Book Image

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

By : Dale Meredith

Book Image

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

By: Dale Meredith

Overview of this book

With cyber threats continually evolving, understanding the trends and using the tools deployed by attackers to determine vulnerabilities in your system can help secure your applications, networks, and devices. To outmatch attacks, developing an attacker's mindset is a necessary skill, which you can hone with the help of this cybersecurity book. This study guide takes a step-by-step approach to helping you cover all the exam objectives using plenty of examples and hands-on activities. You'll start by gaining insights into the different elements of InfoSec and a thorough understanding of ethical hacking terms and concepts. You'll then learn about various vectors, including network-based vectors, software-based vectors, mobile devices, wireless networks, and IoT devices. The book also explores attacks on emerging technologies such as the cloud, IoT, web apps, and servers and examines prominent tools and techniques used by hackers. Finally, you'll be ready to take mock tests, which will help you test your understanding of all the topics covered in the book. By the end of this book, you'll have obtained the information necessary to take the 312-50 exam and become a CEH v11 certified ethical hacker.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Share Your Thoughts

Section 1: Where Every Hacker Starts

Section 1: Where Every Hacker Starts

Free Chapter

Chapter 1: Understanding Ethical Hacking

Chapter 1: Understanding Ethical Hacking

The benefits of the CEH certification

Ethical hacking

What is information security?

Information security controls

Information security laws and standards

Chapter 2: Introduction to Reconnaissance

Chapter 2: Introduction to Reconnaissance

Overview of reconnaissance

Using ping and DNS

Chapter 3: Reconnaissance – A Deeper Dive

Chapter 3: Reconnaissance – A Deeper Dive

Investigating the target's website

The Wayback Machine

What organizations give away for free

Employees – the weakest link

Reconnaissance countermeasures

Chapter 4: Scanning Networks

Chapter 4: Scanning Networks

Grasping scanning

Understanding the three-way handshake

Checking for live systems and their ports

Scanning by thinking outside the box

Banner grabbing and OS fingerprinting

Vulnerability scanning and drawing out the network

Preparing proxies and other anonymizing techniques

Chapter 5: Enumeration

Chapter 5: Enumeration

What is enumeration?

Ports and services to know about

Enumerating via defaults

NetBIOS enumeration

Enumerating using SNMP

Enumerating via LDAP

Network Time Protocol

Enumerating using SMTP

The golden ticket – DNS

Oh wait, there's more!

The countermeasures

Chapter 6: Vulnerability Analysis

Chapter 6: Vulnerability Analysis

Vulnerability analysis – where to start

Vulnerability classifications

The vulnerability life cycle

Ongoing scanning and monitoring

Chapter 7: System Hacking

Chapter 7: System Hacking

Understanding our objectives

Phase 1 – Gaining access and cracking passwords

Phase 2 – Escalating privileges

Phase 3 – Maintaining access and executing applications

Phase 4 – Maintaining access and hiding your tools

Phase 5 – Covering your tracks – Clearing logs and evidence

Chapter 8: Social Engineering

Chapter 8: Social Engineering

Understanding social engineering

Attack-vulnerable behaviors

What makes social engineering work?

Social engineering's attack phases

Social engineering methods

Threats from within

Threats to corporate networks from social media

Countermeasures

Further reading

Section 2: A Plethora of Attack Vectors

Section 2: A Plethora of Attack Vectors

Chapter 9: Malware and Other Digital Attacks

Chapter 9: Malware and Other Digital Attacks

So, what is malware?

What is a Trojan?

Viruses and worms

Session-hijacking threats

Master list of countermeasures

Chapter 10: Sniffing and Evading IDS, Firewalls, and Honeypots

Chapter 10: Sniffing and Evading IDS, Firewalls, and Honeypots

What is sniffing?

Types of sniffing

Hardware versus software sniffing

Detecting sniffing methods

Moving around firewalls

Chapter 11: Hacking Wireless Networks

Chapter 11: Hacking Wireless Networks

The wireless network and its types

The right encryption can help

A plethora of attack vectors

Methodology of wireless hacking

Hacking Bluetooth

The six layers of wire security

Countermeasures

Chapter 12: Hacking Mobile Platforms

Chapter 12: Hacking Mobile Platforms

Vulnerabilities in mobile environments

OWASP's Top 10 risks for mobile devices

Hacking Android

Mobile device management

Section 3: Cloud, Apps, and IoT Attacks

Section 3: Cloud, Apps, and IoT Attacks

Chapter 13: Hacking Web Servers and Web Apps

Chapter 13: Hacking Web Servers and Web Apps

Why web servers create security issues

Types of architecture

Threats to both servers and applications

The vulnerabilities of web APIs, web shells, and webhooks

Detecting web server hacking attempts

Chapter 14: Hacking IoT and OT

Chapter 14: Hacking IoT and OT

Understanding IoT

Methods used for IoT

OT and methods used to hack it

Chapter 15: Cloud Computing

Chapter 15: Cloud Computing

Living on Cloud 9

Attacking the cloud

Tools and techniques of the attackers

Best practices for securing the cloud

Chapter 16: Using Cryptography

Chapter 16: Using Cryptography

Understanding cryptography

Standards and protocols

Countermeasures for cryptography

Chapter 17: CEH Exam Practice Questions

Chapter 17: CEH Exam Practice Questions

Assessments

Chapter 1 – Understanding Ethical Hacking

Chapter 2 – Introduction to Reconnaissance

Chapter 3 – Reconnaissance – a Deeper Dive

Chapter 4 – Scanning Networks

Chapter 5 – Enumeration

Chapter 6 – Vulnerability Analysis

Chapter 7 – System Hacking

Chapter 8 – Social Engineering

Chapter 9 – Malware and Other Digital Attacks

Chapter 10 – Sniffing and Evading IDS, Firewalls, and Honeypots

Chapter 11 – Hacking Wireless Networks

Chapter 12 – Hacking Mobile Platforms

Chapter 13 – Hacking Web Servers and Web Apps

Chapter 14 – Hacking IoT and OT

Chapter 15 – Cloud Computing

Chapter 16 – Using Cryptography

Other Books You May Enjoy

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

What is sniffing?

Using sniffing tools, an attacker can monitor and capture packets passing through a network and spy on what is going on with internet activity.

Let's talk more specifically about what sniffing is and how to leverage it in an attack.

There are two types of wiretaps out there, as outlined here:

Active wiretapping allows an attacker to manipulate and force themselves into the middle using a Man-in-the-Middle (MITM) attack, which allows the attacker to record and monitor traffic. As an active channel, it can allow the attacker to change the data flowing through or inject information. When it comes to ethical hacking, active means we're going to do something extremely aggressive by forcing a communication. You can see a depiction of a MITM attack in the following diagram:

Figure 10.1 – MITM attack

Passive wiretapping allows an attacker to eavesdrop or listen into conversations—nothing malicious; it...