https://DevOpsCloud.io -- Cloud Monk Losang Jinpa

Return to CEH Certified Ethical Hacker Cert Guide, Security, DevOps Security - Security SRE - CI/CD Security, Cloud Native Security - Microservices Security - Serverless Security, DevSecOps, Parallel Programming and Security, Concurrency and Security, Database Security, Data Science Security, Machine Learning Security, Cybersecurity Bibliography, Cybersecurity Courses, Cybersecurity Glossary, Awesome Cybersecurity, Cybersecurity GitHub, Cybersecurity Topics

Fair Use Source: B09M86B259 (CEHsntos 2022)

“ (CEHsntos 2022)

Introduction

“The EC-Council Certified Ethical Hacker (CEH) exam is one of the leading ethical hacking certification and cybersecurity certifications available today. CEH is recognized by the industry as providing candidates with a solid foundation of hands-on security testing skills and knowledge. The CEH exam covers a broad range of security concepts to prepare candidates for the technologies that they are likely to be working with if they move into a role that requires hands-on security testing.” (CEHsntos 2022)

Let’s talk some about what this book is. It offers you the information you need to know to pass the CEH exam. It’s highly recommended that you spend time with the tools and software discussed in the book. You should also complete a number of practice tests to become more comfortable with the types of questions you will see on the exam and get used to completing 125 questions in four hours. Depending on your personal study habits or learning style, you might benefit from buying this book and taking a class.

Note

After completing the CEH exam, candidates may elect to attempt the CEH Practical exam. Individuals who possess the CEH credential will be able to sit for the CEH Practical exam. This exam will test their limits in unearthing vulnerabilities across major operating systems, databases, and networks. The CEH Practical exam is a six-hour, hands-on exam that requires you to demonstrate the application of ethical hacking techniques, such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, and web app hacking.

Cert Guides are meticulously crafted to give you the best possible learning experience for the particular characteristics of the technology covered and the actual certification exam. The instructional design implemented in the Cert Guides reflects the nature of the CEH certification exam. The Cert Guides provide you with the factual knowledge base you need for the exams, and then take it to the next level with exercises and exam questions that require you to engage in the analytic thinking needed to pass the CEH exam.

EC-Council recommends that typical candidates for this exam have a minimum of two years of experience in IT security. In addition, EC-Council recommends that candidates have preexisting knowledge of networking, TCP/IP, and basic computer knowledge.

Now, let’s briefly discuss what this book is not. It is not a book designed to teach you advanced hacking techniques or the latest hack. This book’s goal is to prepare you for the CEH 312-50 exam, and it is targeted to those with some networking, OS, and systems knowledge. It provides basics to get you started in the world of ethical hacking and prepare you for the exam. Those wanting to become experts in this field should be prepared for additional reading, training, and practical experience.

How to Use This Book

This book uses several key methodologies to help you discover the exam topics on which you need more review, to help you fully understand and remember those details, and to help you prove to yourself that you have retained your knowledge of those topics. Therefore, this book does not try to help you pass the exams only by memorization; instead, it is designed to help you truly learn and understand the topics.

The book includes many features that provide different ways to study so you can be ready for the exam. If you understand a topic when you read it but do not study it any further, you probably will not be ready to pass the exam with confidence. The features included in this book give you tools that help you determine what you know, review what you know, better learn what you don’t know, and be well prepared for the exam. These tools include the following:

“Do I Know This Already?” Quizzes: Each chapter begins with a quiz that helps you determine the amount of time you need to spend studying that chapter. The answers are provided in Appendix A, “Answers to the ‘Do I Know This Already?’ Quizzes and Review Questions.”

Foundation Topics: These are the core sections of each chapter. They explain the tools and hacking concepts, and explain the configuration of both for the topics in that chapter.

Exam Preparation Tasks: This section lists a series of study activities that you should complete after reading the “Foundation Topics” section. Each chapter includes the activities that make the most sense for studying the topics in that chapter. The activities include the following:

Review All Key Topics: The Key Topic icon appears next to the most important items in the “Foundation Topics” section of the chapter. The Review All Key Topics activity lists the key topics from the chapter and their page numbers. Although the contents of the entire chapter could be on the exam, you should definitely know the information listed in each key topic. Review these topics carefully.

Define Key Terms: Although certification exams might be unlikely to ask a question such as “Define this term,” the CEH 312-50 exam requires you to learn and know a lot of tools and how they are used. This section lists some of the most important terms from the chapter, asking you to write a short definition and compare your answer to the Glossary.

Exercises: One or more sample exercises at the end of many chapters list a series of tasks for you to practice, which apply the lessons from the chapter in a real-world setting.

Review Questions: Each chapter includes review questions to help you confirm that you understand the content you just covered. The answers are provided in Appendix A, “Answers to the ‘Do I Know This Already?’ Quizzes and Review Questions.”” (CEHsntos 2022)

How This Book Is Organized

Although this book could be read cover to cover, it is designed to be flexible and allow you to easily move between chapters and sections of chapters to cover the material that you need more work with. Chapter 1, “An Introduction to Ethical Hacking,” provides an overview of ethical hacking and reviews some basics. Chapters 2 through 11 are the core chapters. If you do intend to read them all, the order in the book is an excellent sequence to use.

The core chapters, Chapters 2 through 11, cover the following topics:

Chapter 2, “The Technical Foundations of Hacking”: This chapter discusses basic techniques that every security professional should know. This chapter reviews TCP/IP and essential network knowledge.

Chapter 3, “Footprinting, Reconnaissance, and Scanning”: This chapter discusses the basic ideas behind target selection and footprinting. The chapter reviews what type of information should be researched during footprinting and how passive footprinting and active footprinting and scanning tools should be used.

Chapter 4, “Enumeration and System Hacking”: This chapter covers enumeration, a final chance to uncover more detailed information about a target before system hacking. System hacking introduces the first step at which the hacker is actually exploiting a vulnerability in systems.

Chapter 5, “Social Engineering, Malware Threats, and Vulnerability Analysis”: This chapter examines social engineering, all types of malware, including Trojans, worms, viruses, how malware is analyzed, and how vulnerabilities are tracked and mitigated.

Chapter 6, “Sniffers, Session Hijacking, and Denial of Service”: This chapter covers sniffing tools, such as Wireshark. The chapter examines the difference in passive sniffing and active sniffing. It also reviews session hijacking and DoS, DDoS, and botnet techniques.

Chapter 7, “Web Server Hacking, Web Applications, and Database Attacks”: This chapter covers the basics of web server hacking, different web application attacks, and how SQL injection works.

Chapter 8, “Wireless Technologies, Mobile Security, and Attacks”: This chapter examines the underlying technology of wireless technologies, mobile devices, Android, iOS, and Bluetooth.

Chapter 9, “Evading IDS, Firewalls, and Honeypots”: This chapter discusses how attackers bypass intrusion detection systems and firewalls. This chapter also reviews honeypots and honeynets and how they are used to jail attackers.

Chapter 10, “Cryptographic Attacks and Cryptographic Defenses”: This chapter covers the fundamentals of attacking cryptographic systems and how tools such as encryption can be used to protect critical assets.

Chapter 11, “Cloud Computing, IoT, and Botnets”: This chapter covers the fundamentals of cloud computing and reviews common cloud modeling types. The chapter reviews common cloud security issues and examines penetration testing concerns. This chapter also covers the principles of IoT security and associated IoT threats. The chapter also examines botnets and how they are used, detected, and dealt with.

Who Should Read This Book?

This book is not designed to be a general security book or one that teaches network defenses. This book looks specifically at how attackers target networks, what tools attackers use, and how these techniques can be used by ethical hackers. Overall, this book is written with one goal in mind: to help you pass the exam.

Why should you want to pass the CEH exam? Because it’s one of the leading entry-level ethical hacking certifications. It is also featured as part of DoD Directive 8140, and having the certification might mean a raise, a promotion, or other recognition. It’s also a chance to enhance your résumé and to demonstrate that you are serious about continuing the learning process and that you’re not content to rest on your laurels. Or one of many other reasons.

Fair Use Sources:

• CEH Certified Ethical Hacker Cert Guide on DuckDuckGo
• B09M86B259 (CEHsntos 2022)