SkillSoft Explore Course – Lambers, Inc.

IT Professional Certifications EC Council Certified Ethical hacker Certified Ethical Hacker (CEH) v11

Sessions are like a verified conversation between trusted systems, which makes session hijacking a common form of attack. In this course, you'll learn about session hijacking, including how it's accomplished and the different types. Session hijacking attacks can be performed at the network level, so you'll also explore common network-based session hijacking attacks such as UDP, TCP, and RST hijacking. Next, you'll move on to examine common application level session hijacking attacks such as man-in-the-middle, man-in-the-browser, cross-site scripting, and cross-site request forgery. Finally, you'll learn about common session hijacking security controls and countermeasures, as well as best practices like using encrypted protocols and secure session handling techniques. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v11 (312-50) exam.

Asset ID	it_spceh11tv_28_enus
Course Type	Video Course
Course Category	EC Council

Objectives
CEH v11: Hijacking Concepts & Countermeasures describe session hijacking and how it can be accomplished recognize the different types of session hijacking identify tools and details that can be used to perform session hijacking using man-in-the-middle attacks recall the details necessary to perform common network based session hijacking attacks like UDP, TCP, and RST hijacking recognize the details of common network based session hijacking attacks describe common application level session hijacking attacks describe the man-in-the-browser application level session hijacking attack identify the protocols or components that can be taken advantage of by an application level session hijacking attack identify the types of cross-site scripting (XSS) application level session hijacking attacks describe common session hijacking security detection methods and best practices recognize common session hijacking security controls, best practices, and secure session handling techniques

Objectives

CEH v11: Hijacking Concepts & Countermeasures

describe session hijacking and how it can be accomplished
recognize the different types of session hijacking
identify tools and details that can be used to perform session hijacking using man-in-the-middle attacks
recall the details necessary to perform common network based session hijacking attacks like UDP, TCP, and RST hijacking
recognize the details of common network based session hijacking attacks
describe common application level session hijacking attacks
describe the man-in-the-browser application level session hijacking attack
identify the protocols or components that can be taken advantage of by an application level session hijacking attack
identify the types of cross-site scripting (XSS) application level session hijacking attacks
describe common session hijacking security detection methods and best practices
recognize common session hijacking security controls, best practices, and secure session handling techniques