Book Image

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

By : Dale Meredith

Book Image

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

By: Dale Meredith

Overview of this book

With cyber threats continually evolving, understanding the trends and using the tools deployed by attackers to determine vulnerabilities in your system can help secure your applications, networks, and devices. To outmatch attacks, developing an attacker's mindset is a necessary skill, which you can hone with the help of this cybersecurity book. This study guide takes a step-by-step approach to helping you cover all the exam objectives using plenty of examples and hands-on activities. You'll start by gaining insights into the different elements of InfoSec and a thorough understanding of ethical hacking terms and concepts. You'll then learn about various vectors, including network-based vectors, software-based vectors, mobile devices, wireless networks, and IoT devices. The book also explores attacks on emerging technologies such as the cloud, IoT, web apps, and servers and examines prominent tools and techniques used by hackers. Finally, you'll be ready to take mock tests, which will help you test your understanding of all the topics covered in the book. By the end of this book, you'll have obtained the information necessary to take the 312-50 exam and become a CEH v11 certified ethical hacker.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Share Your Thoughts

Section 1: Where Every Hacker Starts

Section 1: Where Every Hacker Starts

Free Chapter

Chapter 1: Understanding Ethical Hacking

Chapter 1: Understanding Ethical Hacking

The benefits of the CEH certification

Ethical hacking

What is information security?

Information security controls

Information security laws and standards

Chapter 2: Introduction to Reconnaissance

Chapter 2: Introduction to Reconnaissance

Overview of reconnaissance

Using ping and DNS

Chapter 3: Reconnaissance – A Deeper Dive

Chapter 3: Reconnaissance – A Deeper Dive

Investigating the target's website

The Wayback Machine

What organizations give away for free

Employees – the weakest link

Reconnaissance countermeasures

Chapter 4: Scanning Networks

Chapter 4: Scanning Networks

Grasping scanning

Understanding the three-way handshake

Checking for live systems and their ports

Scanning by thinking outside the box

Banner grabbing and OS fingerprinting

Vulnerability scanning and drawing out the network

Preparing proxies and other anonymizing techniques

Chapter 5: Enumeration

Chapter 5: Enumeration

What is enumeration?

Ports and services to know about

Enumerating via defaults

NetBIOS enumeration

Enumerating using SNMP

Enumerating via LDAP

Network Time Protocol

Enumerating using SMTP

The golden ticket – DNS

Oh wait, there's more!

The countermeasures

Chapter 6: Vulnerability Analysis

Chapter 6: Vulnerability Analysis

Vulnerability analysis – where to start

Vulnerability classifications

The vulnerability life cycle

Ongoing scanning and monitoring

Chapter 7: System Hacking

Chapter 7: System Hacking

Understanding our objectives

Phase 1 – Gaining access and cracking passwords

Phase 2 – Escalating privileges

Phase 3 – Maintaining access and executing applications

Phase 4 – Maintaining access and hiding your tools

Phase 5 – Covering your tracks – Clearing logs and evidence

Chapter 8: Social Engineering

Chapter 8: Social Engineering

Understanding social engineering

Attack-vulnerable behaviors

What makes social engineering work?

Social engineering's attack phases

Social engineering methods

Threats from within

Threats to corporate networks from social media

Countermeasures

Further reading

Section 2: A Plethora of Attack Vectors

Section 2: A Plethora of Attack Vectors

Chapter 9: Malware and Other Digital Attacks

Chapter 9: Malware and Other Digital Attacks

So, what is malware?

What is a Trojan?

Viruses and worms

Session-hijacking threats

Master list of countermeasures

Chapter 10: Sniffing and Evading IDS, Firewalls, and Honeypots

Chapter 10: Sniffing and Evading IDS, Firewalls, and Honeypots

What is sniffing?

Types of sniffing

Hardware versus software sniffing

Detecting sniffing methods

Moving around firewalls

Chapter 11: Hacking Wireless Networks

Chapter 11: Hacking Wireless Networks

The wireless network and its types

The right encryption can help

A plethora of attack vectors

Methodology of wireless hacking

Hacking Bluetooth

The six layers of wire security

Countermeasures

Chapter 12: Hacking Mobile Platforms

Chapter 12: Hacking Mobile Platforms

Vulnerabilities in mobile environments

OWASP's Top 10 risks for mobile devices

Hacking Android

Mobile device management

Section 3: Cloud, Apps, and IoT Attacks

Section 3: Cloud, Apps, and IoT Attacks

Chapter 13: Hacking Web Servers and Web Apps

Chapter 13: Hacking Web Servers and Web Apps

Why web servers create security issues

Types of architecture

Threats to both servers and applications

The vulnerabilities of web APIs, web shells, and webhooks

Detecting web server hacking attempts

Chapter 14: Hacking IoT and OT

Chapter 14: Hacking IoT and OT

Understanding IoT

Methods used for IoT

OT and methods used to hack it

Chapter 15: Cloud Computing

Chapter 15: Cloud Computing

Living on Cloud 9

Attacking the cloud

Tools and techniques of the attackers

Best practices for securing the cloud

Chapter 16: Using Cryptography

Chapter 16: Using Cryptography

Understanding cryptography

Standards and protocols

Countermeasures for cryptography

Chapter 17: CEH Exam Practice Questions

Chapter 17: CEH Exam Practice Questions

Assessments

Chapter 1 – Understanding Ethical Hacking

Chapter 2 – Introduction to Reconnaissance

Chapter 3 – Reconnaissance – a Deeper Dive

Chapter 4 – Scanning Networks

Chapter 5 – Enumeration

Chapter 6 – Vulnerability Analysis

Chapter 7 – System Hacking

Chapter 8 – Social Engineering

Chapter 9 – Malware and Other Digital Attacks

Chapter 10 – Sniffing and Evading IDS, Firewalls, and Honeypots

Chapter 11 – Hacking Wireless Networks

Chapter 12 – Hacking Mobile Platforms

Chapter 13 – Hacking Web Servers and Web Apps

Chapter 14 – Hacking IoT and OT

Chapter 15 – Cloud Computing

Chapter 16 – Using Cryptography

Other Books You May Enjoy

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Questions

As we conclude, here is a list of questions for you to test your knowledge regarding this chapter's material. You will find the answers in the Assessments section of the Appendix:

Which of the following best describes a wireless hacking attack's evil twin?
1. An attacker creates an access point for clients to connect to within a network range.
2. Attackers create a system with the same MAC as a legitimate target.
3. On a wireless network, an attacker sets up an authentication.
4. An attacker logs in with the same username and password as a legitimate user.
A WEP-encrypted access point has been located by a team. To crack WEP, what is required to perform a fake authentication to the AP? (Select two.)
1. The access point's MAC address
2. The SSID
3. A replay of an authentication packet that was captured
4. The wireless access point's IP address
Which of the following statements about wireless security is correct?
1. WPA2 is a superior encryption option to WEP.
2. WEP is a superior...