Basic It Skills

BASIC IT SKILLS 90 HOURS
IT ESSENTIALS 60 HOURS
CCNA 280 HOURS
WEB DESIGN AND
DEVELOPMENT
60 HOURS
PROFESSIONAL SOFTWARE
(E-VIEWS & RAT, STATA,
SPSS, SAGE, MS PROJECT)
45 HOURS (EACH

EC-Council Computer Hacking Forensics Investigator (CHFI) v8.0
*

Back Print | Email | Share This | Request Info | Contact Us

View Class Schedule

Duration
Classroom Learning - 5 Day(s)
Online LIVE - 5 Day(s)
Overview
This course will provide participants the necessary skills to identify an intruders footprints and to properly gather the necessary
evidence to prosecute in the court of law.
Who Should Attend
The CHFI course will benefit: - Police and other laws enforcement personnel - Defense and Military personnel - e-Business Security
professionals - Systems administrators - Legal professionals - Banking, Insurance and other professionals - Government agencies
At Course Completion
Computer forensics enables the systematic and careful identification of evidence in computer related crime and abuse cases. This
may range from tracing the tracks of a hacker through a clients systems, to tracing the originator of defamatory emails, to recovering
signs of fraud.
Suggested Next Steps
CISSP: Certified Information Systems Security Professional

Other Related Classes
Strategic Infrastructure Security
Tactical Perimeter Defense

Outline
Lesson 1: Computer Forensics and Investigations as a Profession
Understanding Computer Forensics
Comparing Definitions of Computer Forensics
Exploring a Brief History of Computer Forensics
Developing Computer Forensics Resources
Preparing for Computing Investigations
Understanding Enforcement Agency Investigations
Understanding Corporate Investigations
Maintaining Professional Conduct
Lesson 2: Understanding Computer Investigations
Preparing a Computer Investigation
Examining a Computer Crime
Examining a Company-Policy Violation
Taking a Systematic Approach
Assessing the Case
Planning Your Investigation
Securing Your Evidence
Understanding Data-Recovery Workstations and Software
Setting Up Your Workstation for Computer Forensics
Executing an Investigation
Gathering the Evidence
Copying the Evidence Disk
Analyzing Your Digital Evidence
Completing the Case
Critiquing the Case
Lesson 3: Working with Windows and DOS Systems
Understanding File Systems
Understanding the Boot Sequence
Examining Registry Data
Disk Drive Overview
Exploring Microsoft File Structures
Disk Partition Concerns
Boot Partition Concerns
Examining FAT Disks
Examining NTFS Disks
NTFS System Files
NTFS Attributes
NTFS Data Streams
NTFS Compressed Files
NTFS Encrypted File Systems (EFS)
EFS Recovery Key Agent
Deleting NTFS Files
Understanding Microsoft Boot Tasks
Windows XP, 2000, and NT Startup
Windows XP System Files
Understanding MS-DOS Startup Tasks
Other DOS Operating Systems
Lesson 4: Macintosh and Linux Boot Processes and Disk Structures
Understanding the Macintosh File Structure
Understanding Volumes
Exploring Macintosh Boot Tasks
Examining UNIX and Linux Disk Structures
UNIX and Linux Overview
Understanding modes
Understanding UNIX and Linux Boot Processes
Understanding Linux Loader
UNIX and Linux Drives and Partition Scheme
Examining Compact Disc Data Structures
Understanding Other Disk Structures
Examining SCSI Disks
Examining IDE/EIDE Devices
Lesson 5: The Investigators Office and Laboratory
Understanding Forensic Lab Certification Requirements
Identifying Duties of the Lab Manager and Staff
Balancing Costs and Needs
Acquiring Certification and Training
Determining the Physical Layout of a Computer Forensics Lab
Identifying Lab Security Needs
Conducting High-Risk Investigations
Considering Office Ergonomics
Environmental Conditions
Lighting
Structural Design Considerations
Electrical Needs
Communications
Fire-suppression Systems
Evidence Lockers
Facility Maintenance
Physical Security Needs
Auditing a Computer Forensics Lab
Computer Forensics Lab Floor Plan Ideas
Selecting a Basic Forensic Workstation
Selecting Workstations for Police Labs
Selecting Workstations for Private and Corporate Labs
Stocking Hardware Peripherals
Maintaining Operating Systems and Application Software Inventories
Using a Disaster Recovery Plan
Planning for Equipment Upgrades
Using Laptop Forensic Workstations
Building a Business Case for Developing a Forensics Lab
Creating a Forensic Boot Floppy Disk
Assembling the Tools for a Forensic Boot Floppy Disk
Retrieving Evidence Data Using a Remote Network Connection
Lesson 6: Current Computer Forensics Tools
Evaluating Your Computer Forensics Software Needs
Using National Institute of Standards and Technology (NIST) Tools
Using National Institute of Justice (NU) Methods
Validating Computer Forensics Tools
Using Command-Line Forensics Tools
Exploring NTI Tools
Exploring Ds2dump
Reviewing DriveSpy
Exploring PDBlock
Exploring PDWipe
Reviewing Image
Exploring Part
Exploring SnapBack DatArrest
Exploring Byte Back
Exploring MaresWare
Exploring DIGS Mycroft v3
Exploring Graphical User Interface (GUI) Forensics Tools
Exploring AccessData Programs
Exploring Guidance Software EnCase
Exploring Ontrack
Using BIAProtect
Using LC Technologies Software
Exploring WinHex Specialist Edition
Exploring DIGS Analyzer Professional Forensic Software
Exploring ProDiscover DFT
Exploring DataLifter
Exploring ASRData
Exploring the Internet History Viewer
Exploring Other Useful Computer Forensics Tools
Exploring LTOOLS
Exploring Mtools
Exploring R-Tools
Using Explore2fs
Exploring @stake
Exploring TCT and TCTUTILs
Exploring ILook
Exploring HashKeeper
Using Graphic Viewers
Exploring Hardware Tools
Computing-Investigation Workstations
Building Your Own Workstation
Using a Write-blocker
Using LC Technology International Hardware
Forensic Computers
DIGS
Digital Intelligence
Image MASSter Solo
FastBloc
Acard
NoWrite
Wiebe Tech Forensic DriveDock
Recommendations for a Forensic Workstation
Lesson 7: Digital Evidence Controls
Identifying Digital Evidence
Understanding Evidence Rules
Securing Digital Evidence at an Incident Scene
Cataloging Digital Evidence
Lab Evidence Considerations
Processing and Handling Digital Evidence
Storing Digital Evidence
Evidence Retention and Media Storage Needs
Documenting Evidence
Obtaining a Digital Signature
Lesson 8: Processing Crime and Incident Scenes
Processing Private-Sector Incident Scenes
Processing Law Enforcement Crime Scenes
Understanding Concepts and Terms Used in Warrants
Preparing for a Search
Identifying the Nature of the Case
Identifying the Type of Computing System
Determining Whether You Can Seize a Computer
Obtaining a Detailed Description of the Location
Determining Who Is in Charge
Using Additional Technical Expertise
Determining the Tools You Need
Preparing the Investigation Team
Securing a Computer Incident or Crime Scene
Seizing Digital Evidence at the Scene
Processing a Major Incident or Crime Scene
Processing Data Centers with an Array of RAIDS
Using a Technical Advisor at an Incident or Crime Scene
Sample Civil Investigation
Sample Criminal Investigation
Collecting Digital Evidence
Lesson 9: Data Acquisition
Determining the Best Acquisition Method
Planning Data Recovery Contingencies
Using MS-DOS Acquisition Tools
Understanding How DriveSpy Accesses Sector Ranges
Data Preservation Commands
Using DriveSpy Data Manipulation Commands
Using Windows Acquisition Tools
AccessData FTK Explorer
Acquiring Data on Linux Computers
Using Other Forensics Acquisition Tools
Exploring SnapBack DatArrest
Exploring SafeBack
Exploring EnCase
Lesson 10: Computer Forensic Analysis
Understanding Computer Forensic Analysis
Refining the Investigation Plan
Using DriveSpy to Analyze Computer Data
DriveSpy Command Switches
DriveSpy Keyword Searching
DriveSpy Scripts
DriveSpy Data-Integrity Tools
DriveSpy Residual Data Collection Tools
Other Useful DriveSpy Command Tools
Using Other Digital Intelligence Computer Forensics Tools
Using PDBlock and PDWipe
Using AccessDatas Forensic Toolkit
Performing a Computer Forensic Analysis
Setting Up Your Forensic Workstation
Performing Forensic Analysis on Microsoft File Systems
UNIX and Linux Forensic Analysis
Macintosh Investigations
Addressing Data Hiding Techniques
Hiding Partitions
Marking Bad Clusters
Bit-Shifting
Using Steganography
Examining Encrypted Files
Recovering Passwords
Lesson 11: E-mail Investigations
Understanding Internet Fundamentals
Understanding Internet Protocols
Exploring the Roles of the Client and Server in E-mail
Investigating E-mail Crimes and Violations
Identifying E-mail Crimes and Violations
Examining E-mail Messages
Copying an E-mail Message
Printing an E-mail Message
Viewing E-mail Headers
Examining an E-mail Header
Examining Additional E-mail Files
Tracing an E-mail Message
Using Network Logs Related to E-mail
Understanding E-mail Servers
Examining UNIX E-mail Server Logs
Examining Microsoft E-mail Server Logs
Examining Novell GroupWise E-mail Logs
Using Specialized E-mail Forensics Tools
Lesson 12: Recovering Image Files
Recognizing an Image File
Understanding Bitmap and Raster Images
Understanding Vector Images
Metafle Graphics
Understanding Image File Formats
Understanding Data Compression
Reviewing Lossless and Lossy Compression
Locating and Recovering Image Files
Identifying Image File Fragments
Repairing Damaged Headers
Reconstructing File Fragments
Identifying Unknown File Formats
Analyzing Image File Headers
Tools for Viewing Images
Understanding Steganography in Image Files
Using Steganalysis Tools
Identifying Copyright Issues with Graphics
Lesson 13: Writing Investigation Reports
Understanding the Importance of Reports
Limiting the Report to Specifics
Types of Reports
Expressing an Opinion
Designing the Layout and Presentation
Litigation Support Reports versus Technical Reports
Writing Clearly
Providing Supporting Material
Formatting Consistently
Explaining Methods
Data Collection
Including Calculations
Providing for Uncertainty and Error Analysis
Explaining Results
Discussing Results and Conclusions
Providing References
Including Appendices
Providing Acknowledgments
Formal Report Format
Writing the Report
Using FTK Demo Version
Lesson 14: Becoming an Expert Witness
Comparing Technical and Scientific Testimony
Preparing for Testimony
Documenting and Preparing Evidence
Keeping Consistent Work Habits
Processing Evidence
Serving as a Consulting Expert or an Expert Witness
Creating and Maintaining Your CV
Preparing Technical Definitions
Testifying in Court
Understanding the Trial Process
Qualifying Your Testimony and Voir Dire
Addressing Potential Problems
Testifying in General
Presenting Your Evidence
Using Graphics in Your Testimony
Helping Your Attorney
Avoiding Testimony Problems
Testifying During Direct Examination
Using Graphics During Testimony
Testifying During Cross-Examination
Exercising Ethics When Testifying
Understanding Prosecutorial Misconduct
Preparing for a Deposition
Guidelines for Testifying at a Deposition
Recognizing Deposition Problems
Public Release: Dealing with Reporters
Forming an Expert Opinion
Determining the Origin of a Floppy Disk
Lesson 15: Computer Security Incident Response Team
Incident Response Team
Incident Reporting Process
Low-level incidents
Mid-level incidents
High-level incidents
What is a Computer Security Incident Response Team (CSIRT)?
Why would an organization need a CSIRT?
What types of CSIRTs exist?
Other Response Teams Acronyms
What does a CSIRT do?
What is Incident Handling?
Need for CSIRT in Organizations
Best Practices for Creating a CSIRT?
Lesson 16: Logfile Analysis
Secure Audit Logging
Audit Events
Syslog
Message File
Setting Up Remote Logging
Linux Process Tracking
Windows Logging
Remote Logging in Windows
ntsyslog
Application Logging
Extended Logging
Monitoring for Intrusion and Security Events
Importance of Time Synchronization
Passive Detection Methods
Dump Event Log Tool (Dumpel.exe)
EventCombMT
Event Collection
Scripting
Event Collection Tools
Forensic Tool: fwanalog
Elements of an End-to-End Forensic Trace
Log Analysis and Correlation
TCPDump logs
Intrusion Detection Log (RealSecure)
Intrusion Detection Log (SNORT)
Lesson 17: Recovering Deleted Files
The Windows Recycle Bin
Digital evidence
Recycle Hidden Folder
How do I undelete a file?
e2undel
O&O UnErase
Restorer2000
BadCopy Pro
File Scavenger
Mycroft v3
PC ParaChute
Search and Recover
Stellar Phoenix Ext2,Ext3
Zero Assumption Digital Image Recovery
FileSaver
VirtualLab Data Recovery
R-Linux
Drive & Data Recovery
Active@ UNERASER - DATA Recovery
Lesson 18: Application Password Crackers
Advanced Office XP Password Recovery
AOXPPR
Accent Keyword Extractor
Advanced PDF Password Recovery
APDFPR
Distributed Network Attack
Windows XP / 2000 / NT Key
Passware Kit
How to Bypass BIOS Passwords
BIOS Password Crackers
Removing the CMOS Battery
Default Password Database
Lesson 19: Investigating E-Mail Crimes
E-mail Crimes
Sending Fakemail
Sending E-mail using Telnet
Tracing an e-mail
Mail Headers
Reading Email Headers
Tracing Back
Tracing Back Web Based E-mail
Microsoft Outlook Mail
Pst File Location
Tool: R-Mail
Tool: FinaleMail
Searching E-mail Addresses
E-mail Search Site
abuse.net
Network Abuse Clearing House
Handling Spam
Protecting your E-mail Address from Spam
Tool: Enkoder Form
Tool: eMailTrackerPro
Tool: SPAM Punisher
Lesson 20: Investigating Web Attacks
How to Tell an Attack is in Progress
What to Do When You Are Under Attack?
Conducting the Investigation
Attempted Break-in
Step 1: Identifing the System(s)
Step 2: Traffic between source and destination
How to detect attacks on your server?
Investigating Log Files
IIS Logs
Log file Codes
Apache Logs
Access_log
Log Security
Log File Information
Simple Request
Time/Date Field
Mirrored Site Detection
Mirrored Site in IIS Logs
Vulnerability Scanning Detection
Example of Attack in Log file
Web Page Defacement
Defacement using DNS Compromise
Investigating DNS Poisoning
Investigating FTP Servers
Example of FTP Compromise
FTP logs
SQL Injection Attacks
Investigating SQL Injection Attacks
Web Based Password Brute Force Attack
Investigating IP Address
Tools for locating IP Address
Investigating Dynamic IP Address
Location of DHCP Server Logfile
Lesson 21: Investigating Network Traffic
Network Intrusions and Attacks
Direct vs. Distributed Attacks
Automated Attacks
Accidental Attacks
Address Spoofing
IP Spoofing
ARP Spoofing
DNS Spoofing
Preventing IP Spoofing
Preventing ARP Spoofing
Preventing DNS Spoofing
VisualZone
DShield
Forensic Tools for Network Investigations
TCPDump
Ethereal
NetAnalyst
Ettercap
Ethereal
Lesson 22: Investigating Router Attacks
DoS Attacks
Investigating DoS Attacks
Investigating Router Attacks
Lesson 23: The Computer Forensics Process
Evidence Seizure Methodology
Before the Investigation
Document Everything
Confiscation of Computer Equipment
Lesson 24: Data Duplication
Tool: R-Drive Image
Tool: DriveLook
Tool: DiskExplorer for NTFS
Lesson 25: Windows Forensics
Gathering Evidence in Windows
Collecting Data from Memory
Collecting Evidence
Memory Dump
Manual Memory Dump (Windows 2000)
Manual Memory Dump (Windows XP)
PMDump
Windows Registry
Registry Data
Regmon utility
Forensic Tool: InCntrl5
Backing Up of the entire Registry
System State Backup
Forensic Tool: Back4Win
Forensic Tool: Registry Watch
System Processes
Process Monitors
Default Processes in Windows NT, 2000, and XP
Process-Monitoring Programs
Process Explorer
Look for Hidden Files
Viewing Hidden Files in Windows
NTFS Streams
Detecting NTFS Streams
Rootkits
Detecting Rootkits
Sigverif
Detecting Trojans and Backdoors
Removing Trojans and Backdoors
Port Numbers Used by Trojans
Examining the Windows Swap File
Swap file as evidence
Viewing the Contents of the Swap/Page File
Recovering Evidence from the Web Browser
Locating Browser History Evidence
Forensic Tool: Cache Monitor
Print Spooler Files
Steganography
Forensic Tool: StegDetect
Lesson 26: Linux Forensics
Performing Memory Dump on Unix Systems
Viewing Hidden Files
Executing Process
Create a Linux Forensic Toolkit
Collect Volatile Data Prior to Forensic Duplication
Executing a Trusted Shell
Determining Who is logged on to the System
Determining the Running Processes
Detecting Loadable Kernel Module Rootkits
LKM
Open Ports and Listening Applications
/proc file system
Log Files
Configuration Files
Low Level Analysis
Log Messages
Running syslogd
Investigating User Accounts
Collecting an Evidential Image
File Auditing Tools
Lesson 27: Investigating PDA
Parabens PDA Seizure
Lesson 28: Enforcement Law and Prosecution
Freedom of Information Act
Reporting Security Breaches to Law Enforcement
National Infrastructure Protection Center
Federal Computer Crimes and Laws
Federal Laws
The USA Patriot Act of 2001
Building the Cybercrime Case
How the FBI Investigates Computer Crime
Cyber Crime Investigations
Computer-facilitated crime
FBI
Federal Statutes
Local laws
Federal Investigative Guidelines
Gather Proprietary Information
Contact law enforcement
To initiate an investigation
Lesson 29: Investigating Trademark and Copyright Infringement
Trademarks
Trademark Eligibility
What is a service mark?
What is trade dress?
Internet domain name
Trademark Infringement
Conducting a Trademark Search
Using Internet to Search for Trademarks
Hiring a professional firm to conduct my trademark search
Trademark Registrations
Benefits of Trademark Registration
Copyright
How long does a copyright last?
Copyright Notice
Copyright Fair Use Doctrine
U.S. Copyright Office
How are copyrights enforced?
SCO vs IBM
What is Plagiarism?
Turnitin
Plagiarism Detection Tools

EC-Council Certified Ethical Hacker (CEH) v8.0
*


View Class Schedule

Duration
Overview
This class will immerse the student into an interactive environment where they will be shown how to scan, test,
hack and secure their own systems. Students then learn how intruders escalate privileges and what steps can
be taken to secure a system.
Who Should Attend
This course will significantly benefit security officers, auditors, security professionals, site administrators, and
anyone who is concerned about the integrity of the network infrastructure.
Tactical Perimeter Defense

Strategic Infrastructure Security

Outline
Lesson 1: Introduction to Ethical Hacking
Internet Crime Current Report: IC3
Data Breach Investigations Report
Types of Data Stolen From the Organizations
Essential Terminologies
Elements of Information Security
Authenticity and Non-Repudiation
The Security, Functionality, and Usability Triangle
Security Challenges
Effects of Hacking
Who is a Hacker?
Hacker Classes
Hacktivism
What Does a Hacker Do?
Phase 1 Reconnaissance
Phase 2 Scanning
Phase 3 Gaining Access
Phase 4 Maintaining Access
Phase 5 Covering Tracks
Types of Attacks on a System
Why Ethical Hacking is Necessary?
Defense in Depth
Scope and Limitations of Ethical Hacking
What Do Ethical Hackers Do?
Skills of an Ethical Hacker
Vulnerability Research
Vulnerability Research Websites
What is Penetration Testing?
Why Penetration Testing?
Penetration Testing Methodology
Lesson 2: Footprinting and Reconnaissance
Footprinting Terminologies
What is Footprinting?
Objectives of Footprinting
Footprinting Threats
Finding a Companys URL
Locate Internal URLs
Public and Restricted Websites
Search for Companys Information
Footprinting Through Search Engines
Collect Location Information
People Search
Gather Information from Financial Services
Footprinting Through Job Sites
Monitoring Target Using Alerts
Competitive Intelligence Gathering
WHOIS Lookup
Extracting DNS Information
Locate the Network Range
Traceroute
Mirroring Entire Website
Extract Website Information from http://www.archive.org
Monitoring Web Updates Using Website Watcher
Tracking Email Communications
Footprint Using Google Hacking Techniques
What a Hacker Can Do With Google Hacking?
Google Advance Search Operators
Google Hacking Tool: Google Hacking Database (GHDB)
Google Hacking Tools
Additional Footprinting Tools
Footprinting Countermeasures
Footprinting Pen Testing
Lesson 3: Scanning Networks
Network Scanning
Types of Scanning
Checking for Live Systems ICMP Scanning
Ping Sweep
Three-Way Handshake
TCP Communication Flags
Hping2 / Hping3
Hping Commands
Scanning Techniques
Scanning: IDS Evasion Techniques
IP Fragmentation Tools
Scanning Tool: Nmap
Scanning Tool: NetScan Tools Pro
Scanning Tools
Do Not Scan These IP Addresses (Unless you want to get into trouble)
Scanning Countermeasures
War Dialing
Why War Dialing?
War Dialing Tools
War Dialing Countermeasures
OS Fingerprinting
Banner Grabbing Tool: ID Serve
GET REQUESTS
Banner Grabbing Tool: Netcraft
Banner Grabbing Tools
Banner Grabbing Countermeasures: Disabling or Changing Banner
Hiding File Extensions
Hiding File Extensions from Webpages
Vulnerability Scanning
Network Vulnerability Scanners
LANsurveyor
Network Mappers
Proxy Servers
Why Attackers Use Proxy Servers?
Use of Proxies for Attack
How Does MultiProxy Work?
Free Proxy Servers
Proxy Workbench
Proxifier Tool: Create Chain of Proxy Servers
SocksChain
TOR (The Onion Routing)
TOR Proxy Chaining Software
HTTP Tunneling Techniques
Why do I Need HTTP Tunneling?
Super Network Tunnel Tool
Httptunnel for Windows
Additional HTTP Tunneling Tools
SSH Tunneling
SSL Proxy Tool
How to Run SSL Proxy?
Proxy Tools
Anonymizers
Types of Anonymizers
Case: Bloggers Write Text Backwards to Bypass Web Filters in China
Text Conversion to Avoid Filters
Censorship Circumvention Tool: Psiphon
How Psiphon Works?
How to Check if Your Website is Blocked in China or Not?
G-Zapper
Anonymizer Tools
Spoofing IP Address
IP Spoofing Detection Techniques: Direct TTL Probes
IP Spoofing Detection Techniques: IP Identification Number
IP Spoofing Detection Techniques: TCP Flow Control Method
IP Spoofing Countermeasures
Scanning Pen Testing
Lesson 4: Enumeration
What is Enumeration?
Techniques for Enumeration
Netbios Enumeration
Enumerating User Accounts
Enumerate Systems Using Default Passwords
SNMP (Simple Network Management Protocol) Enumeration
UNIX/Linux Enumeration
LDAP Enumeration
NTP Enumeration
SMTP Enumeration
DNS Zone Transfer Enumeration Using nslookup
Enumeration Countermeasures
Enumeration Pen Testing
Lesson 5: System Hacking
Information at Hand Before System Hacking Stage
System Hacking: Goals
CEH Hacking Methodology (CHM)
Password Cracking
Microsoft Authentication
How Hash Passwords are Stored in Windows SAM?
What is LAN Manager Hash?
Kerberos Authentication
Salting
PWdump7 and Fgdump
L0phtCrack
Ophcrack
Cain & Abel
RainbowCrack
Password Cracking Tools
LM Hash Backward Compatibility
How to Defend against Password Cracking?
Privilege Escalation
Active@ Password Changer
Privilege Escalation Tools
How to Defend against Privilege Escalation?
Executing Applications
Alchemy Remote Executor
RemoteExec
Execute This!
Keylogger
Types of Keystroke Loggers
Acoustic/CAM Keylogger
Keyloggers
Spyware
How to Defend against Keyloggers?
How to Defend against Spyware?
Rootkits
Types of Rootkits
How Rootkit Works?
Rootkit: Fu
Detecting Rootkits
How to Defend against Rootkits?
Anti-Rootkit: RootkitRevealer and McAfee Rootkit Detective
NTFS Data Stream
What is Steganography?
Types of Steganography
Image Steganography
Document Steganography: wbStego
Video Steganography: Our Secret
Audio Steganography: Mp3stegz
Folder Steganography: Invisible Secrets 4
Spam/Email Steganography: Spam Mimic
Natural Text Steganography: Sams Big G Play Maker
Steganalysis
Steganography Detection Tool: Stegdetect
Why Cover Tracks?
Ways to Clear Online Tracks
Disabling Auditing: Auditpol
Covering Tracks Tool: Window Washer
Covering Tracks Tool: Tracks Eraser Pro
System Hacking Penetration Testing
Lesson 6: Trojans & Backdoors
What is a Trojan?
Overt and Covert Channels
Purpose of Trojans
What Do Trojan Creators Look For?
Indications of a Trojan Attack
Common Ports used by Trojans
How to Infect Systems Using a Trojan?
Wrappers
Different Ways a Trojan can Get into a System
How to Deploy a Trojan?
Evading Anti-Virus Techniques
Types of Trojans
Destructive Trojans
Notification Trojans
Credit Card Trojans
Data Hiding Trojans (Encrypted Trojans)
BlackBerry Trojan: PhoneSnoop
MAC OS X Trojan: DNSChanger
MAC OS X Trojan: DNSChanger
Mac OS X Trojan: Hell Raiser
How to Detect Trojans?
Process Monitoring Tool: Whats Running
Scanning for Suspicious Registry Entries
Registry Entry Monitoring Tools
Scanning for Suspicious Device Drivers
Scanning for Suspicious Windows Services
Scanning for Suspicious Startup Programs
Scanning for Suspicious Files and Folders
Scanning for Suspicious Network Activities
Trojan Countermeasures
Backdoor Countermeasures
Trojan Horse Construction Kit
Anti-Trojan Software: TrojanHunter
Anti-Trojan Software: Emsisoft Anti-Malware
Anti-Trojan Softwares
Pen Testing for Trojans and Backdoors
Lesson 7: Viruses & Worms
Introduction to Viruses
Virus and Worm Statistics 2010
Stages of Virus Life
Working of Viruses: Infection Phase
Working of Viruses: Attack Phase
Why Do People Create Computer Viruses?
Indications of Virus Attack
How does a Computer get Infected by Viruses?
Virus Hoaxes
Virus Analysis:
Types of Viruses
Transient and Terminate and Stay Resident Viruses
Writing a Simple Virus Program
Computer Worms
How is a Worm Different from a Virus?
Example of Worm Infection: Conficker Worm
Worm Analysis:
Worm Maker: Internet Worm Maker Thing
What is Sheep Dip Computer?
Anti-Virus Sensors Systems
Malware Analysis Procedure
String Extracting Tool: Bintext
Compression and Decompression Tool: UPX
Process Monitoring Tools: Process Monitor
Log Packet Content Monitoring Tools: NetResident
Debugging Tool: Ollydbg
Virus Analysis Tool: IDA Pro
Online Malware Testing:
Online Malware Analysis Services
Virus Detection Methods
Virus and Worms Countermeasures
Companion Antivirus: Immunet Protect
Anti-virus Tools
Penetration Testing for Virus
Lesson 8: Sniffers
Introduction to Viruses
Virus and Worm Statistics 2010
Stages of Virus Life
Working of Viruses: Infection Phase
Working of Viruses: Attack Phase
Why Do People Create Computer Viruses?
Indications of Virus Attack
How does a Computer get Infected by Viruses?
Virus Hoaxes
Virus Analysis:
Types of Viruses
Transient and Terminate and Stay Resident Viruses
Writing a Simple Virus Program
Computer Worms
How is a Worm Different from a Virus?
Example of Worm Infection: Conficker Worm
Worm Analysis:
Worm Maker: Internet Worm Maker Thing
What is Sheep Dip Computer?
Anti-Virus Sensors Systems
Malware Analysis Procedure
String Extracting Tool: Bintext
Compression and Decompression Tool: UPX
Process Monitoring Tools: Process Monitor
Log Packet Content Monitoring Tools: NetResident
Debugging Tool: Ollydbg
Virus Analysis Tool: IDA Pro
Online Malware Testing:
Online Malware Analysis Services
Virus Detection Methods
Virus and Worms Countermeasures
Companion Antivirus: Immunet Protect
Anti-virus Tools
Penetration Testing for Virus
Lesson 9: Social Engineering
What is Social Engineering?
Behaviors Vulnerable to Attacks
Why is Social Engineering Effective?
Warning Signs of an Attack
Phases in a Social Engineering Attack
Impact on the Organization
Command Injection Attacks
Common Targets of Social Engineering
Types of Social Engineering
Insider Attack
Common Intrusion Tactics and Strategies for Prevention
Social Engineering Through Impersonation on Social Networking Sites
Risks of Social Networking to Corporate Networks
Identity Theft Statistics 2010
Real Steven Gets Huge Credit Card Statement
Identity Theft Serious Problem
Social Engineering Countermeasures: Policies
How to Detect Phishing Emails?
Identity Theft Countermeasures
Social Engineering Pen Testing
Lesson 10: Denial of Service
What is a Denial of Service Attack?
What is Distributed Denial of Service Attacks?
Symptoms of a DoS Attack
Cyber Criminals
Internet Chat Query (ICQ)
Internet Relay Chat (IRC)
DoS Attack Techniques
Botnet
WikiLeak Operation Payback
DoS Attack Tools
Detection Techniques
DoS/DDoS Countermeasure Strategies
DDoS Attack Countermeasures
Post-attack Forensics
Techniques to Defend against Botnets
DoS/DDoS Countermeasures
DoS/DDoS Protection at ISP Level
Enabling TCP Intercept on Cisco IOS Software
Advanced DDoS Protection: IntelliGuard DDoS Protection System (DPS)
DoS/DDoS Protection Tool
Denial of Service (DoS) Attack Penetration Testing
Lesson 11: Session Hijacking
What is Session Hijacking?
Dangers Posed by Hijacking
Why Session Hijacking is Successful?
Key Session Hijacking Techniques
Brute Forcing
HTTP Referrer Attack
Spoofing vs. Hijacking
Session Hijacking Process
Packet Analysis of a Local Session Hijack
Types of Session Hijacking
Predictable Session Token
Man-in-the-Middle Attack
Man-in-the-Browser Attack
Client-side Attacks
Cross-site Script Attack
Session Fixation
Network Level Session Hijacking
The 3-Way Handshake
Sequence Numbers
TCP/IP Hijacking
IP Spoofing: Source Routed Packets
RST Hijacking
Blind Hijacking
Man-in-the-Middle Attack using Packet Sniffer
UDP Hijacking
Session Hijacking Tools
Countermeasures
Protecting against Session Hijacking
Methods to Prevent Session Hijacking: To be Followed by Web Developers
Methods to Prevent Session Hijacking: To be Followed by Web Users
Defending against Session Hijack Attacks
Session Hijacking Remediation
IPSec
Session Hijacking Pen Testing
Lesson 12: Hijacking Webservers
Webserver Market Shares
Open Source Webserver Architecture
IIS Webserver Architecture
Website Defacement
Case Study
Why Web Servers are Compromised?
Impact of Webserver Attacks
Webserver Misconfiguration
Directory Traversal Attacks
HTTP Response Splitting Attack
Web Cache Poisoning Attack
HTTP Response Hijacking
SSH Bruteforce Attack
Webserver Password Cracking
Web Application Attacks
Webserver Attack Methodology
Webserver Attack Tools
Web Password Cracking Tool
Countermeasures
How to Defend Against Web Server Attacks?
How to Defend against HTTP Response Splitting and Web Cache Poisoning?
Patches and Hotfixes
What is Patch Management?
Identifying Appropriate Sources for Updates and Patches
Installation of a Patch
Patch Management Tool: Microsoft Baseline Security Analyzer (MBSA)
Web Application Security Scanner: Sandcat
Web Server Security Scanner: Wikto
Webserver Malware Infection Monitoring Tool: HackAlert
Webserver Security Tools
Web Server Penetration Testing
Lesson 13: Hijacking Web Applications
Web Application Security Statistics
Introduction to Web Applications
Web Application Components
How Web Applications Work?
Web Application Architecture
Web 2.0 Applications
Vulnerability Stack
Web Attack Vectors
Web Application Threats 1
Web Application Threats 2
Unvalidated Input
Parameter/Form Tampering
Directory Traversal
Security Misconfiguration
Injection Flaws
What is LDAP Injection?
How LDAP Injection Works?
Hidden Field Manipulation Attack
Cross-Site Scripting (XSS) Attacks
Web Application Denial-of-Service (DoS) Attack
Buffer Overflow Attacks
Cookie/Session Poisoning
Session Fixation Attack
Insufficient Transport Layer Protection
Improper Error Handling
Insecure Cryptographic Storage
Broken Authentication and Session Management
Unvalidated Redirects and Forwards
Web Services Architecture
Footprint Web Infrastructure
Web Spidering Using Burp Suite
Hacking Web Servers
Analyze Web Applications
Attack Authentication Mechanism
Username Enumeration
Password Attacks: Password Functionality Exploits
Password Attacks: Password Guessing
Password Attacks: Brute-forcing
Session Attacks: Session ID Prediction/ Brute-forcing
Cookie Exploitation: Cookie Poisoning
Authorization Attack
Session Management Attack
Injection Attacks
Attack Data Connectivity
Attack Web App Client
Attack Web Services
Web Services Probing Attacks
Web Service Attack Tool: soapUI
Web Service Attack Tool: XMLSpy
Web Application Hacking Tool: Burp Suite Professional
Web Application Hacking Tools: CookieDigger
Web Application Hacking Tools: WebScarab
Encoding Schemes
Web Application Countermeasures
Web Application Firewall: dotDefender
Web Application Firewall: IBM AppScan
Web Application Firewall: ServerDefender VP
Web Application Pen Testing
Lesson 14: SQL Injections
SQL Injection is the Most Prevalent Vulnerability in 2010
SQL Injection Threats
What is SQL Injection?
SQL Injection Attacks
How Web Applications Work?
Server Side Technologies
HTTP Post Request
SQL Injection Detection
SQL Injection Black Box Pen Testing
Types of SQL Injection
What is Blind SQL Injection?
SQL Injection Methodology
Information Gathering
Database, Table, and Column Enumeration
Features of Different DBMSs
Password Grabbing
Transfer Database to Attackers Machine
Interacting with the Operating System
Interacting with the FileSystem
Network Reconnaissance Full Query
SQL Injection Tools
Evading IDS
How to Defend Against SQL Injection Attacks?
SQL Injection Detection Tools
Snort Rule to Detect SQL Injection Attacks
Lesson 15: Hacking Wireless Networks
Wireless Networks
Wi-Fi Usage Statistics in the US
Wi-Fi Hotspots at Public Places
Wi-Fi Networks at Home
Types of Wireless Networks
Wireless Standards
Service Set Identifier (SSID)
Wi-Fi Authentication Modes
Wireless Terminologies
Wi-Fi Chalking
Wi-Fi Hotspot Finder: jiwire.com
Wi-Fi Hotspot Finder: WeFi.com
Types of Wireless Antenna
Parabolic Grid Antenna
Types of Wireless Encryption
WEP Encryption
What is WPA?
Temporal Keys
What is WPA2?
WEP vs. WPA vs. WPA2
WEP Issues
Weak Initialization Vectors (IV)
How to Break WEP Encryption?
How to Break WPA/WPA2 Encryption?
How to Defend Against WPA Cracking?
Wireless Threats
Rogue Access Point Attack
Client Mis-association
Misconfigured Access Point Attack
Unauthorized Association
Ad Hoc Connection Attack
HoneySpot Access Point Attack
AP MAC Spoofing
Denial-of-Service Attack
Jamming Signal Attack
Wi-Fi Jamming Devices
Wireless Hacking Methodology
Find Wi-Fi Networks to Attack
Attackers Scanning for Wi-Fi Networks
Footprint the Wireless Network
Wi-Fi Discovery Tools
GPS Mapping
How to Discover Wi-Fi Network Using Wardriving?
Wireless Traffic Analysis
Wireless Cards and Chipsets
Wi-Fi USB Dongle: AirPcap
Wi-Fi Packet Sniffers
What is Spectrum Analysis?
Wireless Sniffers
Aircrack-ng Suite
How to Reveal Hidden SSIDs
Fragmentation Attack
How to Launch MAC Spoofing Attack?
Denial of Service: Deauthentication and Disassociation Attacks
MITM Attack Using Aircrack-ng
Wireless ARP Poisoning Attack
Rogue Access Point
Evil Twin
How to Crack WEP Using Aircrack?
How to Crack WPA-PSK Using Aircrack?
WEP/WPA Cracking Tools
Wi-Fi Sniffer: Kismet
Wardriving Tools
RF Monitoring Tools
Wi-Fi Connection Manager Tools
Wi-Fi Traffic Analyzer Tools
Wi-Fi Raw Packet Capturing Tools
Wi-Fi Spectrum Analyzing Tools
Bluetooth Hacking
How to BlueJack a Victim?
Bluetooth Hacking Tool: Super Bluetooth Hack
Bluetooth Hacking Tool: PhoneSnoop
Bluetooth Hacking Tool: BlueScanner
How to Defend Against Bluetooth Hacking?
How to Detect and Block Rogue AP?
Wireless Security Layers
How to Defend Against Wireless Attacks?
Wireless Intrusion Prevention Systems
Wireless IPS Deployment
Wi-Fi Security Auditing Tools
Wi-Fi Intrusion Prevention System
Wi-Fi Predictive Planning Tools
Wi-Fi Vulnerability Scanning Tools
Wireless Penetration Testing
Lesson 16: Evading IDS, Firewalls, & Honeypots
Intrusion Detection Systems (IDS) and its Placement
How IDS Works?
Ways to Detect an Intrusion
Types of Intrusion Detection Systems
System Integrity Verifiers (SIV)
General Indications of Intrusions
General Indications of System Intrusions
Firewall
DeMilitarized Zone (DMZ)
Types of Firewall
Firewall Identification
Honeypot
How to Set Up a Honeypot?
Intrusion Detection Tool
Intrusion Detection Systems: Tipping Point
Firewall: Sunbelt Personal Firewall
Honeypot Tools
Insertion Attack
Evasion
Denial-of-Service Attack (DoS)
Obfuscating
False Positive Generation
Session Splicing
Unicode Evasion Technique
Fragmentation Attack
Overlapping Fragments
Time-To-Live Attacks
Invalid RST Packets
Urgency Flag
Polymorphic Shellcode
ASCII Shellcode
Application-Layer Attacks
Desynchronization
Pre Connection SYN
Post Connection SYN
Other Types of Evasion
Bypass Blocked Sites Using IP Address in Place of URL
Bypass a Firewall using Proxy Server
Detecting Honeypots
Honeypot Detecting Tool: Send-Safe Honeypot Hunter
Firewall Evasion Tools
Packet Fragment Generators
Countermeasures
Firewall/IDS Penetration Testing
Lesson 17: Buffer Overflow
Buffer Overflows
Why are Programs And Applications Vulnerable?
Understanding Stacks
Stack-Based Buffer Overflow
Understanding Heap
Stack Operations
Knowledge Required to Program Buffer Overflow Exploits
Buffer Overflow Steps
Simple Uncontrolled Overflow
Simple Buffer Overflow in C
Code Analysis
Exploiting Semantic Comments in C (Annotations)
How to Mutate a Buffer Overflow Exploit?
Identifying Buffer Overflows
How to Detect Buffer Overflows in a Program?
BOU (Buffer Overflow Utility)
Testing for Heap Overflow Conditions: heap.exe
Steps for Testing for Stack Overflow in OllyDbg Debugger
Testing for Format String Conditions using IDA Pro
BoF Detection Tools
Defense Against Buffer Overflows
Data Execution Prevention (DEP)
Enhanced Mitigation Experience Toolkit (EMET)
/GS http://microsoft.com
BoF Security Tools
Buffer Overflow Penetration Testing
Lesson 18: Cryptography
Cryptography
Types of Cryptography
Government Access to Keys (GAK)
Ciphers
Advanced Encryption Standard (AES)
Data Encryption Standard (DES)
RC4, RC5, RC6 Algorithms
The DSA and Related Signature Schemes
RSA (Rivest Shamir Adleman)
Message Digest (One-way Bash) Functions
Secure Hashing Algorithm (SHA)
What is SSH (Secure Shell)?
MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles
Cryptography Tool: Advanced Encryption Package
Cryptography Tools
Public Key Infrastructure (PKI)
Certification Authorities
Digital Signature
SSL (Secure Sockets Layer)
Transport Layer Security (TLS)
Disk Encryption
Cryptography Attacks
Code Breaking Methodologies
Meet-in-the-Middle Attack on Digital Signature Schemes
Cryptanalysis Tool: CrypTool
Cryptanalysis Tools
Online MD5 Decryption Tool
Lesson 19: Penetration Testing
Introduction to Penetration Testing
Security Assessments
Vulnerability Assessment
Penetration Testing
Why Penetration Testing?
What Should be Tested?
What Makes a Good Penetration Test?
ROI on Penetration Testing
Testing Points
Testing Locations
Types of Penetration Testing
Common Penetration Testing Techniques
Using DNS Domain Name and IP Address Information
Enumerating Information about Hosts on Publicly-Available Networks
Phases of Penetration Testing
Penetration Testing Methodology
Outsourcing Penetration Testing Services
Evaluating Different Types of Pentest Tools
Application Security Assessment Tool
Network Security Assessment Tool
Wireless/Remote Access Assessment Tool
Telephony Security Assessment Tool
Testing Network-Filtering Device Tool

CompTIA Security+ Certification
*


View Class Schedule

Duration
Overview
In this course, students will implement, monitor, and troubleshoot infrastructure, application, information, and
operational security. Students will prepare for the CompTIA Security+ certification examination (SY0-401).
Who Should Attend
This course is targeted toward the information technology (IT) professional who has networking and
administrative skills in Windows-based Transmission Control Protocol/Internet Protocol (TCP/IP) networks;
familiarity with other operating systems, such as Mac OS X, Unix, or Linux; and who wants to further a career
in IT by acquiring foundational knowledge of security topics; prepare for the CompTIA Security+ certification
examination; or use Security+ as the foundation for advanced security certifications or career roles.
Upon successful completion of this course, students will be able to: - identify fundamental concepts of computer
security. - identify security threats and vulnerabilities - network security - managing application, data, and host
security - access control, authentication, and account management - managing certificates - compliance &
operational security - risk management - managing security incidents - business continuity and disaster
recovery planning
Prerequisite(s) or equivalent knowledge
CompTIA A+ Certification (2012 Objectives)
CompTIA Network+ Certification (2011 Objectives)
Microsoft Windows 8.1: Transition from Windows 7
Using Microsoft Windows 8.1

Prerequisite Comments
After mastering CompTIAs vendor-neutral approach to Security students may wish to look to a vendor-specific
approach to security in a Microsoft of Cisco offering. Additionally students may want to expand their security
knowledge by focusing on security policy and procedures in CISSP. For a more targeted approach to Security
there is the CEH offering.
To ensure your success in your course, you should possess basic Windows user skills and a fundamental
understanding of computer and networking concepts. CompTIA A+ and Network+ certifications, or equivalent
knowledge, and six to nine months experience in networking, including configuring security parameters, are
strongly recommended.

CISSP: Certified Information Systems Security Professional
CompTIA Advanced Security Practitioner (CASP)
EC-Council Certified Ethical Hacker (CEH) v8.0

Outline
Lesson 1: Security Fundamentals
The Information Security Cycle
Information Security Controls
Authentication Methods
Cryptography Fundamentals
Security Policy Fundamentals
Lesson 2: Identifying Security Threats and Vulnerabilities
Social Engineering
Malware
Software-Based Threats
Network-Based Threats
Wireless Threats and Vulnerabilities
Physical Threats and Vulnerabilities
Lesson 3: Managing Data, Application, and Host Security
Manage Data Security
Manage Application Security
Manage Device and Host Security
Manage Mobile Security
Lesson 4: Implementing Network Security
Configure Security Parameters on Network Devices and Technologies
Network Design Elements and Components
Implement Networking Protocols and Services
Apply Secure Network Administration Principles
Secure Wireless Traffic
Lesson 5: Implementing Access Control, Authentication, and Account Management
Access Control and Authentication Services
Implement Account Management Security Controls
Lesson 6: Managing Certificates
Install a CA Hierarchy
Enroll Certificates
Secure Network Traffic by Using Certificates
Renew Certificates
Back Up and Restore Certificates and Private Keys
Revoke Certificates
Lesson 7: Implementing Compliance and Operational Security
Physical Security
Legal Compliance
Security Awareness and Training
Integrate Systems and Data with Third Parties
Lesson 8: Risk Management
Risk Analysis
Implement Vulnerability Assessment Tools and Techniques
Scan for Vulnerabilities
Mitigation and Deterrent Techniques
Lesson 9: Troubleshooting and Managing Security Incidents
Respond to Security Incidents
Recover from a Security Incident
Lesson 10: Business Continuity and Disaster Recovery Planning
Business Continuity
Plan for Disaster Recovery
Execute DRPs and Procedures

Project Management Professional (PMP) Certification Preparation
*


View Class Schedule

Duration
Overview
In this course, students will apply the generally recognized practices of project management acknowledged by
the Project Management Institute (PMI) to successfully manage projects.
Who Should Attend
This course is designed for persons who have on the job experience performing project management tasks,
whether or not project manager is their formal job role, who are not certified project management professionals,
and who might or might not have received formal project management training. The course is appropriate for
these persons if they wish to develop professionally, increase their project management skills, apply a
formalized and standards-based approach to project management, seek career advancement by moving into a
formal Project Manager job role, as well as to apply for Project Management Institute, Inc. (PMI) Project
Management Professional (PMP) Certification.

Upon successful completion of this course, students will be able to:
- describe professional project management
- initiate a project.
- plan project work.
- develop project schedules
- develop cost estimates, and budgets.
- plan project quality, staffing, and communications.
- analyze project risks.
- plan project procurement.
- manage project procurement
- execute project work.
- monitor and control project work.
- monitor and control project schedule and costs.
- monitor and control project quality, staffing, and communications.
- monitor and control project risks and contracts.
- close the project.

Prerequisite(s) or equivalent knowledge
Project Management Fundamentals

Prerequisite Comments
Familiarity with project management concepts and some working experience with project management are
required. Experience with a specific project management software tool is not required. Basic computing skills
and some experience using Microsoft Office is desirable but not required.

Outline
Lesson 1: Getting Started with Project Management
Components of Project Management
Project Management and the Business
Lesson 2: Project Management and the Organization
Identify Organizational Influences
Project Stakeholders and Governance
The Project Team
The Project Life Cycle
Lesson 3: Working with Project Management Processes
Project Management Processes and Knowledge Areas
Identify Project Information
Lesson 4: Initiating a Project
Develop a Project Charter
Identify Project Stakeholders
Lesson 5: Planning a Project
Develop a Project Management Plan
Plan Scope Management
Collect Project Requirements
Define Project Scope
Create a WBS
Lesson 6: Planning for Project Time Management
CreatPlan Schedule Management
Define Project Activities
Sequence Project Activities
Estimate Activity Resources
Estimate Activity Durations
Develop a Project Schedule
Lesson 7: Planning Project Budget, Quality, and Communications
Plan Project Cost Management
Estimate Project Costs
Determine the Project Budget
Plan Quality Management
Plan Human Resource Management
Plan Communications Management
Lesson 8: Planning for Risk, Procurements, and Stakeholder Management
Plan Risk Management
Identify Risks
Perform Qualitative Risk Analysis
Perform Quantitative Risk Analysis
Plan for Risk Response
Plan Project Procurements
Plan Stakeholder Management
Lesson 9: Executing a Project
Direct and Manage Project Work
Perform Quality Assurance
Acquire Project Team
Develop Project Team
Manage a Project Team
Manage Communications
Conduct Procurements
Manage Stakeholder Engagement
Lesson 10: Managing Project Work, Scope, Schedules, and Cost
IdeMonitor and Control Project Work
Perform Integrated Change Control
Validate Project Scope
Control Project Scope
Control the Project Schedule
Control Project Costs
Lesson 11: Controlling the Project
Control Project Quality
Control Communications
Control Project Risks
Control Project Procurements
Control Stakeholder Engagement
Lesson 12: Closing a Project
Close Project or Phase
Close Procurements

Project 2010 - Level 1
*


View Class Schedule

Duration
Overview
In this course, students will create and manage a project schedule using Microsoft Project 2010.
Who Should Attend
This course is designed for a person who has an understanding of project management concepts, who is
responsible for creating and modifying project plans, and who needs a tool to manage those project plans.
Project 2010 - Level 2

Outline
Lesson 1: Getting Started with Microsoft Project
Explore the Microsoft Project 2010 Environment
Display an Existing Project Plan in Different Views
Lesson 2: Creating a Project Plan
Create a Project Plan
Assign a Project Calendar
Add Tasks to a Project Plan
Enter the Task Duration Estimates
Add Resources to a Project Plan
Lesson 3: Managing Tasks in a Project Plan
Outline Tasks
Link Dependent Tasks
Set Task Constraints and Deadlines
Add Notes to a Task
Add a Recurring Task
Lesson 4: Managing Resources in a Project Plan
Create a Resource Calendar
Assign Resources to Tasks
Enter Costs for Resources
Resolve Resource Conflicts
Lesson 5: Finalizing a Project Plan
Shorten a Project Using the Critical Path
Set a Baseline
Print a Project Summary Report

BACP02 - Certified Business Analysis Professional (CBAP) and Certification of
Competency in Business Analysis (CCBA) Exam Preparation
*


View Class Schedule

Duration
Overview
Prepare participants to take Certified Business Analysis Professional (CBAP) exam based on the
BABOKv2.0 Edition from the International Institute of Business Analysis.
Who Should Attend
Individuals interested in becoming Certified Business Analysts.
Outline
Lesson 1: CBAP Exam Overview
Exam format and timing
Types of questions
Passing requirements
Study strategies
The day you write
Lesson 2: Course Framework
What is the Business Analysis Body of Knowledge?
Key Business Analysis definitions
Stakeholders/Other influences
BABOK Knowledge Areas and their relationships
Inputs and outputs
Lesson 3: Business Analysis Planning and Monitoring
Planning the Business Analysis Approach and Activities
Performing Stakeholder Analysis
Planning and Managing Business Analysis Communication and Performance
Lesson 4: Requirements Elicitation
Preparing the Requirements Elicitation activities
Selecting the appropriate Elicitation techniques
Documenting and Confirming the Elicitation results
Lesson 5: Requirements Management and Communication
Managing the Solution Scope and Requirements
Capturing the Requirements Traceability
Maintaining the Requirements for re-use
Managing Requirements Conflicts
Preparing the Requirements Package
Building the Requirements communications plan
Lesson 6: Enterprise Analysis
Defining the Business Need
Assess the Capability Gaps in the Enterprise
Determining the Solution Approach
Defining the Solution Scope and Business Case
Lesson 7: Requirements Analysis
Organizing and Prioritizing Requirements
Specifying and Modeling Requirements
Determining Assumptions and Constraints
Verifying and Validating Requirements
Lesson 8: Solution Assessment and Validation
Assessing and Validating the Proposed Solution
Determining Organizational Readiness
Allocating Requirements
Defining Transition Requirements
Evaluating Solution Performance
Lesson 9: Underlying Competencies
Developing your Interaction and Communication Skills
Describe the behaviors, knowledge and qualities that support the practice of Business Analysis
Review the general competencies of a Business Analyst
Lesson 10: Business Analysis Techniques
Review the techniques referenced in the Knowledge Areas of the BABOK Guide.
Determine the appropriate technique to use
Lesson 11: Testing Strategies for the CBAP
Simulated Exam
Personal Study Plan Development and Preparation checklist

http://www.newhorizons.com/localweb/rwanda/kigali/gifts-for-alleducation-for-all.aspx

Basic It Skills

Загружено:

Сведения о документе

Исходное описание:

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Basic It Skills

Загружено:

Авторское право:

Доступные форматы

BASIC IT SKILLS 90 HOURS

Вам также может понравиться