Book Image

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

By : Dale Meredith
Book Image

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

By: Dale Meredith

Overview of this book

With cyber threats continually evolving, understanding the trends and using the tools deployed by attackers to determine vulnerabilities in your system can help secure your applications, networks, and devices. To outmatch attacks, developing an attacker's mindset is a necessary skill, which you can hone with the help of this cybersecurity book. This study guide takes a step-by-step approach to helping you cover all the exam objectives using plenty of examples and hands-on activities. You'll start by gaining insights into the different elements of InfoSec and a thorough understanding of ethical hacking terms and concepts. You'll then learn about various vectors, including network-based vectors, software-based vectors, mobile devices, wireless networks, and IoT devices. The book also explores attacks on emerging technologies such as the cloud, IoT, web apps, and servers and examines prominent tools and techniques used by hackers. Finally, you'll be ready to take mock tests, which will help you test your understanding of all the topics covered in the book. By the end of this book, you'll have obtained the information necessary to take the 312-50 exam and become a CEH v11 certified ethical hacker.
Table of Contents (23 chapters)
Section 1: Where Every Hacker Starts
Section 2: A Plethora of Attack Vectors
Section 3: Cloud, Apps, and IoT Attacks
Chapter 17: CEH Exam Practice Questions

Types of sniffing

So, what are the different types of sniffing? Please don't say, "It depends whether you're trying to figure out a scent or whether you have a cold." To us, sniffing is where we talk about the actual vectors available to us, and there are several different vectors we can look at.

Spoofing attacks

In this type of attack, the attacker pretends to be someone else by modifying or falsifying the information or data. By doing so, they can gain access to the resources or even steal personal information.

These types of attacks can be done in several different ways. The attacker can use an IP address that's associated with a victim, which would allow them to send out fraudulent emails or set up websites, try to get passwords or account information, and so on. There is no limit when it comes to spoofing attacks and what attackers can accomplish. You can even set up a fake access point for wireless connectivity and pretend to be legitimate...