certified-ethical-hacker-cehv12_course_content
                     V1
CERTIFIED ETHICAL HACKER
ONLINE TRAINING & 2
CERTIFICATION
01 02
LEARN CERTIFY
03 04
ENGAG COMPET
E E
C|EH V12 
COURSE  
OVERVIEW
www.infosectrain.com | 
[email protected]
Why C|EH 
Svin1ce2 t?he threat in the cyber world is increasing 
continuously,  the industry needs cyber security 
professionals who prevent  threats and attacks in 
organizations worldwide. The Certified  Ethical Hacker (C|EH 
v12) program is one of the most respected  certifications in 
the cybersecurity field.
The EC-Council has introduced new updated technologies 
in  C|EH v12 program including the MITRE ATT&CK Framework,  
Diamond Model of Intrusion Analysis, Techniques for  
Establishing Persistence, Evading NAC and Endpoint 
Security,  Fog Computing, Edge Computing, and Grid 
Computing. These  updated technologies will prepare you to 
think like a hacker, so  you have the skills to protect your 
infrastructure.
www.infosectrain.com | 
[email protected]
Why C|EH v12
Training Program 
with  InfosecTrain?
The EC-Council’s C|EH v12 certification training program  
ocuses on training ambitious security professionals to 
gain  ethical hacking skills through the real 
implementation of  scanning, testing, hacking, and 
securing systems. You can  leverage the following 
benefits with InfosecTrain:
We can help you present your qualifications and 
work  experience for the designated profile.
We provide a flexible training schedule.
We provide recorded videos after the session to each 
participant.  We provide post-training assistance.
We also create groups for discussion.
We also provide a certificate of participation to each 
candidate.
www.infosectrain.com | 
[email protected]
C|EH 
vto1ol2s that
InfosecTrain
Teach
Scanners/Frameworks Tools
Nikto Metasploit Reconnes Nmap Angry IP 
s scanner
Miscellaneous Hacking 
Tools
John Wireshar THC Sqlma
the  k Hydra p
Ripper
Vulnerability Assessment Other Tools
Tools
Nessus Burp OpenVAS NetSca Hping3 Msfvenom
Suite n
Security Testing Tools Wireless Networking 
Tools
Burp Aircrack-ng
Suite
www.infosectrain.com | 
[email protected]
Target Audience
Ethical Hackers
System Administrators 
 Network 
Administrators  
Engineers
Web 
Managers  
Auditors
Security 
Professionals
Pre-requisites
Basic understanding of network essentials and core concepts, including server 
and  network components
www.infosectrain.com | 
[email protected]
Exam
Details
EXAM DETAILS MCQ EXAM PRACTICAL EXAM
NUMBER 125 20
OF  QUESTIONS QUESTIONS
QUESTION
SEXAM 4 6
DURATION HOURS HOURS
EXAM MULTIPLE ILABS 
FORMAT CHOICE  CYBER  
QUESTIONS RANGE
EXAM ECCEXAM
DELIVERY ,  VUE -
EXAM  312-50(ECCEXAM,  
PREFI -VUE), 312-50 
X (VUE)
PASSIN
G  60%-80% 70%
SCORE
www.infosectrain.com | 
[email protected]
Course Content
Module 1: Introduction to Ethical Hacking
Cover the fundamentals of key issues in the information security world,
including the basics of ethical hacking, information security controls, 
relevant
laws, and standard procedures. Key topics covered:
> Elements of Information Security
> Cyber Kill Chain Methodology
> MITRE ATT&CK Framework
> Hacker Classes
> Ethical Hacking
> Information Assurance (IA)
> Risk Management
> Incident Management
> PCI DSS
> HIPPA
> SOX
> GDPR
www.infosectrain.com | 
[email protected]
Module 2: Foot Printing and Reconnaissance
Learn how to use the latest techniques and tools to perform foot printing 
and  reconnaissance, a critical pre-attack phase of the ethical hacking 
process.
Hands-On Lab Exercises:
Over 30 hands-on exercises with real-life simulated targets to build skills on
how to:
Module 3: Scanning Networks
Cover the fundamentals of key issues in the information security world,
including the basics of ethical hacking, information security controls, 
relevant
laws, and standard procedures. Hands-On Lab Exercises: Over 10 hands-
on  exercises with real-life simulated targets to build skills on how to:
> Perform host, port, service, and OS discovery on the target network
> Perform scanning on the target network beyond IDS and firewall
Module 4: Enumeration
Learn various enumeration techniques, such as Border Gateway 
Protocol  (BGP) and Network File Sharing (NFS) exploits, plus 
associated
countermeasures. Hands-On Lab Exercises: Over 20 hands-on 
exercises with
real-life simulated targets to build skills on how to:
> Perform NetBIOS, SNMP, LDAP, NFS, DNS, SMTP, RPC, SMB, and FTP 
Enumeration
www.infosectrain.com | 
[email protected]
Module 5: Vulnerability Analysis
Learn how to identify security loopholes in a target organization’s 
network,
communication infrastructure, and end systems. Hands-On Lab 
Exercises:  Over 5 hands-on exercises with real-life simulated targets to 
build skills on  how to:
Module 6: System Hacking
Learn about the various system hacking methodologies—including
steganography, steganalysis attacks, and covering tracks—used to 
discover
system and network vulnerabilities. Hands-On Lab Exercises:
Over 25 hands-on exercises with real-life simulated targets to build skills 
on
how to:
> Perform Online active online attack to crack the system’s password
> Perform buffer overflow attack to gain access to a remote system
> Escalate privileges using privilege escalation tools
> Escalate privileges in linux machine
> Hide data using steganography
> Clear Windows and Linux machine logs using various utilities
> Hiding artifacts in Windows and Linux machines
www.infosectrain.com | 
[email protected]
Module 7: Malware Threats
Get an introduction to the different types of malware, such as Trojans, 
viruses,  and worms, as well as system auditing for malware attacks, 
malware analysis,  and countermeasures. Hands-On Lab Exercises: Over 20 
hands-on exercises
with real-life simulated targets to build skills on how to:
> Gain control over a victim machine using Trojan
> Infect the target system using a virus
> Perform static and dynamic malware analysis
Key topics covered:
>Malware, Components of Malware
>APT
>Trojan
>Types of Trojans
>Exploit Kits
>Virus
>Virus Lifecycle
>Types of Viruses
>Ransomware
>Computer Worms
>Fileless Malware
>Malware Analysis
>Static Malware Analysis
>Dynamic Malware Analysis
>Virus Detection Methods
>Trojan Analysis
>Virus Analysis
>Fileless Malware Analysis
>Anti-Trojan Software
>Antivirus Software
>Fileless Malware Detection Tools
www.infosectrain.com | 
[email protected]
Module 8: Sniffing
Learn about packet-sniffing techniques and how to use them to discover
network vulnerabilities, as well as countermeasures to defend against 
sniffing
attacks. Hands-On Lab Exercises: Over 10 hands-on exercises with real-
life  simulated targets to build skills on how to:
> Perform MAC flooding, ARP poisoning, MITM and DHCP starvation attack
> Spoof a MAC address of Linux machine
> Perform network sniffing using various sniffing tools
> Detect ARP poisoning in a switch-based network
Key topics covered:
>Network Sniffing
>Wiretapping
>MAC Flooding
>DHCP Starvation Attack
>ARP Spoofing Attack
>ARP Poisoning
>ARP Poisoning Tools
>MAC Spoofing
>STP Attack
>DNS Poisoning
>DNS Poisoning Tools
>Sniffing Tools
>Sniffer Detection Techniques
>Promiscuous Detection Tools
www.infosectrain.com | 
[email protected]
Module 9: Social Engineering
Learn social engineering concepts and techniques, including how to identify
theft attempts, audit human-level vulnerabilities, and suggest social 
engineer-
ing countermeasures. Hands-On Lab Exercises: Over 4 hands-on 
exercises  with real-life simulated targets to build skills on how to:
> Perform social engineering using Various Techniques
> Spoof a MAC address of a Linux machine
> Detect a phishing attack
> Audit an organization’s security for phishing attacks
Key topics covered:
>Social Engineering
>Types of Social Engineering
>Phishing
>Phishing Tools
>Insider Threats/Insider Attacks
>Identity Theft
Module 10: Denial-of-Service
Learn about different Denial-of-Service (DoS) and Distributed DoS (DDoS)
attack techniques, as well as the tools used to audit a target and devise 
DoS
and DDoS countermeasures and protections. Hands-On Lab Exercises:
Over 5 hands-on exercises with real-life simulated targets to build skills on
how to:
> Perform a DoS and DDoS attack on a target host
> Detect and protect against DoS and DDoS attacks
www.infosectrain.com | 
[email protected]
Key topics covered:
> DoS Attack, DDoS Attack
> Botnets
> DoS/DDoS Attack Techniques
> DoS/DDoS Attack Tools
> DoS/DDoS Attack Detection Techniques
> DoS/DDoS Protection Tools
Module 11: Session Hijacking
Understand the various session hijacking techniques used to 
discover  network-level session management, authentication, 
authorization, and
cryptographic weaknesses and associated countermeasures. 
Hands-On Lab
Exercises: Over 4 hands-on exercises with real-life simulated targets to 
build  skills on how to:
>Perform session hijacking using various tools
>Detect session hijacking
Key topics covered:
>Session Hijacking
>Types of Session Hijacking
>Spoofing
>Application-Level Session Hijacking
>Man-in-the-Browser Attack
>Client-side Attacks
>Session Replay Attacks
>Session Fixation Attack
>CRIME Attack
>Network Level Session Hijacking
>TCP/IP Hijacking
>Session Hijacking Tools
>Session Hijacking Detection Methods
>Session Hijacking Prevention Tools
www.infosectrain.com | 
[email protected]
Module 12: Evading IDS, Firewalls, and Honeypots
Get introduced to firewall, intrusion detection system, and honeypot 
evasion  techniques; the tools used to audit a network perimeter for 
weaknesses; and  countermeasures. Hands-On Lab Exercises: Over 7 
hands-on exercises with
real-life simulated targets to build skills on how to:
> Bypass Windows Firewall
> Bypass firewall rules using tunneling
> Bypass antivirus
Module 13: Hacking Web Servers
Learn about web server attacks, including a comprehensive attack
methodology used to audit vulnerabilities in web server infrastructures 
and
countermeasures. Hands-On Lab Exercises: Over 8 hands-on exercises 
with  real-life simulated targets to build skills on how to:
> Perform web server reconnaissance using various tools
> Enumerate web server information
> Crack FTP credentials using a dictionary attack
Key topics covered:
> Web Server Operations
> Web Server Attacks
> DNS Server Hijacking
> Website Defacement
> Web Cache Poisoning Attack
> Web Server Attack Methodology
> Web Server Attack Tools
> Web Server Security Tools
> Patch Management
> Patch Management Tools
www.infosectrain.com | 
[email protected]
Module 14: Hacking Web Applications
Learn about web application attacks, including a comprehensive web 
applica-  tion hacking methodology used to audit vulnerabilities in web 
applications
and countermeasures. Hands-On Lab Exercises: Over 15 hands-on 
exercises  with real-life simulated targets to build skills on how to:
Key topics covered:
> Web Application Architecture
> Web Application Threats
> OWASP Top 10 Application Security Risks –  
2021
> Web Application Hacking Methodology
> Web API
> Webhooks and Web Shell
> Web API Hacking Methodology
> Web Application Security
www.infosectrain.com | 
[email protected]
Module 15: SQL Injections
Learn about SQL injection attack techniques, injection detection tools, 
and  countermeasures to detect and defend against SQL injection 
attempts.
Hands-On Lab Exercises: Over 4 hands-on exercises with real-life 
simulated
targets to build skills on how to:
Key topics covered:
> SQL Injection
> Types of SQL injection
> Blind SQL Injection
> SQL Injection Methodology
> SQL Injection Tools
> Signature Evasion 
Techniques
> SQL Injection Detection Tools
Module 16: Hacking Wireless Networks
Learn about wireless encryption, wireless hacking methodologies and 
tools,  and Wi-Fi security tools Hands-On Lab Exercises: Over 3 hands-on 
exercises  with real-life simulated targets to build skills on how to:
> Foot Print a wireless network
> Perform wireless traffic analysis
> Crack WEP, WPA, and WPA2 networks
> Create a rogue access point to capture data packets
www.infosectrain.com | 
[email protected]
Key topics covered:
> Wireless Terminology
> Wireless Networks
> Wireless Encryption
> Wireless Threats
> Wireless Hacking Methodology
> Wi-Fi Encryption Cracking
> WEP/WPA/WPA2 Cracking Tools
> Bluetooth Hacking
> Bluetooth Threats
> Wi-Fi Security Auditing Tools
> Bluetooth Security Tools
Module 17: Hacking Mobile Platforms
Learn about mobile platform attack vectors, Android vulnerability exploits, 
and
mobile security guidelines and tools. Hands-On Lab Exercises: Over 5
hands-on exercises with real-life simulated targets to build skills on how to:
> Hack an Android device by creating binary payloads
> Exploit the Android platform through ADB
> Hack an Android device by creating APK file
> Secure Android devices using various Android security tools
Key topics covered:
>Mobile Platform Attack Vectors
>OWASP Top 10 Mobile Risks
>App Sandboxing
>SMS Phishing Attack (SMiShing)
>Android Rooting
>Hacking Android Devices
>Android Security Tools
www.infosectrain.com | 
[email protected]
> Jailbreaking iOS
> Hacking iOS Devices
> iOS Device Security Tools
> Mobile Device Management (MDM)
> OWASP Top 10 Mobile Controls
> Mobile Security Tools
Module 18: IoT Hacking & OT Hacking
Learn about packet-sniffing techniques and how to use them to discover
network vulnerabilities, as well as countermeasures to defend against 
sniffing
attacks. Hands-On Lab Exercises: Over 2 hands-on exercises with real-
life  simulated targets to build skills on how to:
>Gather information using Online foot printing tools
>Capture and analyze IoT device traffic
Key topics covered:
>IoT Architecture
>IoT Communication Models
>OWASP Top 10 IoT Threats
>IoT Vulnerabilities
>IoT Hacking Methodology
>IoT Hacking Tools
>IoT Security Tools
>IT/OT Convergence (IIOT)
>ICS/SCADA
>OT Vulnerabilities
>OT Attacks
>OT Hacking Methodology
>OT Hacking Tools
>OT Security Tools
www.infosectrain.com | 
[email protected]
Module 19: Cloud Computing
Learn different cloud computing concepts, such as container 
technologies  and server less computing, various cloud-based threats 
and attacks, and  cloud security techniques and tools. Hands-On Lab 
Exercises: Over 5
hands-on exercises with real-life simulated targets to build skills on how 
to:
> Perform S3 Bucket enumeration using various S3 bucket enumeration 
tools
> Exploit open S3 buckets
> Escalate IAM user privileges by exploiting misconfigured user policy
Key topics covered:
> Cloud Computing
> Types of Cloud Computing Services
> Cloud Deployment Models
> Fog and Edge Computing
> Cloud Service Providers
> Container
> Docker
> Kubernetes
> Serverless Computing
> OWASP Top 10 Cloud Security Risks
> Container and Kubernetes Vulnerabilities
> Cloud Attacks
> Cloud Hacking
> Cloud Network Security
> Cloud Security Controls
www.infosectrain.com | 
[email protected]
Module 20: Cryptography
In the final module, learn about cryptography and ciphers, public-key 
infra-  structure, cryptography attacks, and cryptanalysis tools. Hands-On 
Lab Exer-
cises: Over 10 hands-on exercises with real-life simulated targets to build 
skills  on how to:
> Calculate MD5 hashes
> Perform file and text message encryption
> Create and use self-signed certificates
> Perform email and disk encryption
> Perform cryptanalysis using various cryptanalysis tools
Key topics covered:
>Cryptography
>Encryption Algorithms
>MD5 and MD6 Hash Calculators
>Cryptography Tools
>Public Key Infrastructure (PKI)
>Email Encryption
>Disk Encryption
>Cryptanalysis
>Cryptography Attacks
>Key Stretching
www.infosectrain.com | 
[email protected]
Career
Benefit
s Mid Level Information 
Assurance  Security Audit $94,92
4
Cybersecurity Auditor $77,80
0
System Security Administrator $91,47
2
IT Security Administrator $77,08
9
Cyber Defense Analyst $87,68
6
Vulnerability Assessment Analyst $1,06,60
4
Warning Analyst $72,16
2
Information
Security Analyst $66,89
5
Security Analyst L1 $79.22
9
Infosec 
Security  $75,10
Administrator 8
Cyber Security 
Analyst  Level 1 $73,24
2
Cyber DefensCyber 
Security  Analyst Level 2e $86,17
Analyst 3
Cyber Security Analyst Level 3 $1,04,54
4
www.infosectrain.com | 
[email protected]
www.infosectrain.com | 
[email protected]