Footprinting, Scanning, and Enumeration

This course is included in our On-demand training solution.


Gathering information about a company, its network, and the servers, services, and ports that it uses and has open is a very important part of preparing for an attack on a network; but it is also tremendously important for an ethical hacker to take the same steps and to find the same weaknesses. This course will examine the steps taken to gather information, find a network range, network scanning and tools, enumeration techniques, and the countermeasures used against all of these. This course also assists students who are preparing for the EC Council’s Ethical Hacking and Countermeasures (CEHv6) exam 312-50.

Target Audience

Existing or in-training IT security professionals seeking detailed security penetration testing skills


A technical background with a solid understanding of networks and networking concepts, such as TCP/IP, IP Routing, and LAN Switching, as well as Windows and/or UNIX/LINUX operating systems; a general familiarity with the principles and usage of command-line, coding, and GUI-based technologies for manipulating IT operating systems

Expected Duration

150 min.

Course Objectives

Gathering Information

  • recognize how to use open source searching to gather information
  • recognize the role of RIR
  • recognize the purpose of NSlookup
  • Finding a Network Range

  • sequence the TTL process
  • recognize how traceroute is used in footprinting
  • recognize how e-mail tracking works
  • Scanning Methodology and Techniques

  • identify port scanning issues
  • recognize how the TCP three-way handshake works
  • recognize the types of scans you can perform with Nmap
  • Scanning Methods

  • differentiate between war driving and war dialing
  • differentiate between active and passive fingerprinting
  • Pre-attack Intelligence Gathering

    Windows Architecture and Security

  • recognize the difference between kernel mode and user mode in Windows NT systems
  • recognize how certain Windows elements affect security
  • NetBIOS and SNMP Enumeration

  • recognize how to limit NetBIOS null session vulnerabilities
  • recognize how to counter SNMP vulnerabilities
  • DNS and AD Enumeration

  • recognize how to limit DNS zone transfer vulnerabilities
  • recognize how to use Active Directory enumeration
  • Enumeration Techniques