CEH v12 Certified Ethical Hacker
- Description
- Curriculum
- FAQ
- Reviews
We go over fundamental exam questions like:
1. Introduction to Ethical Hacking:
-
Understanding the role of ethical hackers
-
Differentiating between ethical hacking and malicious hacking
-
Legal and ethical considerations in ethical hacking
2. Footprinting and Reconnaissance:
-
Gathering information about the target system or network
-
Techniques for footprinting, such as passive information gathering, active scanning, and social engineering
-
Tools used for footprinting and reconnaissance
3. Scanning Networks:
-
Identifying live hosts on a network
-
Port scanning techniques and tools
-
Vulnerability scanning and assessment
4. Enumeration:
-
Gathering information about users, shares, services, and applications on a network
-
Techniques for enumeration, such as NetBIOS enumeration, SNMP enumeration, and LDAP enumeration
-
Tools used for enumeration
5. System Hacking:
-
Gaining unauthorized access to systems or networks
-
Password cracking techniques and tools
-
Privilege escalation methods
6. Malware Threats:
-
Understanding different types of malware (viruses, worms, Trojans, etc.)
-
Analyzing malware behavior
-
Techniques for detecting and removing malware
7. Sniffing:
-
Capturing network traffic for analysis
-
Types of sniffing attacks (ARP poisoning, DNS spoofing, etc.)
-
Countermeasures against sniffing attacks
8. Social Engineering:
-
Manipulating individuals to gain unauthorized access
-
Techniques used in social engineering attacks (phishing, pretexting, baiting, etc.)
-
Educating users to prevent social engineering attacks
9. Denial-of-Service (DoS) Attacks:
-
Overloading a target system or network to disrupt its availability
-
Types of DoS attacks (TCP/IP-based, application-based, etc.)
-
Mitigation techniques for DoS attacks
10. Session Hijacking:
-
Taking control of a user’s session on a network
-
Techniques for session hijacking (session sidejacking, session replay, etc.)
-
Preventing session hijacking attacks
11. Hacking Web Servers:
-
Exploiting vulnerabilities in web servers
-
Techniques for web server hacking (SQL injection, cross-site scripting, etc.)
-
Securing web servers against attacks
12. Hacking Web Applications:
-
Identifying vulnerabilities in web applications
-
Techniques for web application hacking (parameter tampering, session hijacking, etc.)
-
Best practices for securing web applications
13. SQL Injection:
-
Exploiting vulnerabilities in database systems
-
Techniques for SQL injection attacks
-
Preventing SQL injection attacks
14. Wireless Network Hacking:
-
Exploiting vulnerabilities in wireless networks
-
Techniques for wireless network hacking (WEP/WPA cracking, rogue access points, etc.)
-
Securing wireless networks
15. Evading IDS, Firewalls, and Honeypots:
-
Bypassing intrusion detection systems (IDS)
-
Techniques for evading firewalls
-
Understanding honeypots and their role in detecting attackers
16. Cryptography:
-
Understanding encryption algorithms and protocols
-
Public key infrastructure (PKI) and digital certificates
-
Cryptanalysis techniques
17. Penetration Testing:
-
Planning and conducting penetration tests
-
Reporting and documenting findings
-
Compliance and legal considerations in penetration testing
18. Incident Response and Handling:
-
Preparing for and responding to security incidents
-
Incident handling process and procedures
-
Forensic investigation techniques
19. Mobile Hacking:
-
Exploiting vulnerabilities in mobile devices and applications
-
Techniques for mobile device hacking (jailbreaking, rooting, etc.)
-
Securing mobile devices
20. IoT Hacking:
-
Understanding the security risks in Internet of Things (IoT) devices
-
Techniques for hacking IoT devices
-
Securing IoT devices and networks
External Links May Contain Affiliate Links read more