Certified Ethical Hacker (CEH) v12 312-50 Exam Guide (eBook)

Keep up to date with ethical hacking trends and hone your skills with hands-on activities
eBook Download: EPUB
2022 | 1. Auflage
664 Seiten
Packt Publishing (Verlag)
978-1-80181-545-1 (ISBN)

Lese- und Medienproben

Certified Ethical Hacker (CEH) v12 312-50 Exam Guide -  Dale Meredith
Systemvoraussetzungen
29,99 inkl. MwSt
  • Download sofort lieferbar
  • Zahlungsarten anzeigen

With cyber threats continually evolving, understanding the trends and using the tools deployed by attackers to determine vulnerabilities in your system can help secure your applications, networks, and devices. To outmatch attacks, developing an attacker's mindset is a necessary skill, which you can hone with the help of this cybersecurity book.
This study guide takes a step-by-step approach to helping you cover all the exam objectives using plenty of examples and hands-on activities. You'll start by gaining insights into the different elements of InfoSec and a thorough understanding of ethical hacking terms and concepts. You'll then learn about various vectors, including network-based vectors, software-based vectors, mobile devices, wireless networks, and IoT devices. The book also explores attacks on emerging technologies such as the cloud, IoT, web apps, and servers and examines prominent tools and techniques used by hackers. Finally, you'll be ready to take mock tests, which will help you test your understanding of all the topics covered in the book.
By the end of this book, you'll have obtained the information necessary to take the 312-50 exam and become a CEH v11 certified ethical hacker.


Develop foundational skills in ethical hacking and penetration testing while getting ready to pass the certification examKey FeaturesLearn how to look at technology from the standpoint of an attackerUnderstand the methods that attackers use to infiltrate networksPrepare to take and pass the exam in one attempt with the help of hands-on examples and mock testsBook DescriptionWith cyber threats continually evolving, understanding the trends and using the tools deployed by attackers to determine vulnerabilities in your system can help secure your applications, networks, and devices. To outmatch attacks, developing an attacker's mindset is a necessary skill, which you can hone with the help of this cybersecurity book. This study guide takes a step-by-step approach to helping you cover all the exam objectives using plenty of examples and hands-on activities. You'll start by gaining insights into the different elements of InfoSec and a thorough understanding of ethical hacking terms and concepts. You'll then learn about various vectors, including network-based vectors, software-based vectors, mobile devices, wireless networks, and IoT devices. The book also explores attacks on emerging technologies such as the cloud, IoT, web apps, and servers and examines prominent tools and techniques used by hackers. Finally, you'll be ready to take mock tests, which will help you test your understanding of all the topics covered in the book. By the end of this book, you'll have obtained the information necessary to take the 312-50 exam and become a CEH v11 certified ethical hacker.What you will learnGet to grips with information security and ethical hackingUndertake footprinting and reconnaissance to gain primary information about a potential targetPerform vulnerability analysis as a means of gaining visibility of known security weaknessesBecome familiar with the tools and techniques used by an attacker to hack into a target systemDiscover how network sniffing works and ways to keep your information secureExplore the social engineering techniques attackers use to compromise systemsWho this book is forThis ethical hacking book is for security professionals, site admins, developers, auditors, security officers, analysts, security consultants, and network engineers. Basic networking knowledge (Network+) and at least two years of experience working within the InfoSec domain are expected.]]>

Preface


Ethical hacking is a special type of cybersecurity that aims to diagnose and find security flaws before malicious actors can. This guide will give you an overview of these threats as well as advice on how to prevent them, so you can start securing your network today!

As the use of and dependence on technology grows, so do the risks associated with it. While there are many challenges in maintaining a secure network environment, one of the biggest problems cyber attackers face is finding vulnerabilities to exploit. This is where ethical hacking comes in. Ethical hackers use the tools and techniques developed by malicious actors to find security weaknesses before they can be taken advantage of.

One of the most popular and well-known ethical hacking certifications is the Certified Ethical Hacker (CEH) credential offered by the International Council of Electronic Commerce Consultants (EC-Council). To become a CEH, individuals must pass an exam that covers a range of ethical hacking topics, including reconnaissance, footprinting, scanning, and enumeration, gaining access to systems (including Trojans and viruses), stealing data, hiding tracks, and social engineering.

This guide will give you the preparation for the CEH 312-50 exam. We'll cover the topics listed on the exam blueprint, as well as additional resources you can use to study for the test. By the end of this guide, you should have a good understanding of what ethical hacking is and how to perform it effectively.

Let's get started!

Who this book is for


This guide is for anyone who wants to learn more about ethical hacking and how to protect their organization from cyber attacks. This could include security professionals, IT administrators, and anyone else who wants to learn more about the basics of ethical hacking and how to become a more effective cybersecurity professional.

What this book covers


Chapter 1, Understanding Ethical Hacking, covers the elements of InfoSec, the cyber kill chain methodology, different hacking concepts, types, and phrases, as well as the concepts of ethical hacking.

Chapter 2, Introduction to Reconnaissance, is all about reconnaissance. Everything has a starting point, and the starting point for attackers when they target an organization is through the process of reconnaissance/footprinting.

Chapter 3, Reconnaissance – a Deeper Dive, delves into reconnaissance in more depth. Now that you've got a basic understanding of the information we're trying to gather during the reconnaissance stage, let's dive deeper by looking at OSINT and at publicly available data such as social media services, job sites, and even going back in time to view previous versions of a company's web page.

Chapter 4, Scanning Networks, tells us that scanning the network is the process of discovering this type of information. In some cases, we can remain undiscovered, while other techniques might alert a security team.

Chapter 5, Enumeration, explores how enumeration can expose things such as usernames and groups on systems, routing tables, system names, and network shares.

Chapter 6, Vulnerability Analysis, demonstrates how vulnerability analysis is key in providing security to any company's infrastructure from external as well as internal threats.

Chapter 7, System Hacking, focuses on the tools and techniques that can be used by attackers to hack the systems identified in our first four steps. This is the ultimate goal of attackers, and it will show you just how vulnerable you might be.

Chapter 8, Social Engineering, describes an easier method that attackers are discovering and actively using to avoid steps 2 to 5. Humans. We are the weakest link. There is no defense against social engineering; only constant vigilance and training of employees can help to circumvent these techniques.

Chapter 9, Malware and Other Digital Attacks, describes some of the most common attack vectors that hackers will exploit, including malware, viruses, ransomware, and denial-of-service (DoS).

Chapter 10, Sniffing and Evading IDS, Firewalls, and Honeypots, examines how sniffing can provide insights into the possibilities of different types of poisoning attacks taking place on a network. These types of attacks and information can help an attacker avoid honeypots and even get around firewalls and intrusion detection systems (IDSs).

Chapter 11, Hacking Wireless Networks, explains how wireless networks present a completely new attack vector that can be challenging to secure. Attackers will go after these networks as many times, lower encryption technologies are often used as well as the vulnerabilities associated with devices and software that are involved.

Chapter 12, Hacking Mobile Platforms, talks about how mobile devices are quickly replacing desktops and laptops as they allow users to not only do the same productivity tasks, but also store critical information such as contact lists, calendars, and credentials. This chapter will show the threats to mobile platforms that attract attackers to these targets.

Chapter 13, Hacking Web Servers and Web Apps, covers how the growth of the internet and web technologies, combined with rapidly increasing internet connectivity, has led to the emergence of a new business landscape. The interconnectivity of services, plugins, operating systems, APIs, and web shells creates an environment ripe for misconfigurations and missed patches.

Chapter 14, Hacking IoT and OT, explains why organizations using IoT or OT devices as part of their network need to protect both the devices and the information from attackers. All security professionals need to understand the landscape of cyber threats, industrial infrastructure, and business.

Chapter 15, Cloud Computing, examines how the push to cloud-based computing has been fast and advantageous for organizations; however, just like any technology, cloud environments also pose several threats and risks. Attackers are targeting vulnerabilities in the cloud software to gain unauthorized access to networks

Chapter 16, Using Cryptography, describes how cryptography and cryptographic (crypto) systems help in securing data from being compromised during online transmissions, but they are not unhackable. Careful deployment and maintaining a healthy environment will help keeps attackers out.

Chapter 17, CEH Exam Practice Questions, lets you see what you have learned!

To get the most out of this book


You should have an understanding of basic network functions and technologies. TCP/IP and the OSI model are key concepts. You should also be familiar with firewall types and functions and have a basic understanding of web servers, web applications, and the security vulnerabilities they present. Familiarity with cryptography basics should also be established before attempting the CEH exam.

The only software you might want to consider would be some type of virtualization solution such as VMware, VirtualBox, or Hyper-V to create a network to practice some of the techniques discussed, but it's not required.

Download the color images


We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://static.packt-cdn.com/downloads/9781801813099_ColorImages.pdf.

Conventions used


There are a number of text conventions used throughout this book.

Code in text: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "An attacker could exploit the application with the setuid or setgid flags to execute malicious code with elevated privileges."

Bold: Indicates a new term, an important word, or words that you see on screen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Under the Research category, you can go to Threat Analysis and see what's currently going on in that area."

Tips or Important Notes

Appear like this.

Get in touch


Feedback from our readers is always welcome.

General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at customercare@packtpub.com.

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would...

Erscheint lt. Verlag 8.7.2022
Vorwort Christopher Rees
Sprache englisch
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Mathematik / Informatik Informatik Web / Internet
Informatik Weitere Themen Zertifizierung
ISBN-10 1-80181-545-3 / 1801815453
ISBN-13 978-1-80181-545-1 / 9781801815451
Haben Sie eine Frage zum Produkt?
EPUBEPUB (Ohne DRM)

Digital Rights Management: ohne DRM
Dieses eBook enthält kein DRM oder Kopier­schutz. Eine Weiter­gabe an Dritte ist jedoch rechtlich nicht zulässig, weil Sie beim Kauf nur die Rechte an der persön­lichen Nutzung erwerben.

Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belle­tristik und Sach­büchern. Der Fließ­text wird dynamisch an die Display- und Schrift­größe ange­passt. Auch für mobile Lese­geräte ist EPUB daher gut geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür die kostenlose Software Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Mehr entdecken
aus dem Bereich
Das Praxishandbuch zu Krisenmanagement und Krisenkommunikation

von Holger Kaschner

eBook Download (2024)
Springer Fachmedien Wiesbaden (Verlag)
34,99
Methodische Kombination von IT-Strategie und IT-Reifegradmodell

von Markus Mangiapane; Roman P. Büchler

eBook Download (2024)
Springer Vieweg (Verlag)
42,99