INTRODUCTION TO ETHICAL HACKING (CEH V10)

• Information Security Overview
• Information Security Threats and Attack Vectors
• Hacking Concepts
• Ethical Hacking Concepts
• Information Security Controls
• Penetration Testing Concepts
• Information Security Laws and Standards

FOOTPRINTING AND RECONNAISSANCE (CEH V10)

• Footprinting Concepts
• Footprinting through Search Engines
• Footprinting through Web Services
• Footprinting through Social Networking Sites
• Website Footprinting
• Email Footprinting
• Competitive Intelligence
• Whois Footprinting
• DNS Footprinting
• Network Footprinting
• Footprinting through Social Engineering
• Footprinting Tools
• Countermeasures
• Footprinting Pen Testing

SCANNING NETWORKS (CEH V10)

• Network Scanning Concepts
• Scanning Tools
• Scanning Techniques
• Scanning Beyond IDS and Firewall
• Banner Grabbing
• Draw Network Diagrams
• Scanning Pen Testing

ENUMERATION (CEH V10)

• Enumeration Concepts
• NetBIOS Enumeration
• SNMP Enumeration
• LDAP Enumeration
• NTP Enumeration
• SMTP and DNS Enumeration
• Other Enumeration Techniques
• Enumeration Countermeasures
• Enumeration Pen Testing

VULNERABILITY ANALYSIS (CEH V10)

• Vulnerability Assessment Concepts
• Vulnerability Assessment Solutions
• Vulnerability Scoring Systems
• Vulnerability Assessment Tools
• Vulnerability Assessment Reports

SYSTEM HACKING (CEH V10)

• System Hacking Concepts
• Cracking Passwords
• Escalating Privileges
• Executing Applications
• Hiding Files
• Covering Tracks
• Penetration Testing

MALWARE THREATS (CEH V10)

• Malware Concepts
• Trojan Concepts
• Virus and Worm Concepts
• Malware Analysis
• Countermeasures
• Anti-Malware Software
• Malware Penetration Testing

SNIFFING (CEH V10)

• Sniffing Concepts
• Sniffing Technique: MAC Attacks
• Sniffing Technique: DHCP Attacks
• Sniffing Technique: ARP Poisoning
• Sniffing Technique: Spoofing Attacks
• Sniffing Technique: DNS Poisoning
• Countermeasures
• Sniffing Detection Techniques
• Sniffing Pen Testing

SOCIAL ENGINEERING (CEH V10)

• Social Engineering Concepts
• Social Engineering Techniques
• Insider Threats
• Impersonation on Social Networking Sites
• Identity Theft
• Countermeasures
• Social Engineering Pen Testing

DENIAL-OF-SERVICE (CEH V10)

• DoS/DDoS Concepts
• DoS/DDoS Attack Techniques
• Botnets
• DDoS Case Study
• DoS/DDoS Attack Tools
• Countermeasures
• DoS/DDoS Protection Tools
• DoS/DDoS Penetration Testing

SESSION HIJACKING (CEH V10)

• Session Hijacking Concepts
• Application Level Session Hijacking
• Network Level Session Hijacking
• Session Hijacking Tools
• Countermeasures

EVADING IDS, FIREWALLS, AND HONEYPOTS (CEH V10)

• IDS, Firewall and Honeypot Concepts
• IDS, Firewall and Honeypot Solutions
• Evading IDS
• Evading Firewalls
• IDS/Firewall Evading Tools
• Detecting Honeypots
• IDS/Firewall Evasion Countermeasures
• Penetration Testing

HACKING WEB SERVERS (CEH V10)

• Web Server Concepts
• Web Server Attacks
• Web Server Attack Methodology
• Web Server Attack Tools
• Countermeasures
• Patch Management
• Web Server Security Tools
• Web Server Pen Testing

HACKING WEB APPLICATIONS (CEH V10)

• Web App Concepts
• Web App Threats
• Hacking Methodology
• Web App Hacking Tools
• Countermeasures
• Web App Security Testing Tools
• Web App Pen Testing

SQL INJECTION (CEH V10)

• SQL Injection Concepts
• Types of SQL Injection
• SQL Injection Methodology
• SQL Injection Tools
• Evasion Techniques
• Countermeasures

HACKING WIRELESS NETWORKS (CEH V10)

• Wireless Concepts
• Wireless Encryption
• Wireless Threats
• Wireless Hacking Methodology
• Wireless Hacking Tools
• Bluetooth Hacking
• Countermeasures
• Wireless Security Tools
• Wireless Pen Testing

HACKING MOBILE PLATFORMS (CEH V10)

• Mobile Platform Attack Vectors
• Hacking Android OS
• Hacking iOS
• Mobile Spyware
• Mobile Device Management
• Mobile Security Guidelines and Tools
• Mobile Pen Testing

IOT HACKING (CEH V10)

• IoT Concepts
• IoT Attacks
• IoT Hacking Methodology
• IoT Hacking Tools
• Countermeasures
• IoT Pen Testing

CLOUD COMPUTING(CEH V10)

• Cloud Computing Concepts
• Cloud Computing Threats
• Cloud Computing Attacks
• Cloud Security
• Cloud Security Tools
• Cloud Penetration Testing

CRYPTOGRAPHY (CEH V10)

• Cryptography Concepts
• Encryption Algorithms
• Cryptography Tools
• Public Key Infrastructure (PKI)
• Email Encryption
• Disk Encryption
• Cryptanalysis
• Countermeasures

What is the CCISO?

The CCISO is for information security executives trying to be CISOs through improving their skills and learning to align information security programs with business goals and objectives. This program also supports existing CISOs to enhance their technical and management skills, as well as business procedures.

What makes the CCISO different from other certifications?

The CCISO program does not end at the technical features required, but increases to executive management and financial management, both of which are essential to leading a healthy information security program. It concentrates on the application of technical knowledge rather than technical information, which is related to a chief information security officer’s daily tasks. Information security administrators can rise through the professional ranks but must learn executive-level management, strategic planning, financial management, and organizational abilities to reach a C-Level position.

How do I know if CCISO is for me?

The CCISO is the right choice for you if you aspire to attain the highest regarded title within the information security profession – CISO, already serve as an official CISO, or Or perform CISO functions in their organization.

How long is the CCISO certification valid?

Your C|CISO certification is valid for a period of one year.

What do I need to do to renew my certification?

To renew your certification you must satisfy the Continuing Education requirements and remit a renewal fee of $100.00 (USD).

The CCISO certification is not an entry-level program. To qualify for the program and examination, you must have a minimum of 5 years of prior experience in at least three of the five domains.

The CCISO aims to bridge the gap between the executive management knowledge that CISOs need and the technical knowledge that many aspiring CISOs have. This can be a crucial gap as a practitioner endeavors to move from mid-management to upper, executive management roles. Much of this is traditionally learned as on the job training, but the CCISO Training Program can be the key to a successful transition to the highest ranks of information security management. The Certified Chief Information Security Officer certification is also an approved baseline certification on DoD Directive 8570/ 8140.

Exam:

Certified Chief Information Security Officer (CCISO v3)

Duration:

150 minutes

Questions:

150 multiple-choice questions

Passing Grade

To ensure each exam has equal assessment standards, cut scores are set on a “per exam form” basis. Depending on which exam form is challenged, cut scores can range from 60% to 85%.

The CCISO Certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security. Our team can deliver CCISO certification training on-site, anywhere in the world, and can be tailored to fit your organization’s specific needs.

Learn more about our Enterprise Solutions here