Network Defense Essentials covers the fundamental concepts of information security and network defense. This introductory cybersecurity course is designed for today's entry-level information security or cybersecurity careers and is ideal for learners aspiring to pursue a career in cybersecurity.

The course gives a holistic overview of the key components of Information Security such as Identification, Authentication and Authorization, Virtualization and Cloud Computing, Wireless Networks, Mobile and IoT Devices, and Data Security. The interactive labs component of this course ensures that learners receive the hands-on, practical experience required for a future in cybersecurity.

NDE-certified learners have an assured means of formal recognition to add to their resumes and show off their expertise and skills to prospective employers. The purpose of the NDE certification is to recognize the competency and expertise of a professional in network defense and information security skills, thereby adding value to their workplace and employer.

What is Included?

Self Paced
Ethical Hacking Essentials is an introductory cybersecurity course that covers ethical hacking and penetration testing fundamentals and prepares learners for a career in cybersecurity. This course will introduce learners to computer and network security concepts such as threats and vulnerabilities, password cracking, web application attacks, IoT and OT attacks, cloud computing, pentesting fundamentals, and more.

This course provides hands-on practical experience to learners thus giving them the skills necessary for a future in cybersecurity.

EHE-certified learners have an assured means of formal recognition to add to their resumes and show off their expertise and skills to prospective employers. This improves their prospects for employment advancement, higher salaries, and greater job satisfaction.

What is Included?
15+ hrs of premium self-paced video training (available with your free CodeRed account)

Official eCourseware from EC-Council (available with your free CodeRed account)

CodeRed's Certificate of Achievement (available with your free CodeRed account)

11 Lab Activities in a simulated lab environment (Available Only with the Labs Package)

Proctored Exam and Official EC-Council Certification (Available Only with the Ultimate Package)

Self Paced
Digital Forensics Essentials helps learners increase their competency and expertise in digital forensics and information security skills, thereby adding value to their workplace and employer.

This course will introduce learners to Computer Forensics Fundamentals as well as the Computer Forensics Investigation Process. Plan to learn about Dark Web, Windows, Linux, Malware Forensics, and so much more! The interactive labs component of this course ensures that learners receive the hands-on, practical experience required for a future in digital forensics.

DFE-certified learners have an assured means of formal recognition to add to their resumes and show off their expertise and skills to prospective employers. This improves their prospects for employment advancement, higher salaries, and greater job satisfaction.

What is Included?
11+ hrs of premium self-paced video training (available with your free CodeRed account)

Official eCourseware from EC-Council (available with your free CodeRed account)

CodeRed's Certificate of Achievement (available with your free CodeRed account)

11 Lab Activities in a simulated lab environment (Available Only with the Labs Package)

Proctored Exam and Official EC-Council Certification (Available Only with the Ultimate Package)

Learning Objective: In this module, you will be introduced to various features of Linux. You will learn history, open source licenses, various Linux distributions, and Linux installation

Topics:
Getting Started with Linux
Accessing the Command Line

Managing Files from the Command Line

Matching File Names with Shell Expansions

Creating, Viewing, and Editing Text Files

Managing Local Users and Groups

Controlling Access to Files

Configuring and Securing SSH

Managing Networking

Archiving and Transferring Files

Introduction to Ethical hacking

Basic Terms

Elements of Security

Phases of Hacking

Types of Hackers

Types of attack

Scope in Ethical hacking

Information Security Controls

Défense-in-Depth

Vulnerability Assessment

Penetration testing concepts and phases

Information security standards

Introduction to Compliance [PCI-DSS, HIPAA, ISO]

Introduction to footprinting

Footprinting through search engines

Types of footprinting

Advanced Google hacking techniques

Google Hacking database

Footprinting domain and subdomains

People search.

Passive Network footprinting

Mirroring a website

Monitoring website for tracking changes

Email footprinting

DNS, its types, and footprinting

Footprinting tools

Introduction and types of Scanning

Banner Grabbing

Nmap and various types of scanning

▪ ICMP scanning

▪ Ping sweep

▪ ICMP echo scanning

▪ TCP connect / full-open scan

▪ Stealth Scan / half-open scan

▪ Inverse TCP flag scanning

▪ Xmas scan

▪ ACK flag probe scanning

▪ IDLE/IPID header Ssan

▪ UDP scanning

Detecting and Evading Firewalls

Network discovery and mapping

Discovering networks from mobile device

What is enumeration?

Introduction to Ports and services

Common ports and services

Enumerating services

SNMP enumeration

▪ NetBIOS enumeration

▪ LDAP enumeration

▪ NTP enumeration

▪ SMTP enumeration

▪ FTP enumeration

▪ DNS enumeration

Vulnerability Assessment Concepts

Vulnerability Assessment tools

Common Vulnerability Scoring System [CVSS]

Common Vulnerabilities and Exposures [CVE]

National Vulnerability Database [NVD]

Analysing a Vulnerability Assessment Report

Online and offline Password attacks

LM & NTLM

Cracking hashes

Password recovery tools

Keyloggers

Trojans

Rootkits

Steganography

Privilege Escalation

Introduction to malwares

Introduction to virus and worms

Different types of viruses

Virus making

Create Payload

Network sniffing

Sniffing tools

MITM attacks

Lawful Interception

DHCP attacks

DNS poisoning

Wireshark

Filters of Wireshark

Detection of Sniffing over a network

MAC flooding

MAC Spoofing

ARP poisoning

Social Engineering Concepts

What is social engineering?

Phases of a social engineering attack

Social Engineering Techniques

Types of social engineering

Human-based social engineering

Computer-based social engineering

Mobile-based social engineering

Insider Threats

Impersonation on Social Networking Sites

Social engineering through impersonation on social networking sites

Social networking threats to corporate networks

Identity Theft

Social engineering countermeasures

Insider threats countermeasures

Identity theft countermeasures

Detect phishing emails

Anti-phishing toolbar

DoS/DDoS Concepts

What is a Denial-of-Service attack?

What is distributed Denial-of-Service attack?

DoS/DDoS Attack Techniques

Basic categories of DoS/DDoS attack vectors

UDP, ICMP, and SYN flood attack

Ping of death and smurf attack

Fragmentation attack

HTTP GET/POST and slowloris attacks

Peer-to-peer attacks

Permanent Denial-of-Service attack

Distributed reflection Denial-of-Service (DRDoS)

Botnets

Organized cyber crime

Botnet ecosystem

Botnet Trojans

DDoS Case Study

Use of mobile devices as botnets for launching DDoS attacks

DDoS Case Study: Dyn DDoS Attack

Countermeasures

Detection techniques

DoS/DDoS countermeasure strategies

Introduction to honeypots

Installing a honeypot

Configuring honeypot

Analysing logs for attack detection in honeypots

• Introduction to web server and applications • Web Application threats
•HTTP headers
• Web Applicable hacking methodology

• Web application attacks

▪ Introduction to OWASP Top 10

▪ Encoding

▪ SQL

▪ CSRF

▪ XSS

▪ Directory traversal

▪ Command injection

▪ Logical flaws

▪ Fuzzing

▪ Session stealing

• Web server architecture
• Brute Force attacks
• Server misconfiguration
• Patch management and hotfixes

• Wireless concepts
• Wireless terminology
• Wireless encryption

•WEP vs WPA
•WEP vulnerabilities
• Attacking Access points • Rogue AP attacks
• MAC spoofing
• WPA2 attacks

• Wi-Fi sniffing
• Wireless auditing tools

Mobile platform attack vectors
• Mobile platform vulnerabilities •Introduction to OWASP top 10 mobile risks • SMSH’ing attacks
• Mobile malwares
• Rooting Android devices
• Android hacking tools
• Mobile Device management

What is IoT?

How does IoT work?

IoT architecture

IoT application areas and devices

IoT technologies and protocols

IoT communication models

Challenges of IoT

Threat vs opportunity

IoT Attacks

IoT security problems

OWASP top 10 IoT vulnerabilities and obstacles

IoT attack surface areas

IoT threats

Hacking IoT devices

How to defend against IoT hacking

General guidelines for IoT device manufacturing companies

OWASP Top 10 IoT vulnerabilities solutions

IoT framework security considerations

IoT security tools

Cloud Computing Concepts

Introduction to cloud computing

Separation of responsibilities in cloud

Cloud deployment models

NIST cloud deployment reference architecture

Cloud computing benefits

Virtualization

Cloud Computing Threats

Cloud Computing Attacks

Cryptography Concepts

Cryptography

Types of cryptography

Government Access to Keys (GAK)

Encryption Algorithms

Ciphers

Data Encryption Standard (DES)

Advanced Encryption Standard (AES)

RC4, RC5, and RC6 algorithms

Twofish

The DSA and related signature schemes

Rivest Shamir Adleman (RSA)

Diffie-Hellman

Message digest (One-Way Hash) functions

Cryptography Tools

MD5 hash calculators

Hash calculators for mobile

Cryptography tools

Cryptography tools for mobile

Public Key Infrastructure (PKI)

Pretty Good Privacy (PGP)

SSL/TLS

Disk encryption

Disk encryption tools

Cryptography attacks

Cryptanalysis tools

Online MD5 decryption tools

CompTIA Security+ (SY0-601) is a widely recognized and globally respected certification that validates the essential knowledge and skills required for a career in cybersecurity. It is an entry-level certification designed for professionals looking to establish a solid foundation in information security.

The SY0-601 exam covers a comprehensive range of topics, including network security, threats, vulnerabilities, identity management, access control, cryptography, risk management, and security operations. It equips candidates with the necessary expertise to identify and address security incidents, implement secure network architectures, and apply best practices to protect organizations from emerging threats.

By obtaining the CompTIA Security+ certification, individuals demonstrate their competence in key cybersecurity areas and their ability to navigate the constantly evolving landscape of security technologies and practices. The certification is vendor-neutral, meaning it focuses on fundamental security concepts rather than specific products, allowing professionals to apply their knowledge across various environments and technologies.

Having the SY0-601 certification not only enhances career prospects but also provides a strong foundation for further advanced certifications in cybersecurity. It is highly regarded by employers in both the public and private sectors, as it validates the skills necessary to secure networks, devices, and data effectively.

The SY0-601 exam consists of multiple-choice and performance-based questions, assessing both theoretical knowledge and practical application. It is recommended that candidates have at least two years of experience in IT administration with a focus on security before attempting the exam.

Overall, the CompTIA Security+ (SY0-601) certification serves as a significant milestone in a cybersecurity professional's career, showcasing their dedication to maintaining a high level of expertise in securing information and systems, while also providing a solid foundation for ongoing professional growth.