Book Image

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

By : Dale Meredith
Book Image

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

By: Dale Meredith

Overview of this book

With cyber threats continually evolving, understanding the trends and using the tools deployed by attackers to determine vulnerabilities in your system can help secure your applications, networks, and devices. To outmatch attacks, developing an attacker's mindset is a necessary skill, which you can hone with the help of this cybersecurity book. This study guide takes a step-by-step approach to helping you cover all the exam objectives using plenty of examples and hands-on activities. You'll start by gaining insights into the different elements of InfoSec and a thorough understanding of ethical hacking terms and concepts. You'll then learn about various vectors, including network-based vectors, software-based vectors, mobile devices, wireless networks, and IoT devices. The book also explores attacks on emerging technologies such as the cloud, IoT, web apps, and servers and examines prominent tools and techniques used by hackers. Finally, you'll be ready to take mock tests, which will help you test your understanding of all the topics covered in the book. By the end of this book, you'll have obtained the information necessary to take the 312-50 exam and become a CEH v11 certified ethical hacker.
Table of Contents (23 chapters)
1
Section 1: Where Every Hacker Starts
10
Section 2: A Plethora of Attack Vectors
15
Section 3: Cloud, Apps, and IoT Attacks
20
Chapter 17: CEH Exam Practice Questions

Detecting web server hacking attempts

There are several ways you can find out if your web server has been compromised.

The first way is to monitor the logs from the web server. A good practice is to have more than one log file, but it's even better if they're monitored and sent to a separate system so that if something happens on the current web server, the logs will still be available.

Another way to do this is to audit ports on the web server. Make sure that all the open ports are accounted for and do not return any strange responses.

You should also look at traffic between the web server and users. If you see abnormally large requests or file downloads, this could be an indication of hacking attempts.

Some other ways to protect your web servers/apps

The machine.config file specifies the resources that are available on the web server, including access to files, directories, and registry keys. Restrict access to these resources to prevent any kind of false...