Lassonde Professional Development

Close mobile menu

Program Length

12 weeks

Next Program Dates


Program Format

self-paced, weekly coaching sessions

Tuition and Fees



Knowledge of computer networks and concepts of programming

Course Overview

You will learn the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack an organization. You will focus on hacking techniques and technologies from an offensive perspective. This advanced security program is regularly updated to reflect the latest developments in the domain, including new hacking techniques, exploits, automated programs as well as defensive recommendations as outlined by experts in the field. The CEH body of knowledge represents detailed contributions from security experts, academicians, industry practitioners and the security community at large.

This program is being offered as a 12-week self-paced course with weekly coaching sessions. The course consists of the following:

Module 1: Introduction to Ethical Hacking
Cover the fundamentals of key issues in the information security world, including the basics of ethical hacking, information security controls, relevant laws, and standard procedures.

Module 2: Footprinting and Reconnaissance
Learn how to use the latest techniques and tools to perform footprinting and reconnaissance, a critical pre-attack phase of the ethical hacking process.

Module 3: Scanning Networks Learn different network scanning techniques and countermeasures.

Module 4: Enumeration
Learn various enumeration techniques, such as Border Gateway Protocol (BGP) and Network File Sharing (NFS) exploits, and associated countermeasures.

Module 5: Vulnerability Analysis
Learn how to identify security loopholes in a target organization’s network, communication infrastructure, and end systems.

Module 6: System Hacking
Learn about the various system hacking methodologies—including steganography, steganalysis attacks, and covering tracks—used to discover system and network vulnerabilities.

Module 7: Malware Threats
Get an introduction to the different types of malware, such as Trojans, viruses, and worms, as well as system auditing for malware attacks, malware analysis, and countermeasures.

Module 8: Sniffing
Learn about packet-sniffing techniques and how to use them to discover network vulnerabilities, as well as countermeasures to defend against sniffing attacks.

Module 9: Social Engineering
Learn social engineering concepts and techniques, including how to identify theft attempts, audit human-level vulnerabilities, and suggest social engineering countermeasures.

Module 10: Denial-of-Service
Learn about different Denial of Service (DoS) and Distributed DoS (DDoS) attack techniques, as well as the tools used to audit a target and devise DoS and DDoS countermeasures and protections.

Module 11: Session Hijacking
Understand the various session hijacking techniques used to discover network-level session management, authentication, authorization, and cryptographic weaknesses and associated countermeasures.

Module 12: Evading IDS, Firewalls, and Honeypots
Get introduced to firewall, intrusion detection system, and honeypot evasion techniques; the tools used to audit a network perimeter for weaknesses; and countermeasures.

Module 13: Hacking Web Servers
Learn about web server attacks, including a comprehensive attack methodology used to audit vulnerabilities in web server infrastructures and countermeasures.

Module 14: Hacking Web Applications
Learn about web application attacks, including a comprehensive web application hacking methodology used to audit vulnerabilities in web applications and countermeasures.

Module 15: SQL Injection
Learn about SQL injection attack techniques, injection detection tools, and countermeasures to detect and defend against SQL injection attempts.

Module 16: Hacking Wireless Networks
Learn about wireless encryption, wireless hacking methodologies and tools, and Wi-Fi security tools.

Module 17: Hacking Mobile Platforms
Learn about mobile platform attack vectors, Android vulnerability exploits, and mobile security guidelines and tools.

Module 18: IoT and OT Hacking
Learn how to secure and defend Internet of Things (IoT) and operational technology (OT) devices and possible threats to IoT and OT platforms.

Module 19: Cloud Computing
Learn different cloud computing concepts, such as container technologies and serverless computing, various cloud-based threats and attacks, and cloud security techniques and tools.

Module 20: Cryptography
In the final module, learn about cryptography and ciphers, public-key infrastructure, cryptography attacks, and cryptanalysis tools.
The Certified Lead Ethical Hacker exam comprises of two parts: practical exam and report writing. The practical exam requires the candidate to compromise at least two target machines through penetration testing. The process should be documented in a written report. The Certified Lead Ethical Hacker exam is an open-book exam. Candidates are allowed to use training course materials and personal notes during the examination process. The “ Certified Lead Ethical Hacker” exam meets all the requirements of the  Examination and Certification Program (ECP). It covers the following competency domains:

Domain 1: Information gathering tools and techniques
Domain 2: Threat modelling and vulnerability identification
Domain 3: Exploitation techniques
Domain 4: Privilege escalation
Domain 5: Pivoting and file transfers
Domain 6: Reporting
Upon successful completion of the course, you will be awarded with a Certificate of Completion from Lassonde School of Engineering and a CEH Certification (optional) from EC-Council.

How to Receive Certified Ethical Hacker (CEH) Certification?
You must successfully complete the CEH examination, which is a 4-hour exam with 125 multiple choice questions. This knowledge-based exam will test your skills in Information Security Threats and Attack Vectors, Attack Detection, Attack Prevention, Procedures, Methodologies and more! The exam fees are included in the course tuition fees.

The training material for CEH was perfect! It had an abundance of knowledge and I was delighted to learn multiple practices to find and exploit multiple vulnerabilities within a system

—Seth Henry, Systems Engineer

More about EC-Council

The International Council of Electronic Commerce Consultants (EC-Council) is an American organization that offers cybersecurity certification, education, training, and services in various cybersecurity skills. EC-Council is headquartered in Albuquerque, New Mexico, and has certified over 237,000 professionals from 145 countries.

As the impact of security incidents in small and large organizations has increased significantly, so has the demand for ethical hacking. Ethical hacking is one of the most effective tools of safeguarding assets and protecting people and information. Ethical hacking certification is slowly becoming a standard requirement for professionals who want to work in the field of information security. 


Program Lead

Michael Lusignan, LinkedIn

Michael Lusignan is a Program Lead with Lassonde Professional Development at the Lassonde School of Engineering, York University. He has over 15 years of experience in the financial services industry and an extensive background in digitization and technology transformation initiatives.   He is a Chartered Professional Accountant and a member of CPA Ontario.  Michael has an Honours degree in finance from the Schulich School of Business at York University, and is currently completing a Master’s degree at York’s Osgoode Hall Law School.   Michael also serves as a Board member on The BlockchainHub, a York University innovation hub for blockchain education, research, and commercialization.