering Suspicious Inbound Packets
Stateful Packet Filtering
Proxy Server Vs Packet Filtering
Chapter 11 – Denial of Service Attack
Concept of DOS Attacks
Goal of DOS Attack
Impact and Modes of Dos Attack
Types of Dos Attack – smurf, Buffer Overflow, Ping of death, Teardrop, SYN, Tribal
flow
Concept of DDOS Attack
Diff. between Dos and DDos Attack
Characteristics of DDos Attacks
Concept of Agent Handler Model, IRC Based Model, DDos Attack Taxonomy,
Amplification Attack
Concept of the Reflected Dos
Countermeasures - Reflected DoS
DDoS Countermeasures
Detect and Neutralize Handlers
Detect Potential Attacks
Mitigate or Stop the Effects of DDoS Attacks
Post-Attack Forensics
Chapter 12 – Sniffers
Concept of Sniffing
Types of Sniffing – Active & Passive
7. ARP Poisoning
Countermeasures of ARP Poisoning
DNS Spoofing
Changes in Host file for DNS Redirection
Countermeasures of sniffing
MAC Spoofing
Chapter 13 – Social Engineering
Social Engineering
Techniques of Social Engineering
Attempt Using Phone, E-mail, Traditional mail, In person, Dumpster Diving, Insider
Accomplice, Extortion and Blackmail, Websites, Shoulder surfing, Third Person
Approach, Technical Support
Countermeasures of Social Engineering
Chapter 14 – Physical security
Physical Security
Current Statistics
Accountability and Need of Physical security
Factors Affecting Physical Security
Physical Security Checklist
o Company Surroundings
o Premises
o Reception
o Server
o Workstation Area
o Wireless Access Points
o Other Equipments such as fax, removable media etc
o Access Control
o Computer Equipment Maintenance
o Wiretapping
o Remote Access
o Locks
o Spyware
Chapter 15 – Steganography
8. Steganography
o What is Steganography?
o History
o Steganography today
o Steganography tools
Steganalysis
o What is Steganalysis?
o Types of analysis
o Identification of Steganographic files
Steganalysis meets Cryptanalysis
o Password Guessing
o Cracking Steganography programs
Forensics/Anti-Forensics
Conclusions
o What’s in the Future?
o Other tools in the wild
o References
Chapter 16 – Cryptography
Concept of Cryptography
Advantages and uses of Cryptography
PKI (Public Key Infrastructure)
Algorithm’s of encryption – RSA, MD5, SHA, SSL, PGP, SSH, GAK
Concept of Digital Signature
Encryption Cracking Techniques
Disk Encryption
Cracking S/MIME encryption using idle CPU time
Concept of Command Line Scriptor and Crypto Heaven, Cyphercalc
CA (Certificate Authority)
Chapter 17 - Wireless Hacking
Wireless Technology
Introduction to wireless networking
Basics & Terminologies
Advantages of Wireless Technology
Components of Wireless Network
Types of Wireless Network
9. Setting and detecting a wireless network
Advantages and Disadvantages of wireless network
Antennas, SSID, Access Point Positioning and Rogue Access Point
Concept of Wired Equivalent Privacy (WEP)
MAC Sniffing & AP Spoofing
Terminology of Wi-Fi Access
Denial-of-Service and MITM Attack in Wi-Fi
Wireless Intrusion Detection System
Tips to Secure Wireless Network
Chapter 18 - Firewalls & Honeypots
Firewall
What Does a Firewall Do?
What a firewall cannot do
How does a firewall work?
Types of Firewall
Working of Firewall
Advantages and Disadvantages of Firewall
Firewalls Implementing for Authentication Process
Types of Authentication Process
Steps for Conducting Firewall Penetration Testing
o Locate the Firewall
o Traceroute to identify the network range
o Port scan the router
o Grab the banner
o Create custom packet and look for firewall responses
o Test access control Enumeration
o Test to indentify firewall architecture
o Test firewall using firewalking tool
o Test for port redirection
o Test Convert channels
o Test HTTP Tunneling
o Test firewall specific vulnerabilities
How to Bypassing the Firewall
Concept of Honeypots
Purpose and working of Honeypots
Advantages and Disadvantages of Honeypots
10. Types of Honeypots
Uses of Honeypots
Detecting Honeypot
Honeynets
Architecture of Honeynet
Working process of Honeynet
Types of Honeynet
Honeywall CDROM
Chapter 19 - IDS & IPS
Concept of IDS (Intrusion Detection System)
History and Characteristics of IDS
Importance of IDS
Deployment of IDS
Intro, Advantages and Components of Distributed IDS
Aggregate Analysis with IDS
Types and Architecture of IDS:-
o Network Based IDS
o Host Based IDS
Diff. Between Network Base IDS and Host Base IDS
Methods to Detect IDS
Signatures
Types of Signature:-
o Network Signatures
o Host-based Signatures
o Compound Signatures
Methods to Detect Signature
Prelude of IDS
Concept of IPS (Intrusion Prevention System)
Diff. Between IDS and IPS
Network Antivirus Software’s
Chapter 20 – Vulnerability Assessment
Concept of Vulnerability Assessment
Purpose Types of Assessment
Vulnerability Classification
11. How to Conduct Vulnerability Assessment
Vulnerability Analysis Stages
Vulnerability Assessment Considerations
Vulnerability Assessment Reports
TimeLine and Penetration Attempts
Vulnerability Assessment Tools
Chapter 21 – Penetration Testing
Concept of Penetration Testing
Security assessments Categories
Vulnerability Assessment
Limitation of Vulnerability assessment
Why Penetration Testing?
Types of Penetration Testing
o External Testing
o Internal Testing
Sourcing Penetration Testing
Terms of Engagement
Project Scope
Agreements of Pentest Service
Testing Points, Locations, Automated Testing, Manual Testing,
Gathering information for Penetration Testing By :-
o Domain name and IP address information
o Enumerating Information about Hosts
o Testing Network-Filtering Devices
o Enumerating Devices
o Denial of Service Emulation
Chapter 22 – Session Hijacking
Session Hijacking
Difference between Spoofing and Session Hijacking
Phases of Session Hijacking:-
o Tracking the session
o Desynchronizing the connection
o Injecting the attacker’s packet
Types of Session Hijacking:-
12. o Active
o Passive
TCP 3 Way Hand Shake
Sequence Numbers
Dangers Posed by Hijacking
Countermeasure of Session Hijacking
Protection Against Session Hijacking
Countermeasure: IPSec
Chapter 23 – Hacking Web Server
Web Servers
Working process of Web Server
Loopholes of Web Server
Introduction of Popular Web Server and Common Security Threats
Apache Vulnerability
Attacks against IIS
Components of IIS
IIS Directory Traversal
Unicode and Unicode Directory Traversal Vulnerability
Unspecified Executable Path Vulnerability
File System Traversal Counter measures
WebDAV / ntdlldll Vulnerability
RPC DCOM Vulnerability
ASN Exploits
IIS Logs
Escalating Privileges on IIS
Hot Fixes and Patches
Countermeasures of Web Server
Chapter 24 – SQL Injection
Introduction of SQL
What SQL Can do
SQL Queries
Use of Quotes, AND & OR
Concept of SQL Injection
OLE DB Error
Login Guessing & Insertion
13. Shutting Down SQL Server
Extended Stored Procedures
Preventive Measures
Chapter 25 – Cross Site Scripting
Introduction Cross Site Scripting
Cross-Site Scripting
Ways of Launching Cross-Site Scripting Attacks
Working Process of Cross-Site Scripting Attacks
When will be an attack successful?
Programming Languages Utilized in XSS Attacks
Types of XSS Attacks
Steps of XSS Attack
Not Fixing CSS/XSS Holes Compromises
Methodology of XSS
How to protect Against XSS
Chapter 26 – Exploit Writing
Concept of Exploit Writing
Purpose of Exploit Writing
Requirements of Exploits Writing & Shell codes
Types of Exploits:-
o Stack Overflow Exploits
o Heap Corruption Exploit
o Format String Attack
o Integer Bug Exploits
o Race Condition
o TCP/IP Attack
The Proof-of-Concept and Commercial Grade Exploit
Converting a Proof of Concept Exploit to Commercial Grade Exploit
Attack Methodologies
Socket Binding Exploits
Steps for Writing an Exploit
Shellcodes
Null Byte
Types of Shellcode
Steps for Writing a ShellCode
14. Issues Involved With Shellcode Writing
Buffer
Static Vs Dynamic Variables
Stack Buffers, Data Region and Memory Process Regions
About the Stack
Need of Stack, Stack Region, Stack frame, Stack pointer, Procedure Call (Procedure
Prolog) , Return Address (RET), Word Size and Buffer Overflows,
Why do we get a segmentation violation and Segmentation Error
Writing Windows Based Exploits
EIP Register and ESP
Metasploit Framework, msfconsole
Development with Metasploit
Need for Creating of Exploit
Determining the Attack Vector
Debugger
Determine the offset & pattern create
Where to place the payload?
Chapter 27 – Buffer Overflow
Why Applications are vulnerable
Buffer Overflow Attack
Reasons of Buffer Overflow
Knowledge for Buffer Overflow
Understanding Stacks
Understanding Heaps
Types of Buffer Overflow Attack
o Stack Based
o Heap Based
Heap Memory Buffer overflow Bug
Understanding Assembly Language
Intro of Shell Code
Detection of Buffer Overflows in a program
Attacking a Real Program
Once the Stack is smashed
NOPS
Mutate a Buffer Overflow Exploit
Comparing Functions of libc and libsafe
15. Simple Buffer Overflow in C
Code Analysis
Countermeasure of Buffer Overflow Attack
Chapter 28 – Reverse Engineering
Concept of Reverse Engineering
Positive Application of Reverse Engineering
Ethical Reverse Engineering
DMCA ACT
Disassembler
Decompilers
Program Obfuscation
Why do you need to decompile ?
NET Obfuscator and NET Obfuscation
Java Byte code Decompilers
How does OllyDbg Work?
Chapter 29 – Email Hacking
Concept of Email
Spam and Spam Laws
E-Mail Tracking By Header
Concept of Fake E-mails
Various steps to send Fake mails
Traceip by PHP Script
Chapter 30 – Incident Handling & Response
Incident
Different Categories of Incidents
Various Types of Incidents
Who should I report an incident
Step by Step Procedure of Incident Handling
Managing Incidents
Incident Response
Incident Handling Process
Incident Detection Process
Incident Containment Process
16. Incident Eradication Process
Incident Recovery Process
Incident Follow up Process
Incident Response Team
CSIRT Services
Chapter 31 – Bluetooth Hacking
Bluetooth Technology
Concept of Bluetooth Hacking
Attacks on Bluetooth Mobile
Why Bluetooth hacking?
Working of Bluetooth Hacking
Mobile Dos Attack
Mobile Viruses & Worms
Mobile Security Tips & Tricks
Samsung Mobile Security Tips & Tricks
Motorola Mobile Security Tips & Tricks
Conclusions
Countermeasures
Chapter 32 – Mobile Phone Hacking
Mobile Technologies
Introduction and Facts of GSM
Low-Tech Fraud
Countermeasure of Low-Tech Fraud
GSM Security Problems
Attacks on GSM Networks
De-Registration and Location Update Spoofing
Camping on a False BTS and False BTS/MS
Active and Passive Identity Caching
Suppressing encryption between the target user and the intruder
Suppressing encryption between target user and the true network
Compromised cipher key
Eavesdropping on user data by suppressing encryption
Eavesdropping
User impersonation with compromised authentication vector
17. Hijacking outgoing calls
Hijacking outgoing calls with encryption enabled
Hijacking incoming calls
Hijacking incoming calls with encryption enabled
Introduction of Cryptography, Fake BTS and Terminology
Terminal and SIM
Discuss about Mobile Execution Environment
GSM Data, Signaling and Signaling Security
SS7: Opening up to World, Waiting for disaster, Evolution and What to do
Diff. between :-
o PSTN vs VOIP
o VOIP vs SS7
GSM Network Elements and Architecture
Home Location Register (HLR) and Authentication Center (AuC)
Mobile Switching Center (MSC)
Customer Care and Billing System
Value-Added Services
WAP Security Model, The WAP Gap and WTLS Security
WAP:
o No end-to-end Trust
o Man-in-the-middle
Introduction of third Generation of Wireless
3G Security Architecture and Security Model
Diff. Between 3G vs GSM
AKA Message Flow and Connection Establishment
Overview of Ciphering and Integrity
Interception and It’s :-
o Definitions
o Terminology
o Logical Configuration
o Concepts
Circuit and Packet Data Event Records
Discuss the Security of Interception
Components of GSM Network
Overview of Subscriber and its Identification
Electronic Access to the SIM
Extraction From A SIM
18. o Location Information File
o Serial Number
o Subscriber Identifier
o Phone Number
o Text Message Data
o Status of Text Message Data
o Threats to a SIM Data
Equipments:-
o Generic Properties
o Ms data
o Threats to MS Data
o Network and :-
o Network Operator Data
o Call Data Records
o Threats to Network Operator
GSM Security Operation and Forensics Tools
Overview of Cell Seizure
Features Of Cell Seizure
Advantages and Disadvantages of Cell Seizure
Tool of Cell Seizure