Certified Ethical Hacker (CEH) Training Course

  • Designed for results
  • World-class experts
  • Flexible online learning

Overview

Take your IT career to the next level with this video-based online training course designed to provide you with the hands-on experience to mitigate your network, guard it from multifaceted attacks, and prepare you to succeed on the Certified Ethical Hacker (CEH) exam. With this expert-led certification prep course you'll get more than enough practice tests to confidently prepare for the CEH, along with lab-based, real-world projects that explore all sides of multi-pronged cybersecurity attacks to ensure your preparedness to combat attack threats.

Who should take this course

Skill level | Intermediate

  • Anyone planning to take the EC-Council Certified Ethical Hacker (CEH) Exam to become a Certified Ethical Hacker
  • Anyone who is interested in becoming a cybersecurity professional or concerned about the integrity of their network infrastructure
  • Anyone interested in ethical hacking (penetration testing)

In order to achieve certification via the Ethical Hacker (CEH) Certification exam, the EC-Council requires that applicants attend an EC-Council training session or show that they have 2 years of information security experience in each of the 5 CCISCO Domains.

For an optimal course experience, we recommend using these browsers and devices.

Course includes

  • 18 hours of targeted video-based lessons led by industry experts
  • Hands-on labs to simulate real-world experience performing footprinting, penetration testing, and security risk analysis, as well as measures to guard your network
  • Self-study tools, such as flashcards to study key terms and quizzes to self-asses your progress
  • Exclusive Pearson Test Prep practice exams to fully prepare to take the Certified Ethical Hacker (CEH) exam with confidence
  • 1 year of access*

What you'll learn

This Pearson IT Training Course covers the full range of topics tested on the Certified Ethical Hacker (CEH) exam, including:

  • Performing footprinting and reconScan networks
  • Performing countermeasures against enumeration
  • Conducting vulnerability analysis
  • Hacking systems and covering your tracks
  • Using and preventing malware
  • Performing network sniffing
  • Conducting social engineering methodologies and learning how to prevent them from happening
  • Performing Denial-of-Service (DoS) and session hijacking attacks, as well as taking measures to guard against them
  • Hacking web servers and applications using multiple tools and techniques
  • Performing attacks using SQL injection
  • Using the best tools and techniques for hacking wireless networks
  • Deploying IDS, firewalls, and honeypots, as well as learning how to evade them
  • Understanding and learning how to use cloud computing for penetration testing
  • Understanding cryptography and cryptanalysis
  • Exploiting the vulnerabilities of Internet of Things (IoT) devices
  • Understanding the vulnerabilities of and methods to hack mobile devices

*Retake guarantee

Retake guaranteeDidn't pass your certification exam on your first try? We'll give you six months of additional access at no cost.

About Pearson IT Training Courses

Pearson IT Training Courses are complete and affordable packages of expert-led, self-paced courses designed to help you stand out with in-demand skills that take your career to the next level.

From learning to hands-on practice and application, our comprehensive certification prep courses ensure you are ready for exam success.

Course experts

  • Omar Santos - Principal engineer, security expert, and author

    Omar Santos

    Omar Santos is a Principal Engineer of the Cisco Product Security Incident Response Team (PSIRT). Omar is the author of more than 20 books and video courses and has been quoted by numerous media outlets, such as TheRegister, Wired, ZDNet, ThreatPost, CyberScoop, TechCrunch, Fortune Magazine, Ars Technica, and more. You can follow Omar on Twitter @santosomar.

  • Nick Garner - Senior Solutions Architect and instructor

    Nick Garner, CCIE No. 17871, is a solutions integration architect for Cisco Systems. He has been in Cisco Advanced Services supporting customers in both transactional and subscription engagements for 8 years. In his primary role, he has deployed and supported large-scale data center designs for prominent clients in the San Francisco Bay area. His primary technical focus outside of data center routing and switching designs is security and multicast.

  • William "Bo" Rothwell - Lead instructor and courseware developer

    Wiliam "Bo" Rothwell's passion for understanding how computers work and sharing this knowledge with others has resulted in a rewarding career in IT training. His experience includes Linux, Unix, and programming languages such as Perl, Python, Tcl, and BASH. He is the founder and president of One Course Source, an IT training organization.

  • Michael Gregg - Cybersecurity author and expert security practitioner

    Michael Gregg, CISSP is the president of Superior Solutions, Inc., a Houston based training and consulting firm. He has more than 20 years experience in the IT field. He holds two associate's degrees, a bachelor's degree, and a master's degree. He presently maintains the following certifications: CISSP, MCSE, MCT, CTT+, A+, N+, Security+, CNA, CCNA, CIW Security Analyst, CCE, CEH, CHFI, CEI, DCNP, ES Dragon IDS, ES Advanced Dragon IDS, and TICSA. He has consulted and taught for many organizations, and he is a 9-time winner of Global Knowledge's Perfect Instructor Award.

Course outline

  1. Overview
  1. Module 1: Introduction
  2. Lesson 1: Course Overview
    1. Lesson 1 Learning Objectives
    2. 1.1 Areas of Focus and Exam Info
    3. 1.2 Course Is and Isn't
  3. Lesson 2: Introduction to Ethical Hacking
    1. Lesson 2 Learning Objectives
    2. 2.1 Cybersecurity Overview
    3. 2.2 Threats and Attack Vectors
    4. 2.3 Attack Concepts
    5. 2.4 Understanding the Legal Aspects of Penetration Testing
    6. 2.5 Exploring Penetration Testing Methodologies
    7. 2.6 Attack Phases
    8. 2.7 Attack Types
    9. 2.8 InfoSec Policies
  4. Lesson 2: Review
    1. Lesson 2 Flashcards
    2. Lesson 2 Quiz
  5. Lesson 3: Footprinting and Recon
    1. Lesson 3 Learning Objectives
    2. 3.1 Footprinting Concepts
    3. 3.2 Footprinting Objectives
    4. 3.3 Footprinting Methodologies
    5. 3.4 Search Engines
    6. 3.5 Finding People
    7. 3.6 Competitive Intelligence
    8. 3.7 Websites
    9. 3.8 Email Tracking
    10. 3.9 Network Discovery
    11. 3.10 DNS/Whois
    12. 3.11 Social Engineering
    13. 3.12 Employee Online Activities
    14. 3.13 Footprinting Tools
    15. 3.14 Footprinting Countermeasures
    16. 3.15 Penetration Testing: Footprinting and Recon
  6. Lesson 3: Review
    1. Lesson 3 Flashcards
    2. Lesson 3 Quiz
  7. Lesson 4: Scanning Networks
    1. Lesson 4 Learning Objectives
    2. 4.1 Network Scanning Overview
    3. 4.2 Scanning Techniques
    4. 4.3 TCP/UDP Refresher
    5. 4.4 TCP Scanning Types
    6. 4.5 More TCP Scanning Techniques
    7. 4.6 Nmap Demo
    8. 4.7 IDS Evasion
    9. 4.8 Banner Grabbing
    10. 4.9 Vulnerability Scanning
    11. 4.10 Network Diagramming
    12. 4.11 Using and Chaining Proxies
    13. 4.12 HTTP and SSH Tunneling
    14. 4.13 Anonymizers
    15. 4.14 IP Spoofing and Countermeasures
    16. 4.15 Penetration Testing: Scanning Networks
  8. Lesson 4: Review
    1. Lesson 4 Flashcards
    2. Lesson 4 Quiz
  9. Module 1: Review
    1. Module 1 Quiz
  1. Module 2: Introduction
  2. Lesson 5: Enumeration
    1. Lesson 5 Learning Objectives
    2. 5.1 Enumeration Overview
    3. 5.2 NetBIOS Enumeration
    4. 5.3 Users and Default Passwords
    5. 5.4 SNMP Enumeration
    6. 5.5 Linux Enumeration
    7. 5.6 LDAP, NTP, SMTP, DNS Enumeration
    8. 5.7 Enumerating IKE, IPsec, VPNs
    9. 5.8 Enumeration Countermeasures
    10. 5.9 Penetration Testing: Enumeration
  3. Lesson 5: Review
    1. Lesson 5 Flashcards
    2. Lesson 5 Quiz
  4. Lesson 6: Vulnerability Analysis
    1. Lesson 6 Learning Objectives
    2. 6.1 Introducing Vulnerability Research and Classification
    3. 6.2 Exploring Vulnerability Assessment
    4. 6.3 Vulnerability Management Lifecycle (Vulnerability Assessment Phases)
    5. 6.4 Understanding Different Approaches of Vulnerability Assessment Solutions
    6. 6.5 Overview of Vulnerability Scoring Systems
    7. 6.6 Vulnerability Assessment Tools
    8. 6.7 Overview of Vulnerability Assessment Reports
  5. Lesson 6: Review
    1. Lesson 6 Flashcards
    2. Lesson 6 Quiz
  6. Lesson 7: System Hacking
    1. Lesson 7 Learning Objectives
    2. 7.1 Hacking Methodology
    3. 7.2 Password Cracking
    4. 7.3 Keyloggers and Anti-keyloggers
    5. 7.4 Microsoft Authentication
    6. 7.5 Defense Against Password Cracking
    7. 7.6 Privilege Escalation
    8. 7.7 Executing Applications
    9. 7.8 Rootkits and Anti-rootkits
    10. 7.9 NTFS Stream Manipulation
    11. 7.1 Steganography and Steganalysis Methods
    12. 7.11 Covering Tracks
    13. 7.12 Penetration Testing: System Hacking
  7. Lesson 7: Review
    1. Lesson 7 Flashcards
    2. Lesson 7 Quiz
  8. Lesson 8: Malware Threats
    1. Lesson 8 Learning Objectives
    2. 8.1 Understanding Malware and Malware Propagation Techniques
    3. 8.2 Trojans, Backdoors, Viruses, Worms
    4. 8.3 Indications of Infection
    5. 8.4 Common Ports
    6. 8.5 How Malware Gets Into a System
    7. 8.6 How to Detect
    8. 8.7 Anti-malware Software
    9. 8.8 Online Malware Analysis Services
    10. 8.9 Countermeasures
    11. 8.10 Penetration Testing: Malware Threats
  9. Lesson 8: Review
    1. Lesson 8 Flashcards
    2. Lesson 8 Quiz
  10. Lesson 9: Sniffing
    1. Lesson 9 Learning Objectives
    2. 9.1 Sniffing Overview
    3. 9.2 Sniffing Attack Types
    4. 9.3 Protocol Analyzers
    5. 9.4 Sniffing Tools
    6. 9.5 Sniffing Detection and Defense
    7. 9.6 Penetration Testing: Sniffing
  11. Lesson 9: Review
    1. Lesson 9 Flashcards
    2. Lesson 9 Quiz
  12. Lesson 10: Social Engineering
    1. Lesson 10 Learning Objectives
    2. 10.1 Social Engineering Concepts
    3. 10.2 Social Networking
    4. 10.3 Identity Theft
    5. 10.4 Social Engineering Countermeasures
    6. 10.5 Understanding Social Engineering
    7. 10.6 Surveying Social Engineering Methodologies
    8. 10.7 Understanding How to Target Employees
    9. 10.8 Exploring Social Engineering Tools
    10. 10.9 Exploring the Social Engineering Toolkit (SET)
    11. 10.10 Surveying Social Engineering Case Studies
    12. 10.11 Penetration Testing: Social Engineering
  13. Lesson 10: Review
    1. Lesson 10 Flashcards
    2. Lesson 10 Quiz
  14. Module 2: Review
    1. Module 2 Quiz
  1. Module 3: Introduction
  2. Lesson 11: Denial-of-Service (DoS)
    1. Lesson 11 Learning Objectives
    2. 11.1 DoS/DDoS Overview
    3. 11.2 DoS Techniques
    4. 11.3 Botnets
    5. 11.4 DoS Attack Tools
    6. 11.5 Detection and Countermeasures
    7. 11.6 DDoS Protection Tools
    8. 11.7 Penetration Testing: DoS
  3. Lesson 11: Review
    1. Lesson 11 Flashcards
    2. Lesson 11 Quiz
  4. Lesson 12: Session Hijacking
    1. Lesson 12 Learning Objectives
    2. 12.1 What Is Session Hijacking?
    3. 12.2 Techniques
    4. 12.3 Application Level Session Hijacking
    5. 12.4 MitM Attacks
    6. 12.5 Cross-site Attacks
    7. 12.6 Network Level Hijacking
    8. 12.7 Session Hijacking Tools
    9. 12.8 Hijacking Protection
    10. 12.9 Penetration Testing: Session Hijacking
  5. Lesson 12: Review
    1. Lesson 12 Flashcards
    2. Lesson 12 Quiz
  6. Module 3: Review
    1. Module 3 Quiz
  1. Module 4: Introduction
  2. Lesson 13: Hacking Webservers
    1. Lesson 13 Learning Objectives
    2. 13.1 Webserver Concepts
    3. 13.2 Webserver Attacks
    4. 13.3 Attack Methodology
    5. 13.4 Countermeasures
    6. 13.5 System Patch Management
    7. 13.6 Security Tools
    8. 13.7 Exploring CMS and Framework Identification
    9. 13.8 Surveying Web Crawlers and Directory Brute Force
    10. 13.9 Understanding How Web Application Scanners Work
    11. 13.10 Introducing Nikto
    12. 13.11 Introducing the Burp Suite
    13. 13.12 Introducing OWASP Zed Application Proxy (ZAP)
    14. 13.13 Introducing OpenVAS
  3. Lesson 13: Review
    1. Lesson 13 Flashcards
    2. Lesson 13 Quiz
  4. Lesson 14: Hacking Web Applications
    1. Lesson 14 Learning Objectives
    2. 14.1 Attack Vectors and Threats
    3. 14.2 Footprinting
    4. 14.3 Authentication and Authorization System Attacks
    5. 14.4 Understanding the Need for Web Application Penetration Testing
    6. 14.5 Exploring How Web Applications Have Evolved Over Time
    7. 14.6 Understanding the Web Application Protocols
    8. 14.7 Exploring the HTTP Request and Response
    9. 14.8 Surveying Session Management and Cookies
    10. 14.9 Understanding the APIs
    11. 14.10 Exploring the Tools Used to Test the APIs
    12. 14.11 Exploring Cloud Services
    13. 14.12 Exploring Web Application Frameworks
    14. 14.13 Surveying Docker Containers
    15. 14.14 Introducing DevOps
    16. 14.15 Understanding Authentication Schemes in Web Applications
    17. 14.16 Exploring Session Management Mechanisms and Related Vulnerabilities
    18. 14.17 Database Connectivity Attacks
  5. Lesson 14: Review
    1. Lesson 14 Flashcards
    2. Lesson 14 Quiz
  6. Lesson 15: Advanced Web Application Hacking
    1. Lesson 15 Learning Objectives
    2. 15.1 Understanding What is Command Injection
    3. 15.2 Exploiting Command Injection Vulnerabilities
    4. 15.3 Understanding What is XML Injection
    5. 15.4 Exploiting XML Injection Vulnerabilities
    6. 15.5 Undertanding How to Mitigate Injection Vulnerabilities
    7. 15.6 Understanding What is XSS
    8. 15.7 Exploiting Reflected XSS Vulnerabilities
    9. 15.8 Exploiting Stored XSS Vulnerabilities
    10. 15.9 Exploiting DOM Based XSS Vulnerabilities
    11. 15.10 Understanding Cross-Site Request Forgery (CSRF)
    12. 15.11 Exploiting CSRF Vulnerabilities
    13. 15.12 Evading Web Application Security Controls
    14. 15.13 Mitigating XSS and CSRF Vulnerabilities
    15. 15.14 Surveying the Client-side Code and Storage
    16. 15.15 Understanding HTML5 Implementations
    17. 15.16 Understanding AJAX Implementations
    18. 15.17 Mitigating AJAX, HTML5, and Client-side Vulnerabilities
    19. 15.18 Understanding the Other Common Security Flaws in Web Applications
    20. 15.19 Exploiting Insecure Direct Object References and Path Traversal
    21. 15.20 Surveying Information Disclosure Vulnerabilities
    22. 15.21 Fuzzing Web Applications
    23. 15.22 Web Application Security Tools
    24. 15.23 Web Application Firewalls
  7. Lesson 15: Review
    1. Lesson 15 Flashcards
    2. Lesson 15 Quiz
  8. Lesson 16: SQL Injection
    1. Lesson 16 Learning Objectives
    2. 16.1 Overview
    3. 16.2 Attacks Using SQL Injection
    4. 16.3 Methodology
    5. 16.4 Understanding SQL Injection
    6. 16.5 Exploiting SQL Injection Vulnerabilities
    7. 16.6 SQL Injection Defense
    8. 16.7 Detection Tools
  9. Lesson 16: Review
    1. Lesson 16 Flashcards
    2. Lesson 16 Quiz
  10. Module 4: Review
    1. Module 4 Quiz
  1. Module 5: Introduction
  2. Lesson 17: Hacking Wireless
    1. Lesson 17 Learning Objectives
    2. 17.1 Wireless LAN Overview
    3. 17.2 Wireless Encryption
    4. 17.3 Wireless Threats
    5. 17.4 Understanding Wireless Antennas
    6. 17.5 Surveying Wi-Fi Devices Like the Pinneaple
    7. 17.6 Building Your Own Lab
    8. 17.7 Introducing the Aircrack-ng Suite
    9. 17.8 Introducing Airmon-ng
    10. 17.9 Understanding Airodump-ng
    11. 17.10 Introducing Aireplay-ng
    12. 17.11 Introducing Airdecap-ng
    13. 17.12 Introducing Airserv-ng
    14. 17.13 Introducing Airtun-ng
    15. 17.14 Understanding WEP Fundamentals
    16. 17.15 Learning How to Crack WEP
    17. 17.16 Understanding WPA Fundamentals
    18. 17.17 Surveying Attacks Against WPA2-PSK Networks
    19. 17.18 Using coWPAtty
    20. 17.19 Using Pyrit
    21. 17.20 Exploring WPA Enterprise Hacking
    22. 17.21 Using Kismet
    23. 17.22 Using Wireshark
    24. 17.23 Defining Evil Twin Attacks
    25. 17.24 Performing Evil Twin Attacks
    26. 17.25 Using Karmetasploit
    27. 17.26 Bluetooth and Bluejacking
    28. 17.27 Understanding Bluetooth Vulnerabilities
    29. 17.28 Surveying Tools for Bluetooth Monitoring
    30. 17.29 Wireless Attack Defense
    31. 17.30 Wireless IPS
  3. Lesson 17: Review
    1. Lesson 17 Flashcards
    2. Lesson 17 Quiz
  4. Lesson 18: IDS, Firewalls, and Honeypots
    1. Lesson 18 Learning Objectives
    2. 18.1 IDS, Firewall, and Honeypot Concepts
    3. 18.2 Firewall Tools
    4. 18.3 Honeypot Tools
    5. 18.4 IDS Tools
    6. 18.5 Evading IDS and Firewalls
    7. 18.6 Evading IDS and Firewall Tools
    8. 18.7 Detecting Honeypots
    9. 18.8 Penetration Testing: IDS, Firewalls, and Honeypots
  5. Lesson 18: Review
    1. Lesson 18 Flashcards
    2. Lesson 18 Quiz
  6. Lesson 19: Cloud Computing
    1. Lesson 19 Learning Objectives
    2. 19.1 Overview
    3. 19.2 Providers
    4. 19.3 Detection
    5. 19.4 Instance and VPC Security Methods
    6. 19.5 Cloud Use as a Pen Testing Source
    7. 19.6 Understanding the Challenge of Testing Cloud Services
    8. 19.7 Exploring How to Test in the Cloud
  7. Lesson 19: Review
    1. Lesson 19 Flashcards
    2. Lesson 19 Quiz
  8. Lesson 20: Cryptography
    1. Lesson 20 Learning Objectives
    2. 20.1 Overview
    3. 20.2 Algorithms
    4. 20.3 Tools
    5. 20.4 Public Key Infrastructure
    6. 20.5 Email
    7. 20.6 Disk Encryption and Tools
    8. 20.7 Attacks Against Cryptography
    9. 20.8 Cryptanalysis Tools
  9. Lesson 20: Review
    1. Lesson 20 Flashcards
    2. Lesson 20 Quiz
  10. Lesson 21: IoT Hacking
    1. Lesson 21 Learning Objectives
    2. 21.1 Understanding IoT Fundamentals
    3. 21.2 Exploring ZigBee and IEEE 802.15.4
    4. 21.3 Exploring INSTEON
    5. 21.4 Exploring ZWave
    6. 21.5 Exploring LoRA
    7. 21.6 Overview of IoT Penetration Testing
    8. 21.7 IoT Security Tools
  11. Lesson 21: Review
    1. Lesson 21 Flashcards
    2. Lesson 21 Quiz
  12. Lesson 22: Hacking Mobile Platforms
    1. Lesson 22 Learning Objectives
    2. 22.1 Understanding OWASP Mobile Device Vulnerabilities
    3. 22.2 Wrestling with the BYOD Dilemma
    4. 22.3 Understanding Mobile Device Management (MDM)
    5. 22.4 Understanding Mobile Device Security Policies
    6. 22.5 Exploring The Android Security Model
    7. 22.6 Exploring Android Emulators and SDK
    8. 22.7 Understanding Android Hacking Tools and Methodologies
    9. 22.8 Introducing iOS Security
    10. 22.9 Exploring Jailbraking iOS
    11. 22.1 Surveying Tools for Dissasembling iOS Applications
    12. 22.11 Understanding Mobile Spyware
    13. 22.12 Exploring How to Make Your Own STORM-like Mobile Hacking Device
  13. Lesson 22: Review
    1. Lesson 22 Flashcards
    2. Lesson 22 Quiz
  14. Module 5: Review
    1. Module 5 Quiz
  1. CEH v11 Bonus Content Learning Objectives
  2. Understanding IoT Security Threats
  3. The Utility Industry
  4. Communications Over the Utility WAN
  5. Field Area Networks (FANs)
  6. IoT Industrial Network Architecture
  7. Factory Security
  8. The Oil and Gas Industry—Trends and Challenges
  9. IoT Architectures for Oil and Gas
  10. Securing IoT for Oil and Gas
  11. IoT Architecture for Mining
  12. Surveying Unsecure Code Practices and Insecure APIs
  13. Understanding Security Threats in Cloud Environments
  14. Understanding VXLAN and Network Overlays
  15. Understanding Microsegmentation
  16. Introducing the Different Cloud Deployment and Service Models
  17. Surveying Patch Management in the Cloud
  18. Performing Security Assessments in Cloud Environments
  19. Introducing Agile, DevOps, and CI/CD Pipelines
  20. Introducing Serverless Computing
  21. Understanding Container Orchestration and an Introduction to Kubernetes
  22. Exploring the Concepts of DevSecOps
  23. Attacking WPA2 Implementations
  24. Assessing Unsecure Code Practices and APIs
  25. Exploring Sandboxes and Virtual Machine Escape Attacks
  26. The Evolution of IEEE 802.11 Security
  27. WPA3 Security
  28. Understanding API Access
  29. Understanding Authentication
  30. Understanding Authorization Modes
  31. Managing Security Contexts
  32. Managing Kubernetes User Accounts
  33. Managing Security (Video Lab)
  34. Managing Security (Video Lab Solution)
  35. Understanding File-less Malware Concepts
  36. Introducing Malware Analysis
  37. Exploring WPA3 Attacks and Mitigation
Add to cart form
$250

Everything you need

  • Video-based lessons (18 hours)
  • Interactive lab exercises
  • Self-study quizzes
  • Practice tests
  • 15-month access

Course experts

  • Omar Santos

    Best-selling Cisco Press author, expert trainer, and Principal Engineer at Cisco (PSIRT)

    Omar Santos
  • Nick Garner

    Best-selling Cisco Press author, cloud expert, and Cisco Certified Internetwork Expert (No.17871)

    Nick Garner
  • William Rothwell

    Lead instructor and courseware developer

    William Rothwell

Recommended for you

Certified Ethical Hacker (CEH) Training Course

$250.00