Nmap Training

IEHF Certified Nmap (Network Mapper) Expert

Course Structure
Entery Requirements

Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon (also known by his pseudonym Fyodor Vaskovich) used to discover Host and services on a computer network, thus creating a "map" of the network. To accomplish its goal, Nmap sends specially crafted packets to the target host and then analyzes the responses.

Unlike many simple port scanners that just send packets at a predefined constant rate, Nmap accounts for the network conditions (latency fluctuations, network congestion, the target's interference with the scan) during the run. Also, owing to the large and active user community providing feedback and contributing to its features, Nmap has been able to extend its discovery capabilities beyond simply figuring out whether a host is up or down and which ports are open and closed; it can determine the operating system of the target, names and versions of the listening services, estimated uptime, type of device, and presence of a firewall.

Nmap runs on Linux, Microsoft Windows, Solaris, HP-UX and BSD variants (including Mac OS X), and also on AmigaOS and SGI IRIX. Linux is the most popular Nmap platform with Windows following it closely.

Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).

Nmap is: Flexible, Powerfull, Portable, Easy, Populat Scanning Tool among all other tools.

List of Modules

  • Module 01: Introduction to Nmap
  • Module 02: Obtaining, Compiling, Installing and Removing Nmap
  • Module 03: Host Discovery (Ping Scanning)
  • Module 04: Port Scanning
  • Module 05: Port Scanning Techniques and Algorithms
  • Module 06: Optimizing Nmap Performance
  • Module 07: Service and Application Version Detection
  • Module 08: Remote OS Detection
  • Module 09: Nmap Scripting Engine
  • Module 10: Detecting and Subverting Firewalls and Intrusion Detection System
  • Module 11: Defenses Against Nmap
  • Module 12: Zenmap GUI User's Guide
  • Module 13: Nmap Output Formats
  • Module 14: Understanding and Customizing Nmap Data Files


  • Security Officers
  • Auditors
  • Network Administrators
  • Firewall Administrators
  • Security Professionals
  • Penetration Testers
  • Anyone who is concerned about the integrity of the network infrastructure

Exam Info

  • Number of Questions: 100
  • Passing Score: 70%
  • Test Duration: 4 Hours
  • Test Format: Multiple Choice


  • 60 Hours / 2 Months

Course reviews
  1. 4.00 out of 5

    Milan Sen

    The instructor is well versed in the attack/scanning techniques and mitigation steps.