TECHNOLOGY TRANSFER PRESENTS

KEVIN
CARDWELL
CEH (Certified Ethical Hacher)
QEH (Qualified Ethical Hacker)
and Defender Class
IF YOU WANT TO STOP HACKERS

FROM INVADING YOUR NETWORK,

FIRST YOU’VE GOT TO INVADE THEIR MINDS

JUNE 16-20, 2008

VISCONTI PALACE HOTEL - VIA FEDERICO CESI, 37
ROME (ITALY)

info@technologytransfer.it
www.technologytransfer.it
CEH /QEH AND DEFENDER CLASS

ABOUT THIS SEMINAR

Scan, test, hack and secure your systems. Security Hacking for Professionals. Certified Ethical Hacking™ 5-
Day Class certifies students in the specific network security discipline of Ethical Hacking. The lab intensive en-
vironment gives each student in-depth knowledge and practical experience of perimeter defenses, scanning
and attacking lab networks escalating privileges on a system and how to secure a system. No real network is
harmed. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks,
Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on
understanding and experience in Ethical Hacking.

Class Tuition and Bonuses

• Instruction and review with an experienced master of Ethical Hacking

• CEH Certification Exam on site last day of class
• Access to Security University’s IT Professional Reference Library of targeted pre-class reading, with:
- Free CD of Linux & Free 2-CD set containing over 300 up-to-date Hacking tools and exploits
- Labs times are 8-9 am, 5-7 pm.
- Class book, lab handouts

Certified Ethical Hacker, CEH Certification, tests on the following 22 domains:

1. Ethics and Legal Issues

2. Footprinting
3. Scanning
4. Enumeration
5. System Hacking
6. Trojans and Backdoors
7. Virus and Worms
8. Sniffers
9. Denial of Service
10. Social Engineering
11. Hacking Web Servers
12. Web Application Vulnerabilities
13. Web Based Password Cracking Techniques
14. SQL Injection
15. Buffer Overflows
16. Hacking Wireless Networks
17. Physical Security
18. Linux Hacking
19. IDS, Firewalls and Honeypots
20. Cryptography
21. Penetration Testing Methodologies

The partecipants are kindly requested to bring their laptop with wireless connection capability.

CEH Certification Exam on site last day of class.

CERTIFIED ETHICAL HACKER TM
OUTLINE
1. Ethics and Legality
• Understand Ethical Hacking ter-
minology
• Define the Job role of an Ethical
Hacker
• Understand the different phases
involved in Ethical Hacking
• Identify different types of Hacking
technologies
• List the 5 stages of Ethical Hack-
ing?
• What is hacktivism?
• List different types of Hacker
classes
• Define the skills required to be-
come an Ethical Hacker
• What is vulnerability research?
• Describe the ways in conducting
Ethical Hacking
• Understand the Legal implica-
tions of Hacking
2. Footprinting
• Define the term Footprinting
• Describe information gathering
methodology
• Describe competitive intelligence
• Understand DNS enumeration
• Understand Whois, ARIN lookup
• Identify different types of DNS
records
• Understand how traceroute is
used in Footprinting
• Understand how e-mail tracking
works
• Understand how Web spiders work
3. Scanning
• Define the term port scanning,
network scanning and vulnerabili-
ty scanning
• Understand the CEH scanning
methodology
• Understand Ping Sweep tech-
niques
• Understand nmap command
switches
• Understand SYN, Stealth, XMAS,
NULL, IDLE and FIN scans
• List TCP communication flag • How does reverse connecting
types Trojans work?
• Understand War dialing tech- • What are the countermeasure
niques techniques in preventing Trojans?
• Understand banner grabbing and • Understand Trojan evading tech-
OF fingerprinting techniques niques
• Understand how proxy servers
are used in launching an attack 7. Virus and Worms
• How does anonymizers work
• Understand the difference be-
• Understand HTTP tunneling tech-
tween an Virus and a Worm
niques
• Understand the types of Viruses
• Understand IP spoofing tech-
• How a Virus spreads and infects
niques
the system
• Understand antivirus evasion
4. Enumeration techniques
• Understand Virus detection me-
• What is Enumeration?
thods
• What is meant by null sessions
• What is SNMP Enumeration?
• What are the steps involved in 8. Sniffers
performing Enumeration?
• Understand the protocol suscepti-
ble to sniffing
5. System Hacking • Understand active and passive
• Understanding password cracking sniffing
• Understand ARP poisoning
techniques
• Understand ethereal capture and
• Understanding different types of
display filters
passwords
• Understand MAC flooding
• Identifying various password
• Understand DNS spoofing techni-
cracking tools
ques
• Understand Escalating privileges
• Describe sniffing countermea-
• Understanding keyloggers and
sures
other spyware technologies
• Understand how to Hide files
• Understanding rootkits 9. Denial of Service
• Understand Steganography tech-
• Understand the types of DoS At-
nologies
tacks
• Understand how to covering your
tracks and erase evidences • Understand how DDoS attack
works
• Understand how BOTs/BOT-
6. Trojans and Backdoors NETS work
• What is “smurf” attack
• What is a Trojan?
• What is “SYN” flooding
• What is meant by overt and covert
• Describe the DoS/DDoS counter-
channels?
measures
• List the different types of Trojans
• What are the indications of a Tro-
jan attack? 10. Social Engineering
• Understand how “Netcat” Trojan
• What is Social Engineering?
works
• What are the Common Types of
• What is meant by “wrapping”
Attacks
• Understand Dumpster Diving
• Understand Reverse Social Engi-
neering
• Understand Insider attacks
• Understand Identity Theft
• Describe Phishing Attacks
• Understand Online Scams
• Understand URL obfuscation
• Social Engineering countermea-
sures
11. Hacking Web Servers
• List the types of Web Server vul-
nerabilities
• Understand the attacks Against
Web Servers
• Understand IIS Unicode exploits
• Understand patch Management
techniques
• Understand Web Application
Scanner
• What is Metasploit Framework?
• Describe Web Server hardening
methods
12. Web Application Vulnerabili-
ties
• Understanding how Web Applica-
tion works
• Objectives of Web Application
Hacking
• Anatomy of an attack
• Web Application threats
• Understand Google Hacking
• Understand Web Application
Countermeasures
13. Web Based Password
Cracking Techniques
• List the Authentication types
• What is a Password Cracker?
• How does a Password Cracker
work?
• Understand Password Attacks -
Classification
• Understand Password Cracking
Countermeasures
14. SQL Injection 19. Evading IDS, Honeypots and
Firewalls
• What is SQL injection?
• Understand the Steps to conduct • List the types of Intrusion Detec-
SQL injection tion Systems and evasion tech-
• Understand SQL Server vulnera- niques
bilities • List firewall and honeypot evasion
• Describe SQL injection counter- techniques
measures
20. Cryptography
15. Buffer Overflows
• Overview of cryptography and en-
• Overview of stack based buffer cryption techniques
overflows • Describe how public and private
• Identify the different types of keys are generated
buffer overflows and methods of • Overview of MD5, SHA, RC4,
detection RC5, Blowfish algorithms
• Overview of buffer overflow muta-
tion techniques
21. Penetration Testing Metho-
dologies
16. Hacking Wireless Networks
• Overview of Penetration Testing
• Overview of WEP, WPA authenti-
methodologies
cation systems and cracking tech-
• List the Penetration Testing steps
niques
• Overview of the Pen-Test legal
• Overview of wireless Sniffers and
framework
SSID, MAC Spoofing
• Overview of the Pen-Test deliver-
• Understand Rogue Access Points
ables
• Understand Wireless Hacking
• List the automated Penetration
techniques
Testing tools
• Describe the methods in securing
Wireless Networks
17. Physical Security
• Physical security breach incidents
• Understanding physical security
• What is the need for physical se-
curity?
• Who is accountable for physical
security?
• Factors affecting physical security
18. Linux Hacking
• Understand how to compile a Linux
Kernel
• Understand GCC compilation
commands
• Understand how to install LKM
modules
• Understand Linux hardening
methods
INFORMATION
PARTICIPATION FEE HOW TO REGISTER GENERAL CONDITIONS

€ 2600 You must send the registration form with If anyone registered to participate is
the receipt of the payment to: unable to attend, a substitute may
The fee includes all seminar TECHNOLOGY TRANSFER S.r.l. participate in their place. A full refund is
documentation, luncheon and coffee Piazza Cavour, 3 - 00193 Rome (Italy) given for any cancellation received more
breaks. Fax +39-06-6871102 than 15 days before the seminar starts.
Cancellations less than 15 days prior the
event are liable for 50% of the fee.
Cancellations less than one week prior to
within the event are liable for the full fees as
VENUE June 3, 2008 invoiced.
In case of cancellation of the seminar,
Visconti Palace Hotel Technology Transfer’s responsibility only
Via Federico Cesi, 37 applies to the refund of the participation
Rome (Italy) PAYMENT fees which have already been forwarded.

Wire transfer to:

Technology Transfer S.r.l.
SEMINAR TIMETABLE Banca Intesa Sanpaolo S.p.A.
Agenzia 4815 di Roma
9.30 am - 1.00 pm Iban Code:
2.00 pm - 5.00 pm IT 34 Y 03069 05039 048890270110

"
KEVIN CARDWELL first name ...............................................................
CEH /QEH AND DEFENDER CLASS
surname .................................................................
June 16-20, 2008
Visconti Palace Hotel job title ................................................................... Stamp and signature
Via Federico Cesi, 37
Rome (Italy)
organisation ...........................................................
Registration fee:
€ 2600 address ..................................................................

postcode ................................................................

city .........................................................................

country ...................................................................

telephone ............................................................... Send your registration form

If registered participants are unable to attend,
or in case of cancellation of the seminar, the
general conditions mentioned before are
applicable.
with the receipt of the payment to:
Technology Transfer S.r.l.
fax .......................................................................... Piazza Cavour, 3 - 00193 Rome (Italy)
Tel. +39-06-6832227 - Fax +39-06-6871102
info@technologytransfer.it
e-mail ..................................................................... www.technologytransfer.it
SPEAKER
Kevin Cardwell, spent 22 years in the U.S. Navy. He has worked as both software and systems engineer on a
variety of Department of Defense projects and was selected to head the team that built a Network Operations
Center (NOC) that provided services to the command ashore and ships at sea in the Norwegian Sea and
Atlantic Ocean. Mr. Cardwell served as the Leading Chief of Information Security at the NOC for six years prior
to retiring from the U.S. Navy. He currently works as a free-lance consultant and provides consulting services for
companies throughout the US, UK and Europe.