Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Certified Ethical Hacker (CEH) v12 312-50 Exam Guide
  • Table Of Contents Toc
  • Feedback & Rating feedback
Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

By : Dale Meredith
4.3 (3)
Buy this Book
close
close
Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

4.3 (3)
By: Dale Meredith
Buy this Book

Overview of this book

With cyber threats continually evolving, understanding the trends and using the tools deployed by attackers to determine vulnerabilities in your system can help secure your applications, networks, and devices. To outmatch attacks, developing an attacker's mindset is a necessary skill, which you can hone with the help of this cybersecurity book. This study guide takes a step-by-step approach to helping you cover all the exam objectives using plenty of examples and hands-on activities. You'll start by gaining insights into the different elements of InfoSec and a thorough understanding of ethical hacking terms and concepts. You'll then learn about various vectors, including network-based vectors, software-based vectors, mobile devices, wireless networks, and IoT devices. The book also explores attacks on emerging technologies such as the cloud, IoT, web apps, and servers and examines prominent tools and techniques used by hackers. Finally, you'll be ready to take mock tests, which will help you test your understanding of all the topics covered in the book. By the end of this book, you'll have obtained the information necessary to take the 312-50 exam and become a CEH v11 certified ethical hacker.
Table of Contents (23 chapters)
close
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Share Your Thoughts
1
Section 1: Where Every Hacker Starts
Section 1: Where Every Hacker Starts
Free Chapter
2
Chapter 1: Understanding Ethical Hacking
chevron up
Chapter 1: Understanding Ethical Hacking
The benefits of the CEH certification
Ethical hacking
What is information security?
Information security controls
Information security laws and standards
Summary
Questions
3
Chapter 2: Introduction to Reconnaissance
Chapter 2: Introduction to Reconnaissance
Overview of reconnaissance
Search engines
Google hacking
Using WHOIS
Using ping and DNS
Summary
Questions
4
Chapter 3: Reconnaissance – A Deeper Dive
Chapter 3: Reconnaissance – A Deeper Dive
Investigating the target's website
The Wayback Machine
What organizations give away for free
Employees – the weakest link
Reconnaissance countermeasures
Summary
Questions
5
Chapter 4: Scanning Networks
Chapter 4: Scanning Networks
Grasping scanning
Understanding the three-way handshake
Checking for live systems and their ports
Scanning by thinking outside the box
Banner grabbing and OS fingerprinting
Vulnerability scanning and drawing out the network
Preparing proxies and other anonymizing techniques
Summary
Questions
6
Chapter 5: Enumeration
Chapter 5: Enumeration
What is enumeration?
Ports and services to know about
Enumerating via defaults
NetBIOS enumeration
Enumerating using SNMP
Enumerating via LDAP
Network Time Protocol
Enumerating using SMTP
The golden ticket – DNS
Oh wait, there's more!
The countermeasures
Summary
Questions
7
Chapter 6: Vulnerability Analysis
Chapter 6: Vulnerability Analysis
Vulnerability analysis – where to start
Vulnerability classifications
The vulnerability life cycle
Ongoing scanning and monitoring
Summary
Questions
8
Chapter 7: System Hacking
Chapter 7: System Hacking
Understanding our objectives
Phase 1 – Gaining access and cracking passwords
Phase 2 – Escalating privileges
Phase 3 – Maintaining access and executing applications
Phase 4 – Maintaining access and hiding your tools
Phase 5 – Covering your tracks – Clearing logs and evidence
Summary
Questions
9
Chapter 8: Social Engineering
Chapter 8: Social Engineering
Understanding social engineering
Attack-vulnerable behaviors
What makes social engineering work?
Social engineering's attack phases
Social engineering methods
Threats from within
Threats to corporate networks from social media
Identity theft
Countermeasures
Summary
Questions
Further reading
10
Section 2: A Plethora of Attack Vectors
Section 2: A Plethora of Attack Vectors
11
Chapter 9: Malware and Other Digital Attacks
Chapter 9: Malware and Other Digital Attacks
So, what is malware?
What is a Trojan?
Viruses and worms
DoS threats
Session-hijacking threats
Master list of countermeasures
Summary
Questions
12
Chapter 10: Sniffing and Evading IDS, Firewalls, and Honeypots
Chapter 10: Sniffing and Evading IDS, Firewalls, and Honeypots
What is sniffing?
Types of sniffing
Hardware versus software sniffing
DHCP assaults
MAC attacks
ARP poisoning
DNS poisoning
Detecting sniffing methods
Evading IDS
Moving around firewalls
Honeypots
Summary
Questions
13
Chapter 11: Hacking Wireless Networks
Chapter 11: Hacking Wireless Networks
The wireless network and its types
The right encryption can help
A plethora of attack vectors
Methodology of wireless hacking
Hacking Bluetooth
The six layers of wire security
Countermeasures
Summary
Questions
14
Chapter 12: Hacking Mobile Platforms
Chapter 12: Hacking Mobile Platforms
Vulnerabilities in mobile environments
OWASP's Top 10 risks for mobile devices
Hacking Android
Hacking iOS
Mobile device management
Summary
Questions
15
Section 3: Cloud, Apps, and IoT Attacks
Section 3: Cloud, Apps, and IoT Attacks
16
Chapter 13: Hacking Web Servers and Web Apps
Chapter 13: Hacking Web Servers and Web Apps
Why web servers create security issues
Types of architecture
Threats to both servers and applications
The vulnerabilities of web APIs, web shells, and webhooks
Detecting web server hacking attempts
Summary
Questions
17
Chapter 14: Hacking IoT and OT
Chapter 14: Hacking IoT and OT
Understanding IoT
IoT hacking
Methods used for IoT
OT and methods used to hack it
Summary
Questions
18
Chapter 15: Cloud Computing
Chapter 15: Cloud Computing
Living on Cloud 9
Attacking the cloud
Tools and techniques of the attackers
Best practices for securing the cloud
Summary
Questions
19
Chapter 16: Using Cryptography
Chapter 16: Using Cryptography
Understanding cryptography
Standards and protocols
Countermeasures for cryptography
Summary
Questions
20
Chapter 17: CEH Exam Practice Questions
Chapter 17: CEH Exam Practice Questions
Exam questions
Answer key
21
Assessments
Assessments
Chapter 1 – Understanding Ethical Hacking
Chapter 2 – Introduction to Reconnaissance
Chapter 3 – Reconnaissance – a Deeper Dive
Chapter 4 – Scanning Networks
Chapter 5 – Enumeration
Chapter 6 – Vulnerability Analysis
Chapter 7 – System Hacking
Chapter 8 – Social Engineering
Chapter 9 – Malware and Other Digital Attacks
Chapter 10 – Sniffing and Evading IDS, Firewalls, and Honeypots
Chapter 11 – Hacking Wireless Networks
Chapter 12 – Hacking Mobile Platforms
Chapter 13 – Hacking Web Servers and Web Apps
Chapter 14 – Hacking IoT and OT
Chapter 15 – Cloud Computing
Chapter 16 – Using Cryptography
Why subscribe?
22
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Information security controls

"I don't even call it violence when it's self-defense. I call it intelligence," Malcolm X said.

These words capture the essence of information security controls – designed to help us protect networks.

Enter ethical hacking

So, what is the necessity of ethical hacking? Why do we need to do this? Well, we hear – almost daily – about how fast technology is moving. Because it's moving and growing so fast, it adds complexity. And because of rapid growth, and complexity, it creates issues for us.

So, with ethical hacking, we are going to try to accomplish the following:

  1. First of all, you need to review systems and infrastructure, such as hardware, copy machines, switches, and Wi-Fi access points.
  2. The next step is to test the current security, and you can do that via a pentest. After testing the current security, you will know how bad your system is, and by looking into that, you will be able to create solutions to cover the loopholes when it comes to the security of your system/computer.

    Pen Test

    A pen test is also known as a penetration test. It is a simulated cyberattack on your computer system to monitor for exploitable vulnerabilities.

  3. The next thing you need to do is retest the solutions to ensure that the created solutions are helpful.
  4. Now, when we're looking at this, we typically also need to be aware of both scope and limitation. The scope of ethical hacking is part of the risk assessment, auditing, as well as fraud. There are also best practices and a really good look at governance.

    Ethical Hacking

    Ethical hacking is commonly used as a penetration test to identify vulnerabilities and risk, identify the loopholes in a security system, and take corrective measures against those attacks.

The importance of ethical hacking

Ethical hacking is practiced to guard sensitive data from attackers. It works to protect your resources from attackers who want to exploit the vulnerability. Using ethical hacking, a company or organization can discover security vulnerabilities and risks.

Attackers keep themselves updated, figure out new mechanisms, and take advantage of new technologies to steal your data by gaining unauthorized access to your system/data.

In this scenario, you need somebody who can help to counteract these types of attacks, that is, an ethical hacker.

Ethical Hackers

They are security specialists who conduct these assessments. The proactive work that they do supports improving the security posture of an organization.

Understanding defense-in-depth strategies

Earlier on, we mentioned that information security controls work as self-defense or a safeguard for the cybersecurity of your computer. One of the baselines for securing your networks is using a defense-in-depth strategy (Figure 1.2). This means deploying different protections at different levels.

Layered protection

To understand the layer protection strategy, we'll take a look at banks and how bank robbers look at them. So, how does a skilled bank robber look at the bank they are planning to rob? They plan the robbery following these steps:

  1. First, they'll case the joint. In this step, they look at things such as the parking lot area to ensure successful entry and exit, marking where the doors are, how to access which section of the bank, and where the safe is.
  2. The robber then looks at the bank's security measures, such as CCTV cameras, the security alarm, security guards, and so on.
  3. Lastly, they go inside and interact with the bank staff. This presents them with the opportunity to familiarize themselves with the bank's processes and procedures.

Banks invest in the best security equipment and personnel, but we still read about robberies. Banks improve their security by putting in place various security measures. In our world, we call that layered protection. We come up with different security layers for separate components.

Figure 1.2 – A defense-in-depth strategy is designed to put "roadblocks" at each level to slow attackers

Figure 1.2 – A defense-in-depth strategy is designed to put "roadblocks" at each level to slow attackers

Layered protection is used in the protection of data that travels between various servers and components in the enterprise. Most organizations will deploy a corporate firewall in order to keep attackers out. The companies think that the firewall is good enough, but they let their application server talk to their database server without any security measures between them. While this approach is a good start, encrypting the data streaming between the two servers would be better in case an attacker penetrates the firewall. We can protect the resource by isolating the application server behind another firewall, effectively adding another layer to our defenses.

A single layer of protection can never adequately safeguard any company. Even if one door is closed, hackers will immediately locate another wide open, and they will exploit any weaknesses. On the other hand, you may fix the gaps in your security by using a variety of defenses simultaneously, such as firewalls, malware scanners, IDSes, data encryption, and integrity auditing solutions.

Important Note

We can't stop attackers. Our job is to slow them down or at least discourage them.

End of Section 5
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY