EC-COUNCIL

DTC offers the following courses certified by the International Council of Electronic Commerce Consultants (EC-Council):

• Certified Network Defense Architect (CNDA) [formerly Certified Ethical Hacker (CEH)]
• EC-Council Certified Security Analyst (ECSA)
• Licensed Penetration Tester (LPT)
• Certified Hacking Forensic Investigator (CHFI)
• Disaster Recovery (DR)
• Security 5

EC-COUNCIL CERTIFIED SECURITY ANALYST (ECSA)

(5 days / 10 evenings)

 The certification formerly known as Certified Ethical Hacking and Countermeasures (CEH) has now been renamed to Certified Network Defense Architect (CNDA) which fulfills Government agency's desire to avoid "hacker" in the title.

Isn't "ethical hacking" a contradiction in terms? Find out with this great 5-day course designed for security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab -intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students will then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

When students leave this intensive class, they will have hands-on understanding and experience in Ethical Hacking.

This course prepares you for EC-Council's Certified Ethical Hacker (CEH) exam 312-50.

Note: DTC is an official affiliate of EC-Council.

COURSE OUTLINE

• Module 1: Ethics and Legality
• Module 2: Footprinting
• Module 3: Scanning
• Module 4: Enumeration
• Module 5: System Hacking
• Module 6: Trojans and Backdoors
• Module 7: Sniffers
• Module 8: Denial of Service
• Module 9: Social Engineering
• Module 10: Session Hijacking
• Module 11: Hacking Web Servers
• Module 12: Web Application Vulnerabilities
• Module 13: Web Based Password Cracking Techniques
• Module 14: SQL Injection
• Module 15: Hacking Wireless Networks
• Module 16: Virus and Worms
• Module 17: Novell Hacking
• Module 18: Linux Hacking
• Module 19: IDS, Firewalls and Honeypots
• Module 20: Buffer Overflows
• Module 21: Cryptography
• Module 22: Penetration Testing Methodologies

Please click here for a more detailed course outline.

EC-COUNCIL CERTIFIED SECURITY ANALYST (ECSA)

(5 days / 10 evenings)

The certification formerly known as Certified Ethical Hacking and Countermeasures (CEH) has now been renamed to Certified Network Defense Architect (CNDA) which fulfills Government agency's desire to avoid "hacker" in the title.

Isn't "ethical hacking" a contradiction in terms? Find out with this great 5-day course designed for security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab -intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students will then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

When students leave this intensive class, they will have hands-on understanding and experience in Ethical Hacking.

This course prepares you for EC-Council's Certified Ethical Hacker (CEH) exam 312-50.

Note: DTC is an official affiliate of EC-Council.

COURSE OUTLINE

• Module 1: Ethics and Legality
• Module 2: Footprinting
• Module 3: Scanning
• Module 4: Enumeration
• Module 5: System Hacking
• Module 6: Trojans and Backdoors
• Module 7: Sniffers
• Module 8: Denial of Service
• Module 9: Social Engineering
• Module 10: Session Hijacking
• Module 11: Hacking Web Servers
• Module 12: Web Application Vulnerabilities
• Module 13: Web Based Password Cracking Techniques
• Module 14: SQL Injection
• Module 15: Hacking Wireless Networks
• Module 16: Virus and Worms
• Module 17: Novell Hacking
• Module 18: Linux Hacking
• Module 19: IDS, Firewalls and Honeypots
• Module 20: Buffer Overflows
• Module 21: Cryptography
• Module 22: Penetration Testing Methodologies

Please click here for a more detailed course outline.

CERTIFIED HACKING
FORENSIC INVESTIGATOR

(5 days / 10 evenings)

Computer hacking forensic investigation  is the  process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information.

Securing and analyzing electronic evidence is a central theme in an ever-increasing number of conflict situations and criminal cases. Electronic evidence is critical in the following situations:

?  Disloyal employees
?  Computer break-ins
?  Possession of pornography
?  Breach of contract
?  Industrial espionage
?  E-mail Fraud
?  Bankruptcy
?  Disputed dismissals
?  Web page defacements
?  Theft of company documents

Computer forensics enables the systematic and careful identification of evidence in computer related crime and abuse cases. This may range from tracing the tracks of a hacker through a client's systems, to tracing the originator of defamatory emails, to recovering signs of fraud.

The CHFI course will provide participants the necessary skills to identify an intruder's footprints and to properly gather the necessary evidence to prosecute in the court of law.

The CHFI course will benefit:

 

• Police and other law enforcement personnel
• Defense and Military personnel
• e-Business Security professionals
• Systems administrators
• Legal professionals
• Banking, Insurance and other professionals
• Government agencies
• IT managers

Course Outline

Module I: Computer Forensics in Today's World

• Introduction
• History of Forensics
• Definition of Forensic Science
• Definition of Computer Forensics
• What Is Computer Forensics?
• Need for Computer Forensics
• Evolution of Computer Forensics
• Computer Forensics Flaws and Risks
• Corporate Espionage Statistics
• Modes of Attacks
• Cyber Crime
• Examples of Cyber Crime
• Reason for Cyber Attacks
• Role of Computer Forensics in Tracking Cyber Criminals
• Rules of Computer Forensics
• Computer Forensics Methodologies
• Accessing Computer Forensics Resources
• Preparing for Computing Investigations
• Maintaining professional conduct
• Understanding Enforcement Agency Investigations
• Understanding Corporate Investigations
• Investigation Process
• Digital Forensics

Module II: Law And Computer Forensics

• What Is Cyber Crime?
• What Is Computer Forensics?
• Computer Facilitated Crimes
• Reporting Security Breaches to Law Enforcement
• National Infrastructure Protection Center
• FBI
• Federal Statutes
• Cyber Laws
• Approaches to Formulate Cyber Laws
• Scientific Working Group on Digital Evidence (SWGDE)
• Federal Laws
• The USA Patriot Act of 2001
• Freedom of Information Act
• Building Cyber Crime Case
• How the FBI Investigates Computer Crime?
• How to Initiate an Investigation?
• Legal Issues Involved in Seizure of Computer Equipments
• Searching With a Warrant
• Searching Without a Warrant
• Privacy Issues Involved in Investigations
• International Issues Related to Computer Forensics
• Crime Legislation of EU
• Cyber Crime Investigation

Module III: Computer Investigation Process

• Investigating Computer Crime
• Investigating a Company Policy Violation
• Investigation Methodology
• Evaluating the Case
• Before the Investigation
• Document Everything
• Investigation Plan
• Obtain Search Warrant
• Warning Banners
• Shutdown the Computer
• Collecting the Evidence
• Confiscation of Computer Equipments
• Preserving the Evidence
• Importance of Data-recovery Workstations and Software
• Implementing an Investigation
• Understanding Bit-stream Copies
• Imaging the Evidence Disk
• Examining the Digital Evidence
• Closing the Case
• Case Evaluation

Module IV: Computer Security Incident Response Team

• Present Networking Scenario
• Vulnerability
• Vulnerability Statistics
• What Is an Incident?
• A Study by CERT Shows Alarming Rise in Incidents (security Breach
• How to Identify an Incident
• Whom to Report an Incident?
• Incident Reporting
• Category of Incidents
• Handling Incidents
• Procedure for Handling Incident
• Preparation
• Identification
• Containment
• Eradication
• Recovery
• Follow up
• What Is CSIRT?
• Why an Organization Needs an Incident Response Team?
• Need for CSIRT
• Example of CSIRT
• CSIRT Vision
• Vision
• Best Practices for Creating a CSIRT
• Step 1: Obtain Management Support and Buy-In
• Step 2: Determine the CSIRT Development Strategic
• Step 3: Gather Relevant Information
• Step 4: Design your CSIRT Vision
• Step 5: Communicate the CSIRT Vision
• Step 6: Begin CSIRT Implementation
• Step 7: Announce the CSIRT
• Other Response Teams Acronyms and CSIRTs around the world
• World CSIRT

Module V: Computer Forensic Laboratory Requirements

• Budget Allocation for a Forensics Lab
• Physical Location Needs of a Forensic Lab
• Work Area of a Computer Forensics Lab
• General Configuration of a Forensic
• Equipment Needs in a Forensics Lab
• Ambience of a Forensics Lab
• Environmental Conditions
• Recommended Eyestrain Considerations
• Structural Design Considerations
• Electrical Needs
• Communications
• Basic Workstation Requirements in a Forensic Lab
• Consider stocking the following hardware peripherals
• Maintain Operating System and Application Inventories
• Common Terms
• Physical Security Recommendations for a Forensic Lab
• Fire-Suppression Systems
• Evidence Locker Recommendations
• Evidence Locker Combination Recommendations
• Evidence Locker Padlock Recommendations
• Facility Maintenance
• Auditing a Computer Forensics Lab
• Auditing a Forensics Lab
• Forensics Lab
• Mid Sized Lab
• Forensic Lab Licensing Requisite
• Forensic Lab Manager Responsibilities

Module VI: Understanding File systems and Hard disks

• Disk Drive Overview - I
• Hard Disk
• Disk Platter
• Tracks
• Tracks Numbering
• Sector
• Sector addressing
• Cluster
• Cluster Size
• Slack Space
• Lost Clusters
• Bad Sector
• Understanding File Systems
• Types of File System
• List of Disk File Systems
• List of Network file systems
• Special Purpose File systems
• Popular Linux File systems
• Sun Solaris 10 File system - ZFS
• Windows File systems
• Mac OS X File system
• CD-ROM / DVD File system
• File system Comparison
• Boot Sector
• Exploring Microsoft File Structures
• Disk Partition Concerns
• Boot Partition Concerns
• Examining FAT
• NTFS
• NTFS System Files
• NTFS Partition Boot Sector
• NTFS Master File Table (MFT)
• NTFS Attributes
• NTFS Data Stream
• NTFS Compressed Files
• NTFS Encrypted File Systems (EFS)
• EFS File Structure
• Metadata File Table (MFT)
• EFS Recovery Key Agent
• Deleting NTFS Files
• Understanding Microsoft Boot Tasks
• Windows XP system files
• Understanding Boot Sequence DOS
• Understanding MS-DOS Startup Tasks
• Other DOS Operating Systems
• Registry Data
• Examining Registry Data

Module VII: Windows Forensics

• Locating Evidence on Windows Systems
• Gathering Volatile Evidence
• Pslist
• Forensic Tool: fport
• Forensic Tool - Psloggedon
• Investigating Windows File Slack
• Examining File Systems
• Built-in Tool: Sigverif
• Word Extractor
• Checking Registry
• Reglite.exe
• Tool: Resplendent Registrar 3.30
• Microsoft Security ID
• Importance of Memory Dump
• Manual Memory Dumping in Windows 2000
• Memory Dumping in Windows XP and Pmdump
• System State Backup
• How to Create a System State Backup?
• Investigating Internet Traces
• Tool - IECookiesView
• Tool - IE History Viewer
• Forensic Tool: Cache Monitor
• CD-ROM Bootable Windows XP
• Bart PE
• Ultimate Boot CD-ROM
• List of Tools in UB CD-ROM
• Desktop Utilities
• File Analysis Tools
• File Management Tools
• File Recovery Tools
• File Transfer Tools
• Hardware Info Tools
• Process Viewer Tools
• Registry Tools

Module VIII:  Linux and Macintosh Boot processes

• UNIX Overview
• Linux Overview
• Understanding Volumes -I
• Exploring Unix/Linux Disk Data Structures
• Understanding Unix/linux Boot Process
• Understanding Linux Loader
• Linux Boot Process Steps
• Step 1: The Boot Manager
• Step 2: init
• Step 2.1: /etc/inittab
• runlevels
• Step 3: Services
• Understanding Permission Modes
• Unix and Linux Disk Drives and Partitioning Schemes
• Mac OS X
• Mac OS X Hidden Files
• Booting Mac OS X
• Mac OS X Boot Options
• The Mac OS X Boot Process
• Installing Mac OS X on Windows XP
• PearPC
• MacQuisition Boot CD

Module IX: Linux Forensics

• Use of Linux as a Forensics Tool
• Recognizing Partitions in Linux
• File System in Linux
• Linux Boot Sequence
• Linux Forensics
• Case Example
• Step-by-step approach to Case 1 (a)
• Step-by-step approach to Case 1 (b)
• Step-by-step approach to Case 1 (c)
• Step-by-step approach to Case 1 (d)
• Case 2
• Challenges in disk forensics with Linux
• Step-by-step approach to Case 2 (a)
• Step-by-step approach to Case 2 (b)
• Step-by-step approach to Case 2 (c)
• Popular Linux Tools 

Module X: Data Acquisition and Duplication

• Determining the Best Acquisition Methods
• Data Recovery Contingencies
• MS-DOS Data Acquisition Tools
• DriveSpy
• DriveSpy Data Manipulation Commands
• DriveSpy Data Preservation Commands
• Using Windows Data Acquisition Tools
• Data Acquisition Tool: AccessData FTK Explorer
• FTK
• Acquiring Data on Linux
• dd.exe (Windows XP Version)
• Data Acquisition Tool: Snapback Exact
• Data Arrest
• Data Acquisition Tool: SafeBack
• Data Acquisition Tool: Encase
• Need for Data Duplication
• Data Duplication Tool: R-drive Image
• Data Duplication Tool: DriveLook
• Data Duplication Tool: DiskExplorer

Module XI: Recovering Deleted Files

• Introduction
• Digital Evidence
• Recycle Bin in Windows
• Recycle Hidden Folder
• Recycle folder
• How to Undelete a File?
• Tool: Search and Recover
• Tool: Zero Assumption Digital Image Recovery
• Data Recovery in Linux
• Data Recovery Tool: E2undel
• Data Recovery Tool: O&O Unerase
• Data Recovery Tool: Restorer 2000
• Data Recovery Tool: Badcopy Pro
• Data Recovery Tool: File Scavenger
• Data Recovery Tool: Mycroft V3
• Data Recovery Tool: PC Parachute
• Data Recovery Tool: Stellar Phoenix
• Data Recovery Tool: Filesaver
• Data Recovery Tool: Virtual Lab
• Data Recovery Tool: R-linux
• Data recovery tool: Drive and Data Recovery
• Data recovery tool: active@ UNERASER - DATA recovery
• Data recovery tool: Acronis Recovery Expert
• Data Recovery Tool: Restoration
• Data Recovery Tool: PC Inspector File Recovery

Module XII: Image Files Forensics

• Introduction to Image Files
• Recognizing an Image File
• Understanding Bitmap and Vector Images
• Metafile Graphics
• Understanding Image File Formats
• File types
• Understanding Data Compression
• Understanding Lossless and Lossy Compression
• Locating and Recovering Image Files
• Repairing Damaged Headers
• Reconstructing File Fragments
• Identifying Unknown File Formats
• Analyzing Image File Headers
• Picture Viewer: Ifran View
• Picture Viewer: Acdsee
• Picture Viewer: Thumbsplus
• Steganography in Image Files
• Steganalysis Tool: Hex Workshop
• Steganalysis Tool: S-tools
• Identifying Copyright Issues With
  Graphics

Module XIII: Steganography

• Introduction
• Important Terms in Stego-forensics
• Background Information to Image Steganography
• Steganography History
• Evolution of Steganography
• Steps for Hiding Information in Steganography
• Six Categories of Steganography in Forensics
• Types of Steganography
• What Is Watermarking
• Classification of Watermarking
• Types of Watermarks
• Steganographic Detection
• Steganographic Attacks
• Real World Uses of Steganography
• Steganography in the Future
• Unethical Use of Steganography
• Hiding Information in Text Files
• Hiding Information in Image Files
• Process of Hiding Information in Image Files
• Least Significant Bit
• Masking and Filtering
• Algorithms and Transformation
• Hiding Information in Audio Files
• Low-bit Encoding in Audio Files
• Phase Coding
• Spread Spectrum
• Echo Data Hiding
• Hiding Information in DNA
• TEMPEST
• The Steganography Tree
• Steganography Tool: Fort Knox
• Steganography Tool: Blindside
• Steganography Tool: S- Tools
• Steganography Tool: Steghide
• Steganography Tool: Digital Identity
• Steganography Tool: Stegowatch
• Tool : Image Hide
• Data Stash
• Tool: Mp3Stego
• Tool: Snow.exe
• Tool: Camera/Shy
• Steganography Detection

Module XIV: Computer Forensic Tools

• Dump Tool:  DS2DUMP
• Dump Tool: Chaosreader
• Slack Space & Data Recovery Tools: Drivespy
• Slack Space & Data Recovery Tools: Ontrack
• Hard Disk Write Protection Tools: Pdblock
• Hard Disk Write Protection Tools: Nowrite & Firewire Drivedock
• Permanent Deletion of Files:pdwipe
• Disk Imaging Tools: Image & Iximager
• Disk Imaging Tools: Snapback Datarrest
• Partition Managers: PART & Explore2fs
• Linux/unix Tools: Ltools and Mtools
• Linux/UNIX tools: TCT and TCTUTILs
• Password Recovery Tool: @Stake
• ASRData
• SMART Screenshot
• Ftime
• Oxygen Phone Manager
• Multipurpose Tools: Byte Back  & Biaprotect
• Multipurpose Tools: Maresware
• Multipurpose Tools: LC Technologies Software
• Multipurpose Tools: Winhex Specialist Edition
• Multipurpose Tools: Prodiscover DFT
• Toolkits: NTI tools
• Toolkits: R-Tools-I
• Toolkits: R-Tools-II
• Toolkits: DataLifter
• Toolkits: AccessData
• LC Technology International Hardware
• Screenshot of Forensic Hardware
• Image MASSter Solo  and FastBloc
• RMON2 Tracing Tools and
  MCI DoStracker
• EnCase

Module XV: Application password crackers

• Password - Terminology
• What is a Password Cracker?
• How Does A Password Cracker Work?
• Various Password Cracking Methods
• Classification of Cracking Software
• System Level  Password Cracking
• Application Password Cracking
• Application Software Password Cracker
• Distributed Network Attack-I
• Distributed Network Attack-II
• Passware Kit
• Accent Keyword Extractor
• Advanced Zip Password Recovery
• Default Password Database
• http://phenoelit.darklab.org/
• http://www.defaultpassword.com/
• http://www.cirt.net/cgi-bin/passwd.pl
• Password Cracking Tools List

Module XVI: Investigating Logs

• Audit Logs and Security
• Audit Incidents
• Syslog
• Remote Logging
• Linux Process Accounting
• Configuring Windows Logging
• Setting up Remote Logging in Windows
• NtSyslog
• EventReporter
• Application Logs
• Extended Logging in IIS Server
• Examining Intrusion and Security Events
• Significance of Synchronized Time
• Event Gathering
• EventCombMT
• Writing Scripts
• Event Gathering Tools
• Forensic Tool: Fwanalog
• End-to End Forensic Investigation
• Correlating Log files
• Investigating TCPDump
• IDS Loganalyais:RealSecure
• IDS Loganalysis :SNORT

Module XVII:  Investigating network traffic

• Overview of Network Protocols
• Sources of Evidence on a Network
• Overview of Physical and Data-link Layer of the OSI Model
• Evidence Gathering at the Physical Layer
• Tool: Windump
• Evidence Gathering at the Data-link Layer
• Tool: Ethereal
• Tool: NetIntercept
• Overview of Network and Transport Layer of the OSI Model
• Evidence Gathering at the Network and Transport Layer-(I)
• Gathering Evidence on a Network
• GPRS Network Sniffer : Nokia LIG
• NetWitness
• McAffee Infinistream Security Forensics
• Snort 2.1.0
• Documenting the Gathered Evidence on a Network
• Evidence Reconstruction for Investigation

Module XVIII: Router Forensics

• What Is a Router?
• Functions of a Router
• A Router in an OSI Model
• Routing Table and Its Components
• Router Architecture
• Implications of a Router Attack
• Types of Router Attacks
• Denial of Service (DoS) Attacks
• Investigating Dos Attacks
• Smurfing ? Latest in Dos Attacks
• Packet ?Mistreating? Attacks
• Routing Table Poisoning
• Hit-and-run Attacks Vs. Persistent Attacks
• Router Forensics Vs. Traditional Forensics
• Investigating Routers
• Chain of Custody
• Incident Response & Session Recording
• Accessing the Router
• Volatile Evidence Gathering
• Router Investigation Steps - I
• Analyzing the Intrusion
• Logging
• Incident Forensics
• Handling a Direct Compromise Incident
• Other Incidents

Module XIX: Investigating Web Attacks

• Indications of a web attack
• Responding to a web attack
• Overview of web logs
• Mirrored Sites
• N-Stealth
• Investigating static and dynamic IP address
• Tools for locating IP Address: Nslookup
• Tools for locating IP Address: Traceroute
• Tools for locating IP Address:
    NeoTrace (Now McAfee Visual Trace)
• Tools for locating IP Address: Whois
• Web page defacement
• Defacement using DNS compromise
• Investigating DNS Poisoning
• SQL Injection Attacks
• Investigating SQL Injection Attacks
• Investigating FTP Servers
• Investigating FTP Logs
• Investigating IIS Logs
• Investigating Apache Logs
• Investigating DHCP Server Logfile

Module XX: Tracking E-mails and Investigating E-mail crimes

• Understanding Internet Fundamentals
• Understanding Internet Protocols
• Exploring the Roles of the Client and Server in E-mail
• E-mail Crime
• Spamming, Mail Bombing, Mail Storm
• Chat Rooms
• Identity Fraud , Chain Letter
• Sending Fakemail
• Investigating E-mail Crime and Violation
• Viewing E-mail Headers
• Examining an E-mail Header
• Viewing Header in Microsoft Outlook
• Viewing Header in Eudora
• Viewing Header in Outlook Express
• Viewing Header in AOL
• Viewing Header in Hot Mail
• Viewing Header using Pine for Unix
• Viewing Header in Juno
• Viewing Header in Yahoo
• Examining Additional Files
• Microsoft Outlook Mail
• Pst File Location
• Tracing an E-mail Message
• Using Network Logs Related  to E-mail
• Understanding E-mail Server
• Examining UNIX E-mail Server Logs
• Examining Microsoft E-mail Server Logs
• Examining Novell GroupWise E-mail Logs
• Using Specialized E-mail Forensic Tools
• Tool:FINALeMAIL
• Tool: R-Mail
• E-Mail Examiner by Paraben
• Network E-Mail Examiner by Paraben
• Tracing Back
• Tracing Back Web Based E-mail
• Searching E-mail Addresses
• E-mail Search Site
• Handling Spam
• Network Abuse Clearing House
• Abuse.Net
• Protecting Your E-mail Address From Spam
• Tool: Enkoder Form
• Tool:eMailTrackerPro
• Tool:SPAM Punisher

Module XXI: Mobile and PDA Forensics

• Latest Mobile Phone Access Technologies
• Evidence in Mobile Phones
• Mobile Phone Forensic Examination Methodology
• Examining Phone Internal Memory
• Examining SIM
• Examining Flash Memory and Call data records
• Personal Digital Assistant (PDA)
• PDA Components
• PDA Forensics
• PDA Forensics - Examination
• PDA Forensics - Identification
• PDA Forensics - Collection
• PDA Forensics - Documentation
• Points to Be Remembered While Conducting Investigation
• PDA Seizure by Paraben
• SIM Card Seizure by Paraben
  (SIM Card acquisition tool)
• Forensic Tool ? Palm dd (pdd)
• Forensic Tool - POSE

Module XXII:  Investigating Trademark and Copyright Infringement

• Trademarks
• Trademark Eligibility and Benefits of Registering It
• Service Mark and Trade Dress
• Trademark infringement
• Trademark Search
• www.uspto.gov
• Copyright and Copyright Notice
• Investigating Copyright Status of a Particular Work
• How Long Does a Copyright Last?
• U.S Copyright Office
• Doctrine of ?Fair Use?
• How Are Copyrights Enforced?
• SCO Vs. IBM
• SCO Vs Linux
• Line-by-Line Copying
• Plagiarism
• Turnitin
• Plagiarism detection tools
• CopyCatch
• Patent
• Patent Infringement
• Patent Search
• Case Study: Microsoft Vs Forgent
• Internet Domain Name and ICANN
• Domain Name Infringement
• Case Study: Microsoft.com Vs MikeRoweSoft.com
• How to check for Domain Name Infringement?

Module XXIII:  Investigative Reports

• Need of an investigative report
• Report specification
• Report Classification
• Report and Opinion
• Layout of an Investigative Report
• Writing Report
• Use of Supporting Material
• Importance of Consistency
• Salient Features of a Good Report
• Investigative Report Format
• Before Writing the Report
• Writing Report Using FTK

Module XXIV :  Becoming an Expert Witness

• Who Is an Expert?
• Who Is an Expert Witness?
• Role of an Expert Witness
• Technical Testimony  Vs.
  Expert Testimony
• Preparing for Testimony
• Evidence Preparation and Documentation
• Evidence Processing Steps
• Rules Pertaining to an Expert Witness' Qualification
• Importance of Curriculum Vitae
• Technical Definitions
• Testifying in Court
• The Order of Trial Proceedings
• Voir dire
• General Ethics While Testifying-i
• Evidence Presentation
• Importance of Graphics in a Testimony
• Helping Your Attorney
• Avoiding Testimony Problems
• Testifying During Direct Examination
• Testifying During Cross Examination
• Deposition
• Guidelines to Testify at a Deposition
• Dealing With Reporters

Module XXV: Forensics in action

• E-mail Hoax
• Trade Secret Theft
• Operation Cyberslam

DISASTER RECOVERY

(3 days / 6 evenings)

Course Description

This course teaches you the methods in identifying vulnerabilities and takes appropriate countermeasures to prevent and mitigate failure risks for an organization. It also provides the networking professional with a foundation in disaster recovery principles, including preparation of a disaster recovery plan, assessment of risks in the enterprise, development of policies, and procedures, and understanding of the roles and relationships of various members of an organization, implementation of the plan, and recovering from a disaster. This course takes an enterprise-wide approach to developing a disaster recovery plan. Students will learn how to create a secure network by putting policies and procedures in place, and how to restore a network in the event of a disaster.

Who Should Attend

Network server administrators, firewall administrators, systems administrators, application developers, and IT security officers.

Duration:

3 days

Certification

The e-Business certification exam 212-76 will be conducted on the last day of training. Students need to pass the online Prometric exam to receive the CEA certification. 

Course Outline

Module 1: Introduction to Disaster Recovery

• Developing Disaster Recovery Philosophy
• The Basic Principles of Disaster Recovery Planning
• Establishing Continuity and Recovery Function
• Understanding the Steps of Disaster Recovery Planning
• • Step 1: Organizing the Disaster Recovery Planning Team
• • Step 2: Assessing Risks in the Enterprise
• • Step 3: Establishing Roles Across Departments and Organizations
• • Step 4: Developing Policies and Procedures
• • Step 5: Documenting Disaster Recovery Procedures
• • Step 6: Preparing to Handle Disasters
• • Step 7: Training, Testing and Rehearsal
• • Step 8: Ongoing Management
• The Role of IT and Network Management in Disaster Recovery

Module 2: Developing the Disaster Recovery Plans

• Developing the Disaster Recovery Plan
• The Need for Executive Support
• Establishing Leadership for Disaster Recovery Planning
• Organizing the Disaster Recovery Planning Team
• The Role of IT Staff and Network Managers on the Team
• Creating Interdepartmental Subcommittees
• Organizing the Team at the Departmental Level
• How IT Staff and Network Managers Should Work with Department Teams
• Creating an Inventory of Planning Team Skills
• Training the Disaster Recovery Planning Teams
• Selecting Outside Help
• Setting the Planning Team's Schedule
• Starting an Awareness Campaign
• The Message Upper Management Should Convey to the Outside
• What Upper Management Should Tell the Board and Investors
• The Message to Take to the Media and the General Public
• Budgeting for Disaster Recovery and Management
• Salaries for Disaster Recovery Planning Staff
• Budget Structure for a Centralized Office of Disaster Recovery Planning
• Budget Structure for a Part-Time Disaster Recovery Coordinator
• Coping with Standards and Regulatory Bodies
• Assessing Progress and Preparing to Move Ahead

Module 3: Assessing Risks in the Enterprise

• Collecting Risk Assessment Data
• Documenting Business Processes
• Test 1: Do any legal requirements affect the classification of systems and functions?
• Test 2: Do contractual requirements affect the classification of systems and functions?
• Test 3: Do labor requirements affect the classification of systems and functions?
• Test 4: Do competitive pressures affect the classification of systems and functions?
• Test 5: Do financial pressures affect the classification of systems and functions?
• Test 6: Do humanitarian or social expectations affect the classification of systems and functions?
• Test 7: Do management requirements affect the classification of systems and functions?
• Creating a Business Process Inventory
• Identifying Threats and Vulnerabilities
• Measuring and Quantifying Threats
• Compiling Risk Assessment Reports
• Assessing Progress and Preparing to Move Ahead

Module 4: Prioritizing Systems and Functions for Recovery

• Determining Critical Business Activities
• Classifying Systems and Functions for Recovery Priority
• IT Systems and Support Analysis Sheet
• Computer Network Systems and Support Analysis Sheet
• Facilities Management Systems and Support Analysis Sheet
• Telecommunications Systems and Support Analysis Sheet
• Human Resources System and Support Analysis Sheet
• Corporate Security systems and Support Analysis Sheet
• Shipping and Receiving System and Support Analysis Sheet
• Developing Charts of Responsibilities
• Facility Disaster Recovery Chart of Responsibilities
• Department Disaster Recovery Chart of Responsibilities
• Business Process Disaster Recovery Chart of Responsibilities
• Assessing Insurance Requirements and Coverage Needs
• The Need for Insurance
• Evaluating the Terms and Conditions of Insurance Policies
• Evaluating Insurance Coverage

Module 5: Developing Plans and Procedures

• Determining What Disaster Recovery Procedures are Needed
• Developing and Writing Disaster Recovery Procedures
• Reviewing and Approving Disaster Recovery Procedures
• Developing Basic Disaster Recovery Plans for Every Facility
• Primary Disaster Recovery Staff
• Disaster Classification
• Directions, Controls, and Administration Procedures
• Safety and Health Procedures
• Procedures for Internal and External Communications
• Procedures for Containment and Property Protection
• Procedures for Resuming and Recovering Operations
• Procedures for Restoring Facilities and normalizing Operations
• Publishing the Disaster Recovery Plans

Module 6: Organizational Relationships in Disaster Recovery

• Identifying Organizations to Work with During a Disaster
• Working with Public Service Providers
• Developing Procedures for Working with Emergency Services
• Developing Procedures for Working with Public Utilities and Departments
• Developing Procedures for Working with Disaster Recovery Services
• Developing Procedures for Working with Telecommunication Service Providers
• Developing Procedures for Working with IT Service Providers
• Developing Procedures for Working with IT Equipment Providers and Software Companies
• Developing Procedures for Working with Business Partners
• Developing Procedures for Working with Suppliers and Business Service Providers
• Developing Procedures for Working with Customers
• Communicating with the Media
• Communicating with Stakeholders
• Stockholder and Investor Relations
• Communicating with Employees
• Communicating with Families of Employees
• Working with the Local Community

Module 7: Procedures for Responding to Attacks on Computers

• Computer Crime and Cyberattacks
• Cyberattack scenarios
• Economic and Malicious Code Attacks
• Cyberattacks in Definitions of Terrorism
• Information Warfare
• Protection Against Cyberattacks
• Evolving Privacy Laws
• How Computer Systems are Attacked?
• Type of Attacks
• Developing Procedures in the Wake of Security Breech
• Developing Procedures for Working with Law Enforcement
• Developing Procedures to Determine Economic Loses
• Developing Procedures to Ease IT Recovery
• Recovery of Small Computer Systems
• Recovery of Large Computer Systems
• Network Recovery
• Establishing Computer Incident Response Team

Module 8: Developing Procedures for Special Circumstances

• Evaluating the Need for Special Procedures
• Developing Procedures for Hazardous Materials
• Developing Procedures for Art, Antiques and Collectibles
• Developing Procedures for Historic Documents
• Developing Procedures for Perishable Foods and Materials
• Developing Procedures for Controlled Substances
• Developing Procedures for Trade Secrets
• Developing Procedures for Animals and Other Life Forms
• Developing Procedures for Precision Equipment
• Developing Procedures for Rare Materials

Module 9: Implementing disaster Recovery Plans

• Developing an Implementation Plan
• Assigning Responsibilities for Implementation
• Establishing an Implementation Schedule
• Distributing the Disaster Recovery Documentation
• Assessing the Value and Effectiveness of Mitigation Steps
• Managing Internal and External Awareness Campaigns
• Using Existing Channels of Communications
• Building Awareness Among Employees
• Building Awareness Among Customers and Business Partners
• Launching a Training Program for Disaster Recovery
• Training for Executives
• Training for Middle Managers
• Training for Supervisors
• Training for Disaster Response Teams
• Training for Employees

Module 10: Testing and Rehearsal

• Testing and Rehearsal Process
• Using a Step-By-Step Testing Process
• Developing Test Scenarios
• Evacuation and Safety Exercises
• Testing for Special Circumstances
• Testing Shutting and Lockdown Procedures
• Testing Emergency Service Response Procedures
• Rehearsing the Abilities of Subunits
• Severe weather Test Scenarios
• Measuring Effectiveness and Fine-Tuning Procedures

Module 11: Continued Assessment of Needs, Threats and Solutions

• Organizing for Long-Term Disaster Recovery Management
• Establishing Monitoring Process
• Monitoring Compliance with Procedures
• Evaluating New Technologies
• Accommodating Changes Between Organizations
• Establishing Regularly Scheduled Reviews
• Updating Documentation for Disaster Recovery Plans
• Updating Training Programs

Module 12: Living Through a Disaster

• Managing Human Dynamics During a Disaster
• Dealing with Increasing Complexity During a Disaster
• Conducting Post-Event Debriefings
• Conducting Post-Event Evaluations of Response
• Reviewing and Modifying Plans After a Disaster
• Understanding the Residual Effects of a Disaster

Prerequisites:

Basic computing skills like browsing the web and checking e-mails.

Who Should Attend:

• Office knowledge workers
• Home users
• Any non-IT person using computers in their office

Certification Exam:

Students will be prepared for EC-Council's Security 5 exam 112-12 on the last day of the class.

SECURITY 5

(2 days / 4 evenings)

Security Fundamentals

Foundations of Security

• Essential terminology
• Defining security
• Need for security
• Cyber crime
• Information Security statistics
• IS triangle
• Security myths
• How to harden security

Basic Security Procedures

• Why do I need to worry about my computer's security?
• Introduction
• Hardening of Operating System
• Updating the system and configuring the updates
• Disable unnecessary services
• Strong password creation
• Deployment of antivirus and firewall
• Disable guest account access
• "Make Private" folders
• Security settings in MS Office applications

Desktop Security

• What is file sharing?
• Types of file sharing
• How to share folder?
• Configuring shared folder permissions
• Hiding files and folders
• File sharing tips
• File downloading tips
• How to backup data and restore?
• How to encrypt and decrypt files?
• How to kill suspect processes?

Administering Windows Securely

• How to use the event viewer?
• How to enable auditing in windows?
• How to read logs on your system?
• How to close ports?
• Overview of the windows registry
• How to restore the registry?
• How to close a port?
• Common internal commands
• How to find services and ports they listen on?

Recognizing Security Threats and attacks

• Phishing and its countermeasures
• Virus
• Trojan Horse
• Worms
• Spyware
• Adware
• Keylogger
• Social engineering
• Denial of Service
• Spamming
• Port Scanning
• Password cracking
• Basic security measures

Secure Internet Access

• Basic browser security settings
• How to restrict site access
• Removing site from security zone
• Secure website detection
• Secure site and browser properties
• Tools: Internet Filtering Software
• Configuring Internet content access
• Activating Content Advisor
• How to deal with cookies
• Using P2P networks securely
• Choosing appropriate browser settings
• Wireless network security features

Working on the Internet

• Precepts of Security
• Knowing Encryption
• Digital Certificate
• Digital Signature
• Working with e-mail (web based)
• Working with e-mail (mail client)
• Working with File Transfer- FTP
• Working with File Transfer - Web Folders

Knowing Online Payment Systems

• Working with Credit Cards
• Working with Instant Messengers
• Working across File Sharing Networks
• Working on Dial-in Networks
• Working with Portable Devices
• Working with Wireless Devices
• Working with USB devices
• Working with Media Files
• Working with 3rd party software

Incident Response

• What is Incident Response?
• Incidents and responses:
• Trojan attack
• Boot sector virus attack
• Corrupted registry
• Automatic running of CD-ROM (autorun.inf)

Prerequisites:

Basic computing skills like browsing the web and checking e-mails.

Who Should Attend:

• Office knowledge workers
• Home users
• Any non-IT person using computers in their office

Schedule:

Please visit EC-Council's Accredited Training Centers  to find all of our upcoming classes, dates and locations.

Certification Exam:

Students will be prepared for EC-Council's Security 5 exam 112-12 on the last day of the class.