[PDF] CEH: Certified Ethical Hacker Study Guide

View - Download CEH: Certified Ethical Hacker Study Guide

Previous PDF

Next PDF

Certifi edEthical Hacker

STUDY GUIDE

Kimberly Graves

Covers all Exam Objectives for CEHv6

CEH Includes Real-World Scenarios, Hands-On Exercises, and

Leading-Edge Exam Prep Software Featuring:

• Custom Test Engine • Hundreds of Sample Questions • Electronic Flashcards • Entire Book in PDFSERIOUS SKILLS.

Exam 312-50

Exam EC0-350

STUDY GUIDE

Graves

Exam 312-50

Exam EC0-350Learn how to identify security risks to networks and computers as you prepare for the Certifi ed Ethical Hacker version 6 (CEHv6) exam. This in-depth guide thoroughly covers all exam objectives and topics, while showing you how Black Hat hackers think, helping you spot vulnerabilities in systems, and preparing you to beat the bad guys at their own game. Inside, you'll fi nd:

Full coverage of all exam objectives

in a systematic approach, so you can be confi dent you"re getting the instruction you need for the exam

Practical hands-on exer

cises to reinforce critical skills

Real-world scenarios

that put what you"ve learned in the context of actual job roles

Challenging review questions

in each chapter to pr epare you for exam day Exam Essentials, a key feature in each chapter that identifi es critical areas you must become profi cient in before taking the exam

A handy tear card

that maps every offi cial exam objective to the corre- sponding chapter in the book, so you can tr ack your exam prep objective by objective

Kimberly Graves,

CEH, CWSP, CWNP, CWNA, has over 15 years of IT

experience. She is founder of Techsource Network Solutions, a network and security consulting organization located in the Washington, DC area. She has served as subject matter expert for several certifi cation programs - including the Certifi ed Wireless Network Professional (CWNP) and Intel Certifi ed Network Engineer programs - and has developed course materials for the Department of Veteran Affairs, USAF, and the NSA.

Prepare for CEH certifi cation

with this comprehensive guideSYBEX TEST ENGINE

Test your knowledge with advanced

testing software. Includes all chapter review questions and practice exams.

ELECTRONIC FLASHCARDS

Reinforce your understanding with

electronic fl ashcards.

Also on the CD, you"ll fi nd the entire

book in searchable and printable

PDF. Study anywhere, any time, and

approach the exam with confi dence.

FEATURED ON THE CD

$49.99 US $59.99 CN

CATEGORY

COMPUTERS/Certifi cation Guides

ABOUT THE AUTHOR

ISBN 978-0-470-52520-3

Look inside for complete coverage

of all exam objectives.www.sybex.com spine=.864" CEH

Certifi ed Ethical Hacker

CEH: Certied Ethical Hacker Study Guide

CEH (312-50) Objectives

ObjectiveChapter

Ethics and Legality

Understand ethical hacking terminology1

Define the job role of an ethical hacker1

Understand the different phases involved in ethical hacking1

Identify different types of hacking technologies1

List the 5 stages of ethical hacking1

What is hacktivism?1

List different types of hacker classes1

Define the skills required to become an ethical hacker1

What is vulnerability research?1

Describe the ways of conducting ethical hacking1

Understand the legal implications of hacking1

Understand 18 U.S.C. § 1030 US Federal Law1

Footprinting

Define the term footprinting2

Describe information gathering methodology2

Describe competitive intelligence2

Understand DNS enumeration2

Understand Whois, ARIN lookup2

Identify different types of DNS records2

Understand how traceroute is used in footprinting2

Understand how email tracking works2

Understand how web spiders work2

Scanning

Define the terms port scanning, network scanning, and vulnerability scanning3

Understand the CEH scanning methodology3

Understand Ping Sweep techniques3

Understand nmap command switches3

Understand SYN, Stealth, XMAS, NULL, IDLE, and FIN scans3

List TCP communication flag types3

Understand war dialing techniques3

Understand banner grabbing and OF fingerprinting techniques3 Understand how proxy servers are used in launching an attack3

How do anonymizers work?3

Understand HTTP tunneling techniques3

Understand IP spoofing techniques3

525203bperfcard.indd 13/17/10 6:16:01 PM

Exam specications and content are subject to change at any time without prior notice and at the EC-Councilís sole discretion. Please visit EC-Councilís website () for the most current information on their exam content.

ObjectiveChapter

Enumeration

What is enumeration?3

What is meant by null sessions?3

What is SNMP enumeration?3

What are the steps involved in performing enumeration?3

System Hacking

Understanding password cracking techniques4

Understanding different types of passwords4

Identifying various password cracking tools4

Understand escalating privileges4

Understanding keyloggers and other spyware technologies4

Understand how to hide files4

Understanding rootkits4

Understand steganography technologies4

Understand how to cover your tracks and erase evidence4

Trojans and Backdoors

What is a Trojan?5

What is meant by overt and covert channels?5

List the different types of Trojans5

What are the indications of a Trojan attack?5

Understand how "Netcat" Trojan works5

What is meant by "wrapping"?5

How do reverse connecting Trojans work?5

What are the countermeasure techniques in preventing Trojans?5

Understand Trojan evading techniques5

Sniffers

Understand the protocol susceptible to sniffing6

Understand active and passive sniffing6

Understand ARP poisoning6

Understand Ethereal capture and display filters6

Understand MAC flooding6

Understand DNS spoofing techniques6

Describe sniffing countermeasures6

Denial of Service

Understand the types of DoS Attacks7

Understand how DDoS attack works7

Understand how BOTs/BOTNETs work7

What is a "Smurf" attack?7

What is "SYN" flooding?7

Describe the DoS/DDoS countermeasures7

525203bperfcard.indd 23/17/10 6:16:02 PM

ObjectiveChapter

Social Engineering

What is social engineering?2

What are the common types of attacks?2

Understand dumpster diving2

Understand reverse social engineering2

Understand insider attacks2

Understand identity theft2

Describe phishing attacks2

Understand online scams2

Understand URL obfuscation2

Social engineering countermeasures2

Session Hijacking

Understand spoofing vs. hijacking7

List the types of session hijacking7

Understand sequence prediction7

What are the steps in performing session hijacking?7

Describe how you would prevent session hijacking7

Hacking Web Servers

List the types of web server vulnerabilities8

Understand the attacks against web servers8

Understand IIS Unicode exploits8

Understand patch management techniques8

Understand Web Application Scanner8

What is the Metasploit Framework?8

Describe web server hardening methods8

Web Application Vulnerabilities

Understanding how a web application works8

Objectives of web application hacking8

Anatomy of an attack8

Web application threats8

Understand Google hacking8

Understand web application countermeasures8

Web-Based Password Cracking Techniques

List the authentication types8

What is a password cracker?8

How does a password cracker work?8

Understand password attacks ñ classification8

Understand password cracking countermeasures8

SQL Injection

What is SQL injection?9

Understand the steps to conduct SQL injection9

Understand SQL Server vulnerabilities9

Describe SQL injection countermeasures9

525203bperfcard.indd 33/17/10 6:16:02 PM

Exam specications and content are subject to change at any time without prior notice and at the EC-Councilís sole discretion. Please visit EC-Councilís website () for the most current information on their exam content.

ObjectiveChapter

Wireless Hacking

Overview of WEP, WPA authentication systems, and cracking techniques10 Overview of wireless sniffers and SSID, MAC spoofing10

Understand rogue access points10

Understand wireless hacking techniques10

Describe the methods of securing wireless networks10

Virus and Worms

Understand the difference between a virus and a worm5

Understand the types of viruses5

How a virus spreads and infects the system5

Understand antivirus evasion techniques5

Understand virus detection methods5

Physical Security

Physical security breach incidents11

Understanding physical security11

What is the need for physical security?11

Who is accountable for physical security?11

Factors affecting physical security11

Linux Hacking

Understand how to compile a Linux kernel12

Understand GCC compilation commands12

Understand how to install LKM modules12

Understand Linux hardening methods12

Evading IDS, Honeypots, and Firewalls

List the types of intrusion detection systems and evasion techniques13

List firewall and honeypot evasion techniques13

Buffer Overfiows

Overview of stack-based buffer overflows9

Identify the different types of buffer overflows and methods of detection9

Overview of buffer overflow mutation techniques9

Cryptography

Overview of cryptography and encryption techniques14 Describe how public and private keys are generated14 Overview of MD5, SHA, RC4, RC5, Blowfish algorithms14

Penetration Testing Methodologies

Overview of penetration testing methodologies15

List the penetration testing steps15

Overview of the pen-test legal framework15

Overview of the pen-test deliverables15

List the automated penetration testing tools15

525203bperfcard.indd 43/17/10 6:16:02 PM

CEH

Certified Ethical Hacker

Study Guide

525203ffirs.indd 13/18/10 6:47:27 AM

525203ffirs.indd 23/18/10 6:47:28 AM

CEH

Certified Ethical Hacker

Study Guide

Kimberly Graves

525203ffirs.indd 33/18/10 6:47:32 AM

Acquisitions Editor: Jeff Kellum

Development Editor: Pete Gaughan

Technical Editors: Keith Parsons, Chris Carson

Production Editor: Angela Smith

Copy Editor: Liz Welch

Editorial Manager: Pete Gaughan

Production Manager: Tim Tate

Vice President and Executive Group Publisher: Richard Swadley

Vice President and Publisher: Neil Edde

Media Project Manager 1: Laura Moss-Hollister

Media Associate Producer: Josh Frank

Media Quality Assurance: Shawn Patrick

Book Designers: Judy Fung and Bill Gibson

Compositor: Craig Johnson, Happenstance Type-O-Rama

Proofreader: Publication Services, Inc.

quotesdbs_dbs22.pdfusesText_28

[PDF] l éthique des hackers

[PDF] ghost in the wires my adventures as the worlds most wanted hacker

[PDF] the hacker playbook 2 pdf

[PDF] rtfm: red team field manual pdf

[PDF] cours piratage informatique pdf

[PDF] texas houston

[PDF] texas inondations

[PDF] harvey houston

[PDF] texas tempete

[PDF] 150 dialogues en français pdf

[PDF] harvey tempete

[PDF] texas carte

[PDF] calendrier udem 2017-2018

[PDF] rentrée udem automne 2017

[PDF] calendrier udem 2016-2017