Ethical Hacking Dual Certification Boot Camp – CEH v10 and PenTest+
Ethical Hacking Dual Certification Boot Camp – CEH v10 and PenTest+
Infosec’s authorized CompTIA Security+ Boot Camp teaches you information security theory and reinforces that theory with hands-on exercises to help you learn by doing. You will learn how to configure and operate many different technical security controls — and leave prepared to pass your Security+ exam.
Earn your CEH and PenTest+, guaranteed!
Boot camp overview
This boot camp teaches you how to use the tools and techniques used by cybercriminals to perform a white-hat, ethical hack on your organization. You’ll learn ethical hacking methodologies and gain hands-on hacking experience in our cloud-hosted cyber range, including reconnaissance, gaining access to systems, exploiting vulnerabilities and exfiltrating data.
You’ll leave with the ability to quantitatively assess and measure threats to information assets — and discover where your organization is most vulnerable to hacking. This boot camp also prepares you to earn two in-demand certifications: EC-Council Certified Ethical Hacker (CEH) and CompTIA PenTest+.
Skill up and get certified, guaranteed
Exam Pass Guarantee
If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year.
100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Flex Pro or Flex Classroom course.
Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
Learn by doing in the cyber range
Hundreds of exercises in over 20 separate hands-on labs bring you up to speed with the latest threats to which your organization is most vulnerable. Practice penetration testing in our virtualized environment that simulates a full range of servers and services used in a real company. Learn how to compromise web servers, virtual machines, databases, routers and firewalls, and then put it all together in an unscripted evening Capture the Flag (CTF) exercise.
CTF exercises are an opportunity for you to practice your hacking skills in a real-world environment. Infosec sets up a mock company that you can freely attack without having to worry about damaging production systems. The purpose of the CTF exercises is to ensure you understand how to apply the skills you learned during the day to a real-world, ethical hacking scenario.
Who should attend?
- Penetration and vulnerability testers
- Cybersecurity analysts
- Cybersecurity consultants
- Offensive security professionals
- Anyone with a desire to learn about ethical hacking
and develop their penetration testing skills
Prerequisites
- Firm understanding of the Windows Operating System
- Exposure to the Linux Operating System or other Unix-based operating system
- Grasp of the TCP/IP protocols
Meets 8570.1 requirements
Attention DoD Information Assurance workers! This boot camp helps meet U.S. Department of Defense Directive 8570.1 requirements for department employees or contractors engaged in work related to information security. The directive specifies Certified Ethical Hacker (CEH) as an approved baseline certification for CCSP Analyst, CSSP Infrastructure Support, CSSP Incident Responder, and CSSP Auditor.
Authorized training partner
Infosec is an authorized training partner of EC-Council and CompTIA, and we’ve won awards from both organizations for our boot camps. The EC-Council Certified Ethical Hacker (CEH) and CompTIA PenTest+ are two of the most in-demand hacking certifications. Infosec instructors found around 80% of the material overlaps and students get the best value by training for both certifications at the same time.
Start learning immediately
- Immediate access to Infosec Skills — including a bonus boot camp prep course — from the minute you enroll to 90 days after your boot camp
- Five days of expert, live Ethical Hacking training
- Penetration Testing Cyber Range
- 90-day extended access to all boot camp video replays and materials
- Unlimited CEH and PenTest+ practice exam attempts
- CEH exam voucher
- PenTest+ exam voucher
- Learn by doing with hundreds of additional hands-on courses and labs
- 100% Satisfaction Guarantee
- Exam Pass Guarantee (online students)
Comcast stays ahead of tech change with Infosec Skills
FEATURED CASE STUDY
Providing relevant cybersecurity training to its sales engineering team is a top priority at Comcast Business’s West Division. Learn why Senior Director of Sales Engineering Romy Ricafort selected Infosec Skills to help his team stay ahead of changing technology and ensure they have the right skills to support their clients and products.
Security+ training schedule
Infosec’s Ethical Hacking training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.
1. Before your Bootcamp
Start learning now. You’ll get immediate access to all the content in Infosec Skills, including an in-depth ethical hacking prep course, the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.
2. During Bootcamp
-
Day 1
The first half of day one focuses on learning the job duties required of a penetration tester. You will learn the ins and outs of the various penetration testing methodologies required in order for an ethical hack to be used in a business or government setting. You will also delve deep into technical material, learning how to perform network reconnaissance against modern infrastructure.Lectures include:
- Security testing methodologies
- The ethical hacking profession
- Planning and scoping an engagement
- Legal and compliance considerations
- Ethical hacking methodologies
- Tools of the trade
- Linux overview
- Passive intelligence gathering
- Abusing DNS
- Abusing SNMP
- Security testing methodologies
Some of the instructor-led hands-on lab exercises:
- Linux fundamentals
- Passive intelligence gathering
- Understanding the Domain Naming System
- Enumerating DNS entries to develop a focused attack strategy
- Attacking the Domain Naming System
- Discovering SNMP vulnerabilities and flaws
- Enumerating SNMP information
- Brute forcing SNMP community strings
- Capture the Flag exercises
Day 2
Having learned how to gather information about several targets, we begin day two with narrowing our attack by finding potentially vulnerable systems/services. You will master the art of network scanning and service identification, and gain a deeper understanding of how systems
communicate using the TCP and UDP protocolsLectures include:
- Understanding TCP packets and structuresPassive network discovery and scanning
- TCP scanning
- Using differences in RFC implementations to your advantage
- Scanning through firewalls
- How to prevent the discovery of your reconnaissance activities
- Using zombies to mask network scanning
- Avoiding IDS/IPS detection
- Proper identification of services
- Vulnerability identification
Some of the hands-on lab exercises include:
- Packet analysis
- Obtaining authentication credentials via packet capture
- Network scanning
- Target scanning of potentially vulnerable targets
- Remaining undetected while performing a network scan
- Enumerating services and identifying vulnerabilities
- Capture the Flag exercises
Day 3
After gathering information about your target system, you will put all that hard work to use when you learn how to exploit those vulnerabilities. You will learn the skills to demonstrate a successful exploit of a vulnerability as well as how to gather additional credentials to exploit vulnerabilities in other systems. You will also learn useful social engineering techniques, including phishing, and methods of attacking physical security.
Lectures include:
- Vulnerability life cycles
- Types of vulnerabilities
- Flaws in encryption
- Configuration errors
- Buffer overflows
- Stack overflows
- Vulnerability mapping
- Exploit utilization and delivery methods
- Client side exploits
- Server side exploits
- Password security
- Social engineering techniques
- Attacking physical controls
- Hashing
- Rainbow tables
- Attacking Windows password security
- Weaknesses in Windows authentication protocols
- Rainbow tables
Some of the hands-on lab exercises include:
- Gaining unauthorized access to systems
- Use of various payloads to increase privileges
- Keystroke logging
- DLL injection attack
- Exploit server side applications
- Gather password hashes
- Exploit weaknesses in authentication protocols
- Capture the Flag exercises
Day 4
After compromising a target, you will extend your access to all vulnerable systems at your target organization and learn how to covertly exfiltrate data. The second half of day four covers attacking web-based applications and understanding SQL injection.
Lectures include:
- Use of Trojans
- Redirecting ports to thwart firewall rules
- Avoiding anti-virus detection
- Lateral movement and persistence
- Use of keyloggers
- IDS operations and avoidance
- Encrypting your communications
- Protocol abuse for covert communications
- Creating custom encryption tunneling applications
- E-shoplifting
- XSS attacks
- Cross site forgery
- Circumventing authentication
- SQL injection discovery and exploitation
- SQL data extraction
Some of the hands-on lab exercises include:
- Use of Trojans
- IDS usage and avoidance
- Data transmission encryption techniques
- Creating a custom covert channel
- Web application parameter tampering
- Cross site scripting attacks
- SQL injection
- Chaining exploits
- Exploiting extended stored procedures
- Capture the Flag exercises
Day 5
Day five is dedicated toward wireless security, using basic scripts for ethical hacking, covering your tracks and post-engagement activities. You will master the ability to sniff data, clean up all traces of your activities and learn best practices for writing reports and recommending mitigation strategies.Lectures include:
- Sniffing in different environments
- Attack sniffers
- Man-in-the-middle attacks
- Wireless networking
- Shared key authentication weaknesses
- WEP/WPA/WPA2 cracking
- Anti-forensics
- Log modification/deletion
- Rootkits
- Introduction to scripting
- Common script components
- Writing effective reports
- Providing mitigation recommendations
- CEH exam review
- PenTest+ exam review
Some of the hands-on lab exercises include:
- ARP spoofing and man in the middle
- Specialized sniffing
- DNS spoofing
- Phishing attacks
The day finishes with the CEH examination given on-site at the training location or online from home. You will receive an exam voucher to take the PenTest+ exam.
3. After Your BootCamp
Your Infosec Skills access extends 90 days past your boot camp, so you can take additional time to prepare for your CEH or PenTest+ exam, get a head start on your next certification goal or start earning CPEs.
Ethical Hacking Dual Certification Boot Camp – CEH v10 and PenTest+
Infosec’s authorized CompTIA Security+ Boot Camp teaches you information security theory and reinforces that theory with hands-on exercises to help you learn by doing. You will learn how to configure and operate many different technical security controls — and leave prepared to pass your Security+ exam.
Earn your CEH and PenTest+, guaranteed!
Boot camp overview
This boot camp teaches you how to use the tools and techniques used by cybercriminals to perform a white-hat, ethical hack on your organization. You’ll learn ethical hacking methodologies and gain hands-on hacking experience in our cloud-hosted cyber range, including reconnaissance, gaining access to systems, exploiting vulnerabilities and exfiltrating data.
You’ll leave with the ability to quantitatively assess and measure threats to information assets — and discover where your organization is most vulnerable to hacking. This boot camp also prepares you to earn two in-demand certifications: EC-Council Certified Ethical Hacker (CEH) and CompTIA PenTest+.
Skill up and get certified, guaranteed
Exam Pass Guarantee
If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year.
100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Flex Pro or Flex Classroom course.
Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
Learn by doing in the cyber range
Hundreds of exercises in over 20 separate hands-on labs bring you up to speed with the latest threats to which your organization is most vulnerable. Practice penetration testing in our virtualized environment that simulates a full range of servers and services used in a real company. Learn how to compromise web servers, virtual machines, databases, routers and firewalls, and then put it all together in an unscripted evening Capture the Flag (CTF) exercise.
CTF exercises are an opportunity for you to practice your hacking skills in a real-world environment. Infosec sets up a mock company that you can freely attack without having to worry about damaging production systems. The purpose of the CTF exercises is to ensure you understand how to apply the skills you learned during the day to a real-world, ethical hacking scenario.
Who should attend?
- Penetration and vulnerability testers
- Cybersecurity analysts
- Cybersecurity consultants
- Offensive security professionals
- Anyone with a desire to learn about ethical hacking
and develop their penetration testing skills
Prerequisites
- Firm understanding of the Windows Operating System
- Exposure to the Linux Operating System or other Unix-based operating system
- Grasp of the TCP/IP protocols
Meets 8570.1 requirements
Attention DoD Information Assurance workers! This boot camp helps meet U.S. Department of Defense Directive 8570.1 requirements for department employees or contractors engaged in work related to information security. The directive specifies Certified Ethical Hacker (CEH) as an approved baseline certification for CCSP Analyst, CSSP Infrastructure Support, CSSP Incident Responder, and CSSP Auditor.
Authorized training partner
Infosec is an authorized training partner of EC-Council and CompTIA, and we’ve won awards from both organizations for our boot camps. The EC-Council Certified Ethical Hacker (CEH) and CompTIA PenTest+ are two of the most in-demand hacking certifications. Infosec instructors found around 80% of the material overlaps and students get the best value by training for both certifications at the same time.
Start learning immediately
- Immediate access to Infosec Skills — including a bonus boot camp prep course — from the minute you enroll to 90 days after your boot camp
- Five days of expert, live Ethical Hacking training
- Penetration Testing Cyber Range
- 90-day extended access to all boot camp video replays and materials
- Unlimited CEH and PenTest+ practice exam attempts
- CEH exam voucher
- PenTest+ exam voucher
- Learn by doing with hundreds of additional hands-on courses and labs
- 100% Satisfaction Guarantee
- Exam Pass Guarantee (online students)
Comcast stays ahead of tech change with Infosec Skills
FEATURED CASE STUDY
Providing relevant cybersecurity training to its sales engineering team is a top priority at Comcast Business’s West Division. Learn why Senior Director of Sales Engineering Romy Ricafort selected Infosec Skills to help his team stay ahead of changing technology and ensure they have the right skills to support their clients and products.
Security+ training schedule
Infosec’s Ethical Hacking training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.
1. Before your Bootcamp
Start learning now. You’ll get immediate access to all the content in Infosec Skills, including an in-depth ethical hacking prep course, the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.
2. During Bootcamp
-
Day 1
The first half of day one focuses on learning the job duties required of a penetration tester. You will learn the ins and outs of the various penetration testing methodologies required in order for an ethical hack to be used in a business or government setting. You will also delve deep into technical material, learning how to perform network reconnaissance against modern infrastructure.Lectures include:
- Security testing methodologies
- The ethical hacking profession
- Planning and scoping an engagement
- Legal and compliance considerations
- Ethical hacking methodologies
- Tools of the trade
- Linux overview
- Passive intelligence gathering
- Abusing DNS
- Abusing SNMP
- Security testing methodologies
Some of the instructor-led hands-on lab exercises:
- Linux fundamentals
- Passive intelligence gathering
- Understanding the Domain Naming System
- Enumerating DNS entries to develop a focused attack strategy
- Attacking the Domain Naming System
- Discovering SNMP vulnerabilities and flaws
- Enumerating SNMP information
- Brute forcing SNMP community strings
- Capture the Flag exercises
Day 2
Having learned how to gather information about several targets, we begin day two with narrowing our attack by finding potentially vulnerable systems/services. You will master the art of network scanning and service identification, and gain a deeper understanding of how systems
communicate using the TCP and UDP protocolsLectures include:
- Understanding TCP packets and structuresPassive network discovery and scanning
- TCP scanning
- Using differences in RFC implementations to your advantage
- Scanning through firewalls
- How to prevent the discovery of your reconnaissance activities
- Using zombies to mask network scanning
- Avoiding IDS/IPS detection
- Proper identification of services
- Vulnerability identification
Some of the hands-on lab exercises include:
- Packet analysis
- Obtaining authentication credentials via packet capture
- Network scanning
- Target scanning of potentially vulnerable targets
- Remaining undetected while performing a network scan
- Enumerating services and identifying vulnerabilities
- Capture the Flag exercises
Day 3
After gathering information about your target system, you will put all that hard work to use when you learn how to exploit those vulnerabilities. You will learn the skills to demonstrate a successful exploit of a vulnerability as well as how to gather additional credentials to exploit vulnerabilities in other systems. You will also learn useful social engineering techniques, including phishing, and methods of attacking physical security.
Lectures include:
- Vulnerability life cycles
- Types of vulnerabilities
- Flaws in encryption
- Configuration errors
- Buffer overflows
- Stack overflows
- Vulnerability mapping
- Exploit utilization and delivery methods
- Client side exploits
- Server side exploits
- Password security
- Social engineering techniques
- Attacking physical controls
- Hashing
- Rainbow tables
- Attacking Windows password security
- Weaknesses in Windows authentication protocols
- Rainbow tables
Some of the hands-on lab exercises include:
- Gaining unauthorized access to systems
- Use of various payloads to increase privileges
- Keystroke logging
- DLL injection attack
- Exploit server side applications
- Gather password hashes
- Exploit weaknesses in authentication protocols
- Capture the Flag exercises
Day 4
After compromising a target, you will extend your access to all vulnerable systems at your target organization and learn how to covertly exfiltrate data. The second half of day four covers attacking web-based applications and understanding SQL injection.
Lectures include:
- Use of Trojans
- Redirecting ports to thwart firewall rules
- Avoiding anti-virus detection
- Lateral movement and persistence
- Use of keyloggers
- IDS operations and avoidance
- Encrypting your communications
- Protocol abuse for covert communications
- Creating custom encryption tunneling applications
- E-shoplifting
- XSS attacks
- Cross site forgery
- Circumventing authentication
- SQL injection discovery and exploitation
- SQL data extraction
Some of the hands-on lab exercises include:
- Use of Trojans
- IDS usage and avoidance
- Data transmission encryption techniques
- Creating a custom covert channel
- Web application parameter tampering
- Cross site scripting attacks
- SQL injection
- Chaining exploits
- Exploiting extended stored procedures
- Capture the Flag exercises
Day 5
Day five is dedicated toward wireless security, using basic scripts for ethical hacking, covering your tracks and post-engagement activities. You will master the ability to sniff data, clean up all traces of your activities and learn best practices for writing reports and recommending mitigation strategies.Lectures include:
- Sniffing in different environments
- Attack sniffers
- Man-in-the-middle attacks
- Wireless networking
- Shared key authentication weaknesses
- WEP/WPA/WPA2 cracking
- Anti-forensics
- Log modification/deletion
- Rootkits
- Introduction to scripting
- Common script components
- Writing effective reports
- Providing mitigation recommendations
- CEH exam review
- PenTest+ exam review
Some of the hands-on lab exercises include:
- ARP spoofing and man in the middle
- Specialized sniffing
- DNS spoofing
- Phishing attacks
The day finishes with the CEH examination given on-site at the training location or online from home. You will receive an exam voucher to take the PenTest+ exam.
3. After Your BootCamp
Your Infosec Skills access extends 90 days past your boot camp, so you can take additional time to prepare for your CEH or PenTest+ exam, get a head start on your next certification goal or start earning CPEs.