Module 1: Introduction to Ethical Hacking
Module 2: Footprinting and Reconnaissance
Module 3: Scanning Networks
Module 4: Enumeration
Module 5: Vulnerability Analysis
Module 6: System Hacking
Module 7: Malware Threats
Module 8: Sniffing
Module 9: Social Engineering
Module 10: Denial-of-Service
Module 11: Session Hijacking
Module 12: Evading IDS, Firewalls, and Honeypots
Module 13: Hacking Web Servers
Module 14: Hacking Web Applications
Module 15: SQL Injection
Module 16: Hacking Wireless Networks
Module 17: Hacking Mobile Platforms
Module 18: IoT Hacking
Module 19: Cloud Computing
Module 20: Cryptography

Wayne Burke

His experience in the public / defense sectors is equally complemented by assignments undertaken for heavyweight world renowned corporations including Yahoo, Xerox, AT&T and Texas Instruments to name but a few. He is imminently qualified in his field in that he holds a string of professional qualifications in Networking to name a few (MCT, MCSE, Cisco, Network+) and IT Security (CIW-SA, Security+, CEH, ECSA, LPT, CHFI) besides a bachelor’s degree in science.

Wayne is currently the CSO for Sequrit CSI, responsible for the technical realm and security management, which includes consulting teams. He is a captain of a global operating group of penetration testers and security experts. Wayne and his group have delivered security assessments, Penetration Test assignments and customized training for International Corporations and many Government Agencies such as: EPA, FAA, DOJ, DOE, DOD + 8570: Air force, Army, Navy, Marines, FBI and Statewide Law Enforcement Offices in the USA.

In Europe: NATO, Europol, MOD (Military of Defense UK) various EU Law Enforcement, Dutch Ministry of Defense, Ministry of Justice, local European Law Enforcement: UK, Ireland, Switzerland, Belgium, Holland, Denmark.

Module 1: Need for Security Analysis
Module 2: TCP IP Packet Analysis
Module 3: Penetration Testing Methodologies
Module 4: Customers and Legal Agreements
Module 5: Rules of Engagement
Module 6: Penetration Testing Planning and Scheduling
Module 7: Pre-penetration Testing Steps
Module 8: Information Gathering
Module 9: Vulnerability Analysis
Module 10: External Penetration Testing
Module 11: Internal Network Penetration Testing
Module 12: Firewall Penetration Testing
Module 13: IDS Penetration Testing
Module 14: Password Cracking Penetration Testing
Module 15: Social Engineering Penetration Testing
Module 16: Web Application Penetration Testing
Module 17: SQL Penetration Testing
Module 18: Penetration Testing Reports and Post Testing Actions

Kevin Cardwell

Kevin Cardwell served as the leader of a 5 person DoD Red Team that achieved a 100% success rate at compromising systems and networks for six straight years. He has conducted over 500 security assessments across the globe. His expertise is in finding weaknesses and determining ways clients can mitigate or limit the impact of these weaknesses.

He spent 22 years in the U.S. Navy. He has worked as both software and systems engineer on a variety of Department of Defense projects and early on was chosen as a member of the project to bring Internet access to ships at sea. Following this highly successful project he was selected to head the team that built a Network Operations and Security Center (NOSC) that provided services to the commands ashore and ships at sea in the Norwegian Sea and Atlantic Ocean . He served as the Leading Chief of Information Security at the NOC for six years. While there he created a Strategy and Training plan for the development of an expert team that took personnel with little or no experience and built them into expert team members for manning of the NOSC.

He currently works as a free-lance consultant and provides consulting services for companies throughout the world, and as an advisor to numerous government entities within the US, Middle East, Africa, Asia and the UK . He is an Instructor, Technical Editor and Author for Computer Forensics, and Hacking courses. He is the author of the Center for Advanced Security and Training (CAST) Advanced Network Defense and Advanced Penetration Testing courses. He is technical editor of the Learning Tree Course Penetration Testing Techniques and Computer Forensics. He has presented at the Blackhat USA, Hacker Halted, ISSA and TakeDownCon conferences as well as many others. He has chaired the Cybercrime and Cyberdefense Summit in Oman and was Executive Chairman of the Oil and Gas Cyberdefense Summit. He is author of Building Virtual Pentesting Labs for Advanced Penetration Testing, Advanced Penetration Testing for Highly Secured Environments 2nd Edition and Backtrack: Testing Wireless Network Security. He holds a BS in Computer Science from National University in California and a MS in Software Engineering from the Southern Methodist University (SMU) in Texas. He developed the Strategy and Training Development Plan for the first Government CERT in the country of Oman that recently was rated as the top CERT for the Middle East. He serves as a professional training consultant to the Oman Information Technology Authority, and developed the team to man the first Commercial Security Operations Center in the country of Oman. He has worked extensively with banks and financial institutions throughout the Middle East, Europe and the UK in the planning of a robust and secure architecture and implementing requirements to meet compliance. He currently provides consultancy to Commercial companies, governments, federal agencies, major banks and financial institutions throughout the globe. Some of his recent consulting projects include the Muscat Securities Market (MSM), Petroleum Development Oman and the Central Bank of Oman. He designed and implemented the custom security baseline for the existing Oman Airport Management Company (OAMC) airports and the two new airports opening in 2017. He created custom security baselines for all of the Microsoft Operating Systems, Cisco devices as well as applications. Additionally, he provides training and consultancy to the Oman CERT and the SOC team in monitoring and incident identification of intrusions and incidents within the Gulf region. He holds the CEH, ECSA, LPT and a number of other certifications.

Module 1: Computer Forensics in Today’s World
Module 2: Computer Forensics Investigation Process
Module 3: Searching & Seizing Computers
Module 4: Digital Evidence
Module 5: First Responder Procedures
Module 6: Computer Forensics Lab
Module 7: Understanding Hard Disks & File Systems
Module 8: Windows Forensics
Module 9: Data Acquisition & Duplication
Module 10: Recovering Delete Files & Deleted Partitions
Module 11: Forensics Investigation Using Access Data FTK
Module 12: Forensic Investigation Using EnCase
Module 13: Steganography & Image File Forensics
Module 14: Application Password Crackers
Module 15: Log Capturing & Event Correlation
Module 16: Network Forensics, Investigating Logs & Investigating Network Traffic
Module 17: Investigating Wireless Attacks
Module 18: Investigating Web Attacks
Module 19: Tracking Emails and Investigating Email Crimes
Module 20: Mobile Forensics
Module 21: Investigative Reports
Module 22: Becoming an Expert Witness

Eric Reed

MCEI, CEH, CNDA, CHFI, ECSA, LPT, CISSP, MCT, MCSE:Security, MCDST, CNA, SCNS, SNCP, SCNA, Security+, A+, Network+, iNet+

Eric Reed has over 12 years of experience in the IT consulting and training field, specializing in security since 2005. He has consulted and delivered certification and customized training to all branches of the U.S. Military, and for many Fortune 100 and Fortune 500 companies, including: FBI, DCMA, SAIC, EPA, General Dynamics, Northrop Grumman, Best Buy, Target, Mayo Clinic, Medtronic, Blue Cross, Wells Fargo, US Bank, NASA, Boeing, Lockheed Martin, General Mills, Proctor and Gamble, AT&T,and Verizon, to name a few.

He has delivered CEH, CHFI, and ECSA/LPT for the last seven years, and has enjoyed a better than 95% pass across the board. He is a regular instructor for EC-Council’s iClass online training, and was also selected as the instructor for the official EC-Council iLearn self-study product for CEH v7.

Eric was awarded EC Council Instructor of the Year in 2009 and 2012, as well as the Circle of Excellence in 2006, 2007, and 2010.

1. Definitions
2. Information Security Management Program
3. Information Security Laws, Regulations, & Guidelines
4. Privacy Laws

2 – IS Management Controls and Auditing Management (Projects, Technology, and Operations)

1. Design, Deploy, and Manage Security Controls in Alignment with Business
Goals, Risk Tolerance, and Policies and Standards
2. Information Security Risk Assessment
3. Risk Treatment
4. Residual Risk
5. Risk Acceptance
6. Risk Management Feedback Loops
7. Business Goals
8. Risk Tolerance
9. Policies and Standards
10. Understanding Security Controls Types and Objectives
11. Implementing Control Assurance Frameworks
12. COBIT (Control Objectives for Information and Related Technology)
13. BAI06 Manage Changes
14. COBIT 4.1 vs. COBIT 5
15. ISO 27001/27002
16. Automate Controls
17. Understanding the Audit Management Process

Domain 3: Management – Projects & Operations

1. The Role of the CISO
2. Information Security Projects
3. Security Operations Management

Domain 4: Information Security Core Competencies

1. Access Controls
2. Physical Security
3. Disaster Recovery
4. Network Security
5. Threat and Vulnerability Management
6. Application Security
7. Systems Security
8. Encryption
9. Computer Forensics and Incident Response

Domain 5: Strategic Planning & Finance

1. Security Strategic Planning
2. Alignment with Business Goals and Risk Tolerance
3. Relationship between Security, Compliance, & Privacy
4. Leadership
5. Enterprise Information Security Architecture (EISA) Models, Frameworks, and Standards
6. Security Emerging Trends
7. It’s all about the Data
8. Key Performance Indicators (KPI)
9. Systems Certification and Accreditation Process
10. Resource Planning
11. Financial Planning
12. Procurement
13. Vendor Management
14. Request for Proposal (RFP) Process
15. Integrate Security Requirements into the Contractual Agreement and Procurement Process
16. Statement of Work
17. Service Level Agreements

Charles L. (Chuck) McGann, Jr.

Chuck delivers Cyber Security expertise, insight and support to Federal Agencies & Large Commercial Enterprises under pressure to address increasing cybersecurity threats and challenges, with a current focus on SME leadership and direction for NIST compliance. His functional expertise in compliance includes: SOX compliance strategies, Firewall policy strategies and guidelines, hardening standards, metrics/reporting, Identity/Access Management and CA/PKI operations and support.

SPECIALTIES:

Cybersecurity Strategist, Security Solutions Architect, Risk Management Framework, Incident Response, Information Assurance, CISSP, CISM, IAM, Incident Response Team Creation, Incident Response Operations, Cyber Intrusion Prevention, Cyber Intrusion Detection, Cybersecurity Tools, CISO Management, Endpoint Protection, Security Awareness, PCI, PCI/DSS, Data Loss Prevention, FedRAMP, Security Analytics.