Table of Contents
CEH Certified Ethical Hacker Cert Guide, 5th Edition by Michael Gregg and Omar Santos
See: CEH Certified Ethical Hacker Cert Guide, 5th Edition by Michael Gregg and Omar Santos
Return to X Security, Security, DevOps Security - Security SRE - CI/CD Security, Cloud Native Security - Microservices Security - Serverless Security, DevSecOps, Parallel Programming and Security, Concurrency and Security, Database Security, Data Science Security, Machine Learning Security, Cybersecurity Bibliography, Cybersecurity Courses, Cybersecurity Glossary, Awesome Cybersecurity, Cybersecurity GitHub, Cybersecurity Topics
Fair Use Source: B09M86B259 (CEHsntos 2022)
Book Summary
How This Book Is Organized
Although this book could be read cover to cover, it is designed to be flexible and allow you to easily move between chapters and sections of chapters to cover the material that you need more work with. Chapter 1, “An Introduction to Ethical Hacking,” provides an overview of ethical hacking and reviews some basics. Chapters 2 through 11 are the core chapters. If you do intend to read them all, the order in the book is an excellent sequence to use.
The core chapters, Chapters 2 through 11, cover the following topics:
Chapter 2, “The Technical Foundations of Hacking”: This chapter discusses basic techniques that every security professional should know. This chapter reviews TCP/IP and essential network knowledge.
Chapter 3, “Footprinting, Reconnaissance, and Scanning”: This chapter discusses the basic ideas behind target selection and footprinting. The chapter reviews what type of information should be researched during footprinting and how passive footprinting and active footprinting and scanning tools should be used.
Chapter 4, “Enumeration and System Hacking”: This chapter covers enumeration, a final chance to uncover more detailed information about a target before system hacking. System hacking introduces the first step at which the hacker is actually exploiting a vulnerability in systems.
Chapter 5, “Social Engineering, Malware Threats, and Vulnerability Analysis”: This chapter examines social engineering, all types of malware, including Trojans, worms, viruses, how malware is analyzed, and how vulnerabilities are tracked and mitigated.
Chapter 6, “Sniffers, Session Hijacking, and Denial of Service”: This chapter covers sniffing tools, such as Wireshark. The chapter examines the difference in passive sniffing and active sniffing. It also reviews session hijacking and DoS, DDoS, and botnet techniques.
Chapter 7, “Web Server Hacking, Web Applications, and Database Attacks”: This chapter covers the basics of web server hacking, different web application attacks, and how SQL injection works.
Chapter 8, “Wireless Technologies, Mobile Security, and Attacks”: This chapter examines the underlying technology of wireless technologies, mobile devices, Android, iOS, and Bluetooth.
Chapter 9, “Evading IDS, Firewalls, and Honeypots”: This chapter discusses how attackers bypass intrusion detection systems and firewalls. This chapter also reviews honeypots and honeynets and how they are used to jail attackers.
Chapter 10, “Cryptographic Attacks and Cryptographic Defenses”: This chapter covers the fundamentals of attacking cryptographic systems and how tools such as encryption can be used to protect critical assets.
Chapter 11, “Cloud Computing, IoT, and Botnets”: This chapter covers the fundamentals of cloud computing and reviews common cloud modeling types. The chapter reviews common cloud security issues and examines penetration testing concerns. This chapter also covers the principles of IoT security and associated IoT threats. The chapter also examines botnets and how they are used, detected, and dealt with.
This book is not designed to be a general security book or one that teaches network defenses. This book looks specifically at how attackers target networks, what tools attackers use, and how these techniques can be used by ethical hackers. Overall, this book is written with one goal in mind: to help you pass the exam.
Why should you want to pass the CEH exam? Because it’s one of the leading entry-level ethical hacking certifications. It is also featured as part of DoD Directive 8140, and having the certification might mean a raise, a promotion, or other recognition. It’s also a chance to enhance your résumé and to demonstrate that you are serious about continuing the learning process and that you’re not content to rest on your laurels. Or one of many other reasons.
About the Authors
Michael Gregg (CISSP, SSCP, CISA, MCSE, MCT, CTT+, A+, N+, Security+, CCNA, CASP, CISA, CISM, CEH, CHFI, and GSEC) directs the cybersecurity operations for a multinational organization that operates facilities worldwide. As the CISO, Michael is responsible for securing the organization’s assets on a global scale. Michael is responsible for developing cost-effective and innovative technology solutions for security issues and for evaluating emerging technologies.
He has more than 20 years of experience in the IT field and holds two associate’s degrees, a bachelor’s degree, and a master’s degree. In addition to coauthoring the first, second, and third editions of Security Administrator Street Smarts, Michael has written or coauthored more than 20 other books.
Michael has testified before a U.S. congressional committee, has been quoted in newspapers such as the New York Times, and was featured on various television and radio shows, including NPR, ABC, CBS, Fox News, and others, discussing cybersecurity and ethical hacking. He has created more than a dozen IT security training classes. He has created and performed video instruction on many security topics, such as cybersecurity, CISSP, CISA, Security+, and others.
When not working, speaking at security events, or writing, Michael enjoys 1960s muscle cars and has a slot in his garage for a new project car.
Omar Santos is an active member of the cybersecurity community. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of their critical infrastructure. Omar is the lead of the DEF CON Red Team Village, the chair of the OASIS Common Security Advisory Framework (CSAF), and has been the leader of several working groups in the Industry Consortium for Advancement of Security on the Internet (ICASI) and the Forum of Incident Response and Security Teams (FIRST).
Omar is the author of more than 20 books and video courses and numerous white papers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities. Omar has been quoted by numerous media outlets, such as The Register, Wired, ZDNet, ThreatPost, CyberScoop, TechCrunch, Fortune, Ars Technica, and more. Additional information about Omar can be obtained from h4cker.org and omarsantos.io. You can follow Omar on Twitter at @santosomar.
About the Technical Reviewer
Trevor Chandler, CISSP No. 458840, has been a faculty member in higher education for more than 34 years. Trevor also has worked as a system administrator on UNIX (AIX, HP-UX, SunOS) and Linux (Red Hat) systems. As an educator, Trevor delivers courses primarily in multiple levels of Linux system administration, Cisco networking (CCNA/CCNP), and information systems security. Trevor achieved EC-Council’s Certified Ethical Hacker (CEH) certification in 2017.
Product Details
- Publication date: April 7, 2022
- Paperback: 752 pages
- Time to Complete: 19h 37m
Research More
Security - Pentesting
Linux
Cloud
JVM - Java-Kotlin-Scala-Clojure - Android - Spring Boot
C# .NET
JavaScript - React / TypeScript Angular
Tutorials
Support
Fair Use Sources
Cybersecurity: DevSecOps - Security Automation, Cloud Security - Cloud Native Security (AWS Security - Azure Security - GCP Security - IBM Cloud Security - Oracle Cloud Security, Container Security, Docker Security, Podman Security, Kubernetes Security, Google Anthos Security, Red Hat OpenShift Security); Identity and Access Management (IAM), OS Security, Java Security, Security, (Mobile Security: Android Security - Kotlin Security - Java Security, iOS Security - Swift Security; Windows Security - Windows Server Security, Linux Security (Ubuntu Security, Debian Security, RHEL Security, Fedora Security), UNIX Security (FreeBSD Security), IBM z Mainframe Security, Passwords, Linux Passwords, Windows Passwords), Passkeys, Hacking (Ethical Hacking, White Hat, Black Hat, Grey Hat), Pentesting (Red Team - Blue Team - Purple Team), Cybersecurity Certifications (CEH, GIAC, CISM, CompTIA Security Plus, CISSP), Mitre Framework, Common Vulnerabilities and Exposures (CVE), Cybersecurity Bibliography, Cybersecurity Courses, Firewalls, Cybersecurity CI/CD, Functional Programming and Cybersecurity, Cybersecurity and Concurrency, Cybersecurity and Data Science - Cybersecurity and Databases, Cybersecurity and Machine Learning, Cybersecurity Glossary (RFC 4949 Internet Security Glossary), Awesome Cybersecurity, Cybersecurity GitHub, Cybersecurity Topics (navbar_security - see also navbar_aws_security, navbar_azure_security, navbar_gcp_security, navbar_k8s_security, navbar_docker_security, navbar_podman_security, navbar_mainframe_security, navbar_ibm_cloud_security, navbar_oracle_cloud_security, navbar_database_security, navbar_windows_security, navbar_linux_security, navbar_macos_security, navbar_android_security, navbar_ios_security, navbar_os_security, navbar_firewalls, navbar_encryption, navbar_passwords, navbar_iam, navbar_pentesting, navbar_privacy)
© 1994 - 2024 Cloud Monk Losang Jinpa or Fair Use. Disclaimers
SYI LU SENG E MU CHYWE YE. NAN. WEI LA YE. WEI LA YE. SA WA HE.