<p>Every feature of this book supports both efficient exam preparation and long-term mastery:</p><ul><li>Opening Topics Lists identify the topics students need to learn in each chapter and list EC-Council’s official exam objectives</li><li>Key Topics figures, tables, and lists call attention to the information that is most crucial for exam success</li><li>Exam Preparation Tasks enable students to review key topics, define key terms, work through scenarios, and answer review questions…going beyond mere facts to master the concepts that are crucial to passing the exam and enhancing career credentials</li><li>Key Terms are listed in each chapter and defined in a complete glossary, explaining essential terminology within the field</li></ul><p>This study guide helps students master all the topics on the latest CEH exam, including:</p><ul><li>Ethical hacking basics</li><li>Technical foundations of hacking</li><li>Footprinting and scanning</li><li>Enumeration and system hacking</li><li>Social engineering, malware threats, and vulnerability analysis</li><li>Sniffers, session hijacking, and denial of service</li><li>Web server hacking, web applications, and database attacks</li><li>Wireless technologies, mobile security, and mobile attacks</li><li>IDS, firewalls, and honeypots</li><li>Cryptographic attacks and defenses</li><li>Cloud computing, IoT, and botnets</li></ul>

<ul><li>Introduction</li><li>Chapter 1 An Introduction to Ethical Hacking</li><li>Chapter 2 The Technical Foundations of Hacking</li><li>Chapter 3 Footprinting, Reconnaissance, and Scanning</li><li>Chapter 4 Enumeration and System Hacking</li><li>Chapter 5 Social Engineering, Malware Threats, and Vulnerability Analysis</li><li>Chapter 6 Sniffers, Session Hijacking, and Denial of Service</li><li>Chapter 7 Web Server Hacking, Web Applications, and Database Attacks</li><li>Chapter 8 Wireless Technologies, Mobile Security, and Attacks</li><li>Chapter 9 Evading IDS, Firewalls, and Honeypots</li><li>Chapter 10 Cryptographic Attacks and Defenses</li><li>Chapter 11 Cloud Computing, IoT, and Botnets</li><li>Chapter 12 Final Preparation</li><li>Glossary of Key Terms</li><li>Appendix A Answers to the "Do I Know This Already?" Quizzes and Review Questions</li><li>Appendix B <em style="">CEH Certified Ethical Hacker Cert Guide</em> Exam Updates</li></ul>

<p>Every feature of this book supports both efficient exam preparation and long-term mastery:</p><ul><li>Opening Topics Lists identify the topics students need to learn in each chapter and list EC-Council's official exam objectives</li><li>Key Topics figures, tables, and lists call attention to the information that is most crucial for exam success</li><li>Exam Preparation Tasks enable students to review key topics, define key terms, work through scenarios, and answer review questions…going beyond mere facts to master the concepts that are crucial to passing the exam and enhancing career credentials</li><li>Key Terms are listed in each chapter and defined in a complete glossary, explaining essential terminology within the field</li></ul><p>This study guide helps students master all the topics on the latest CEH exam, including:</p><ul><li>Ethical hacking basics</li><li>Technical foundations of hacking</li><li>Footprinting and scanning</li><li>Enumeration and system hacking</li><li>Social engineering, malware threats, and vulnerability analysis</li><li>Sniffers, session hijacking, and denial of service</li><li>Web server hacking, web applications, and database attacks</li><li>Wireless technologies, mobile security, and mobile attacks</li><li>IDS, firewalls, and honeypots</li><li>Cryptographic attacks and defenses</li><li>Cloud computing, IoT, and botnets</li></ul>

<p>Introduction xxvii<br/><strong>Chapter 1</strong> An Introduction to Ethical Hacking 3<br/>"Do I Know This Already?" Quiz 3<br/>Foundation Topics 7<br/>Security Fundamentals 7<br/> Goals of Security 8<br/> Risk, Assets, Threats, and Vulnerabilities 9<br/> Backing Up Data to Reduce Risk 11<br/> Defining an Exploit 12<br/> Risk Assessment 13<br/>Security Testing 14<br/> No-Knowledge Tests (Black Box) 14<br/> Full-Knowledge Testing (White Box) 15<br/> Partial-Knowledge Testing (Gray Box) 15<br/> Types of Security Tests 15<br/> Incident Response 17<br/>Cyber Kill Chain 18<br/>Hacker and Cracker Descriptions 19<br/> Who Attackers Are 20<br/>Ethical Hackers 21<br/> Required Skills of an Ethical Hacker 22<br/> Modes of Ethical Hacking 23<br/>Test Plans--Keeping It Legal 25<br/> Test Phases 27<br/> Establishing Goals 28<br/> Getting Approval 29<br/> Ethical Hacking Report 29<br/> Vulnerability Research and Bug Bounties--Keeping Up with Changes 30<br/>Ethics and Legality 31<br/> Overview of U.S. Federal Laws 32<br/> Compliance Regulations 34<br/> Payment Card Industry Data Security Standard (PCI-DSS) 36<br/>Summary 36<br/>Exam Preparation Tasks 37<br/>Review All Key Topics 37<br/>Define Key Terms 38<br/>Exercises 38<br/> 1-1 Searching for Exposed Passwords 38<br/> 1-2 Examining Security Policies 39<br/>Review Questions 39<br/>Suggested Reading and Resources 44<br/><strong>Chapter 2</strong> The Technical Foundations of Hacking 47<br/>"Do I Know This Already?" Quiz 47<br/>Foundation Topics 50<br/>The Hacking Process 50<br/> Performing Reconnaissance and Footprinting 50<br/> Scanning and Enumeration 51<br/> Gaining Access 52<br/> Escalating Privilege 53<br/> Maintaining Access 53<br/> Covering Tracks and Planting Backdoors 54<br/>The Ethical Hacker's Process 54<br/> NIST SP 800-115 56<br/> Operationally Critical Threat, Asset, and Vulnerability Evaluation 56<br/> Open Source Security Testing Methodology Manual 56<br/>Information Security Systems and the Stack 57<br/> The OSI Model 57<br/> Anatomy of TCP/IP Protocols 60<br/> The Application Layer 62<br/> The Transport Layer 66<br/> Transmission Control Protocol 66<br/> User Datagram Protocol 68<br/> The Internet Layer 69<br/> Traceroute 74<br/> The Network Access Layer 77<br/>Summary 78<br/>Exam Preparation Tasks 79<br/>Review All Key Topics 79<br/>Define Key Terms 79<br/>Exercises 80<br/> 2-1 Install a Sniffer and Perform Packet Captures 80<br/> 2-2 Using Traceroute for Network Troubleshooting 81<br/>Review Questions 81<br/>Suggested Reading and Resources 85<br/><strong>Chapter 3</strong> Footprinting, Reconnaissance, and Scanning 89<br/>"Do I Know This Already?" Quiz 89<br/>Foundation Topics 93<br/>Footprinting 93<br/> Footprinting Methodology 93<br/> Documentation 95<br/> Footprinting Through Search Engines 96<br/> Footprinting Through Social Networking Sites 101<br/> Footprinting Through Web Services and Websites 103<br/> Email Footprinting 106<br/> Whois Footprinting 108<br/> DNS Footprinting 112<br/> Network Footprinting 118<br/> Subnetting's Role in Mapping Networks 119<br/> Traceroute 120<br/> Footprinting Through Social Engineering 121<br/> Footprinting Countermeasures 122<br/>Scanning 122<br/> Host Discovery 123<br/> Port and Service Discovery 124<br/> Nmap 131<br/> SuperScan 139<br/> THC-Amap 139<br/> Hping 140<br/> Port Knocking 140<br/> OS Discovery (Banner Grabbing/OS Fingerprinting) and Scanning<br/> Beyond IDS and Firewall 141<br/> Active Fingerprinting Tools 143<br/> Fingerprinting Services 145<br/> Default Ports and Services 145<br/> Finding Open Services 145<br/> Draw Network Diagrams 148<br/>Summary 151<br/>Exam Preparation Tasks 152<br/>Review All Key Topics 152<br/>Define Key Terms 152<br/>Exercises 153<br/> 3-1 Performing Passive Reconnaissance 153<br/> 3-2 Performing Active Reconnaissance 154<br/>Review Questions 155<br/>Suggested Reading and Resources 159<br/><strong>Chapter 4</strong> Enumeration and System Hacking 161<br/>"Do I Know This Already?" Quiz 161<br/>Foundation Topics 164<br/>Enumeration 164<br/> Windows Enumeration 164<br/> Windows Security 166<br/> NetBIOS and LDAP Enumeration 167<br/> NetBIOS Enumeration Tools 169<br/> SNMP Enumeration 177<br/> Linux/UNIX Enumeration 183<br/> NTP Enumeration 185<br/> SMTP Enumeration 186<br/> Additional Enumeration Techniques 191<br/> DNS Enumeration 191<br/> Enumeration Countermeasures 192<br/>System Hacking 193<br/> Nontechnical Password Attacks 193<br/> Technical Password Attacks 194<br/> Password Guessing 195<br/> Automated Password Guessing 197<br/> Password Sniffing 197<br/> Keylogging 198<br/> Escalating Privilege and Exploiting Vulnerabilities 199<br/> Exploiting an Application 200<br/> Exploiting a Buffer Overflow 201<br/> Owning the Box 203<br/> Windows Authentication Types 203<br/> Cracking Windows Passwords 205<br/> Linux Authentication and Passwords 209<br/> Cracking Linux Passwords 212<br/> Hiding Files and Covering Tracks 213<br/> Rootkits 214<br/> File Hiding 217<br/>Summary 219<br/>Exam Preparation Tasks 220<br/>Review All Key Topics 220<br/>Define Key Terms 220<br/>Exercise 220<br/> 4-1 NTFS File Streaming 220<br/>Review Questions 221<br/>Suggested Reading and Resources 226<br/><strong>Chapter 5</strong> Social Engineering, Malware Threats, and Vulnerability Analysis 229<br/>"Do I Know This Already?" Quiz 229<br/>Foundation Topics 234<br/>Social Engineering 234<br/> Phishing 235<br/> Pharming 235<br/> Malvertising 236<br/> Spear Phishing 237<br/> SMS Phishing 245<br/> Voice Phishing 245<br/> Whaling 245<br/> Elicitation, Interrogation, and Impersonation (Pretexting) 246<br/> Social Engineering Motivation Techniques 247<br/> Shoulder Surfing and USB Baiting 248<br/>Malware Threats 248<br/> Viruses and Worms 248<br/> Types and Transmission Methods of Viruses and Malware 249<br/> Virus Payloads 251<br/> History of Viruses 252<br/> Well-Known Viruses and Worms 253<br/> Virus Creation Tools 255<br/> Trojans 255<br/> Trojan Types 256<br/> Trojan Ports and Communication Methods 257<br/> Trojan Goals 258<br/> Trojan Infection Mechanisms 259<br/> Effects of Trojans 260<br/> Trojan Tools 261<br/> Distributing Trojans 263<br/> Wrappers 264<br/> Packers 265<br/> Droppers 265<br/> Crypters 265<br/> Ransomware 267<br/> Covert Communications 268<br/> Tunneling via the Internet Layer 269<br/> Tunneling via the Transport Layer 272<br/> Tunneling via the Application Layer 273<br/> Port Redirection 274<br/> Keystroke Logging and Spyware 276<br/> Hardware Keyloggers 277<br/> Software Keyloggers 277<br/> Spyware 278<br/> Malware Countermeasures 279<br/> Detecting Malware 280<br/> Antivirus 283<br/> Analyzing Malware 286<br/> Static Analysis 286<br/> Dynamic Analysis 288<br/>Vulnerability Analysis 290<br/> Passive vs. Active Assessments 290<br/> External vs. Internal Assessments 290<br/> Vulnerability Assessment Solutions 291<br/> Tree-Based vs. Inference-Based Assessments 291<br/> Vulnerability Scoring Systems 292<br/> Vulnerability Scanning Tools 296<br/>Summary 297<br/>Exam Preparation Tasks 298<br/>Review All Key Topics 299<br/>Define Key Terms 300<br/>Command Reference to Check Your Memory 300<br/>Exercises 300<br/> 5-1 Finding Malicious Programs 300<br/> 5-2 Using Process Explorer 301<br/>Review Questions 303<br/>Suggested Reading and Resources 307<br/><strong>Chapter 6</strong> Sniffers, Session Hijacking, and Denial of Service 311<br/>"Do I Know This Already?" Quiz 311<br/>Foundation Topics 314<br/>Sniffers 314<br/> Passive Sniffing 315<br/> Active Sniffing 316<br/> Address Resolution Protocol 316<br/> ARP Poisoning and MAC Flooding 318<br/> Tools for Sniffing and Packet Capturing 324<br/> Wireshark 324<br/> Other Sniffing Tools 328<br/> Sniffing and Spoofing Countermeasures 328<br/>Session Hijacking 330<br/> Transport Layer Hijacking 330<br/> Identify and Find an Active Session 331<br/> Predict the Sequence Number 332<br/> Take One of the Parties Offline 333<br/> Take Control of the Session 333<br/> Application Layer Hijacking 334<br/> Session Sniffing 334<br/> Predictable Session Token ID 334<br/> On-Path Attacks 335<br/> Client-Side Attacks 335<br/> Browser-Based On-Path Attacks 337<br/> Session Replay Attacks 338<br/> Session Fixation Attacks 338<br/> Session Hijacking Tools 338<br/> Preventing Session Hijacking 341<br/>Denial of Service and Distributed Denial of Service 341<br/> DoS Attack Techniques 343<br/> Volumetric Attacks 343<br/> SYN Flood Attacks 344<br/> ICMP Attacks 344<br/> Peer-to-Peer Attacks 345<br/> Application-Level Attacks 345<br/> Permanent DoS Attacks 346<br/> Distributed Denial of Service 347<br/> DDoS Tools 348<br/> DoS and DDoS Countermeasures 350<br/>Summary 353<br/>Exam Preparation Tasks 354<br/>Review All Key Topics 354<br/>Define Key Terms 354<br/>Exercises 355<br/> 6-1 Scanning for DDoS Programs 355<br/> 6-2 Spoofing Your MAC Address in Linux 355<br/> 6-3 Using the KnowBe4 SMAC to Spoof Your MAC Address 356<br/>Review Questions 356<br/>Suggested Reading and Resources 360<br/><strong>Chapter 7</strong> Web Server Hacking, Web Applications, and Database Attacks 363<br/>"Do I Know This Already?" Quiz 363<br/>Foundation Topics 366<br/>Web Server Hacking 366<br/> The HTTP Protocol 366<br/> Scanning Web Servers 374<br/> Banner Grabbing and Enumeration 374<br/> Web Server Vulnerability Identification 379<br/> Attacking the Web Server 380<br/> DoS/DDoS Attacks 380<br/> DNS Server Hijacking and DNS Amplification Attacks 380<br/> Directory Traversal 382<br/> On-Path Attacks 384<br/> Website Defacement 384<br/> Web Server Misconfiguration 384<br/> HTTP Response Splitting 385<br/> Understanding Cookie Manipulation Attacks 385<br/> Web Server Password Cracking 386<br/> Web Server-Specific Vulnerabilities 386<br/> Comments in Source Code 388<br/> Lack of Error Handling and Overly Verbose Error Handling 389<br/> Hard-Coded Credentials 389<br/> Race Conditions 389<br/> Unprotected APIs 390<br/> Hidden Elements 393<br/> Lack of Code Signing 393<br/> Automated Exploit Tools 393<br/> Securing Web Servers 395<br/> Harden Before Deploying 395<br/> Patch Management 395<br/> Disable Unneeded Services 396<br/> Lock Down the File System 396<br/> Log and Audit 396<br/> Provide Ongoing Vulnerability Scans 397<br/>Web Application Hacking 398<br/> Unvalidated Input 398<br/> Parameter/Form Tampering 399<br/> Injection Flaws 399<br/> Cross-Site Scripting (XSS) Vulnerabilities 400<br/> Reflected XSS Attacks 401<br/> Stored XSS Attacks 402<br/> DOM-Based XSS Attacks 404<br/> XSS Evasion Techniques 405<br/> XSS Mitigations 406<br/> Understanding Cross-Site Request Forgery Vulnerabilities and Related Attacks 408<br/> Understanding Clickjacking 409<br/> Other Web Application Attacks 410<br/> Exploiting Web-Based Cryptographic Vulnerabilities and Insecure Configurations 411<br/> Web-Based Password Cracking and Authentication Attacks 412<br/> Understanding What Cookies Are and Their Use 414<br/> URL Obfuscation 415<br/> Intercepting Web Traffic 417<br/> Securing Web Applications 419<br/> Lack of Code Signing 421<br/>Database Hacking 421<br/> A Brief Introduction to SQL and SQL Injection 422<br/> SQL Injection Categories 427<br/> Fingerprinting the Database 429<br/> Surveying the UNION Exploitation Technique 430<br/> Using Boolean in SQL Injection Attacks 431<br/> Understanding Out-of-Band Exploitation 432<br/> Exploring the Time-Delay SQL Injection Technique 433<br/> Surveying Stored Procedure SQL Injection 434<br/> Understanding SQL Injection Mitigations 434<br/> SQL Injection Hacking Tools 435<br/>Summary 436<br/>Exam Preparation Tasks 437<br/>Review All Key Topics 437<br/>Exercise 438<br/> 7-1 Complete the Exercises in WebGoat 438<br/>Review Questions 438<br/>Suggested Reading and Resources 443<br/><strong>Chapter 8</strong> Wireless Technologies, Mobile Security, and Attacks 445<br/>"Do I Know This Already?" Quiz 445<br/>Foundation Topics 449<br/>Wireless and Mobile Device Technologies 449<br/> Mobile Device Concerns 451<br/> Mobile Device Platforms 452<br/> Android 453<br/> iOS 455<br/> Windows Mobile Operating System 456<br/> BlackBerry 457<br/> Mobile Device Management and Protection 457<br/> Bluetooth 458<br/> Radio Frequency Identification (RFID) Attacks 461<br/>Wi-Fi 461<br/> Wireless LAN Basics 462<br/> Wireless LAN Frequencies and Signaling 463<br/> Wireless LAN Security 464<br/> Installing Rogue Access Points 467<br/> Evil Twin Attacks 468<br/> Deauthentication Attacks 468<br/> Attacking the Preferred Network Lists 472<br/> Jamming Wireless Signals and Causing Interference 472<br/> War Driving 472<br/> Attacking WEP 472<br/> Attacking WPA 474<br/> Wireless Networks Configured with Open Authentication 478<br/> KRACK Attacks 479<br/> Attacks Against WPA3 479<br/> Attacking Wi-Fi Protected Setup (WPS) 480<br/> KARMA Attack 481<br/> Fragmentation Attacks 481<br/> Additional Wireless Hacking Tools 482<br/> Performing GPS Mapping 483<br/> Wireless Traffic Analysis 483<br/> Launch Wireless Attacks 483<br/> Crack and Compromise the Wi-Fi Network 484<br/> Securing Wireless Networks 485<br/> Site Survey 485<br/> Robust Wireless Authentication 485<br/> Misuse Detection 486<br/>Summary 487<br/>Exam Preparation Tasks 488<br/>Review All Key Topics 488<br/>Define Key Terms 488<br/>Review Questions 488<br/>Suggested Reading and Resources 489<br/><strong>Chapter 9</strong> Evading IDS, Firewalls, and Honeypots 491<br/>"Do I Know This Already?" Quiz 491<br/>Foundation Topics 495<br/>Intrusion Detection and Prevention Systems 495<br/> IDS Types and Components 495<br/> Pattern Matching 497<br/> Protocol Analysis 500<br/> Heuristic-Based Analysis 500<br/> Anomaly-Based Analysis 500<br/> Global Threat Correlation Capabilities 502<br/> Snort 502<br/> IDS Evasion 506<br/> Flooding 507<br/> Insertion and Evasion 507<br/> Session Splicing 508<br/> Shellcode Attacks 508<br/> Other IDS Evasion Techniques 509<br/> IDS Evasion Tools 510<br/>Firewalls 511<br/> Firewall Types 512<br/> Network Address Translation 512<br/> Packet Filters 513<br/> Application and Circuit-Level Gateways 515<br/> Stateful Inspection 515<br/> Identifying Firewalls 516<br/> Bypassing Firewalls 520<br/>Honeypots 526<br/> Types of Honeypots 528<br/> Detecting Honeypots 529<br/>Summary 530<br/>Exam Preparation Tasks 530<br/>Review All Key Topics 530<br/>Define Key Terms 531<br/>Review Questions 531<br/>Suggested Reading and Resources 536<br/><strong>Chapter 10</strong> Cryptographic Attacks and Defenses 539<br/>"Do I Know This Already?" Quiz 539<br/>Foundation Topics 543<br/>Cryptography History and Concepts 543<br/>Encryption Algorithms 545<br/> Symmetric Encryption 546<br/> Data Encryption Standard (DES) 548<br/> Advanced Encryption Standard (AES) 550<br/> Rivest Cipher 551<br/> Asymmetric Encryption (Public Key Encryption) 551<br/> RSA 552<br/> Diffie-Hellman 552<br/> ElGamal 553<br/> Elliptic-Curve Cryptography (ECC) 553<br/> Digital Certificates 553<br/>Public Key Infrastructure 554<br/> Trust Models 555<br/> Single-Authority Trust 556<br/> Hierarchical Trust 556<br/> Web of Trust 557<br/>Email and Disk Encryption 557<br/>Cryptoanalysis and Attacks 558<br/> Weak Encryption 561<br/> Encryption-Cracking Tools 563<br/>Security Protocols and Countermeasures 563<br/> Steganography 566<br/> Steganography Operation 567<br/> Steganographic Tools 568<br/> Digital Watermark 571<br/> Hashing 571<br/> Digital Signature 573<br/>Summary 574<br/>Exam Preparation Tasks 574<br/>Review All Key Topics 574<br/>Define Key Terms 575<br/>Exercises 575<br/> 10-1 Examining an SSL Certificate 575<br/> 10-2 Using PGP 576<br/> 10-3 Using a Steganographic Tool to Hide a Message 577<br/>Review Questions 577<br/>Suggested Reading and Resources 582<br/><strong>Chapter 11</strong> Cloud Computing, IoT, and Botnets 585<br/>"Do I Know This Already?" Quiz 585<br/>Foundation Topics 588<br/>Cloud Computing 588<br/> Cloud Computing Issues and Concerns 590<br/> Cloud Computing Attacks 592<br/> Cloud Computing Security 593<br/> DevOps, Continuous Integration (CI), Continuous Delivery (CD), and DevSecOps 593<br/> CI/CD Pipelines 596<br/> Serverless Computing 598<br/> Containers and Container Orchestration 598<br/> How to Scan Containers to Find Security Vulnerabilities 600<br/>IoT 601<br/> IoT Protocols 604<br/> IoT Implementation Hacking 606<br/>Botnets 606<br/> Botnet Countermeasures 609<br/>Summary 612<br/>Exam Preparation Tasks 612<br/>Review All Key Topics 612<br/>Define Key Terms 613<br/>Review Questions 613<br/>Suggested Reading and Resources 615<br/><strong>Chapter 12</strong> Final Preparation 619<br/>Hands-on Activities 619<br/>Suggested Plan for Final Review and Study 620<br/>Summary 621<br/><strong>Glossary of Key Terms </strong>623<br/><strong>Appendix A</strong> Answers to the "Do I Know This Already?" Quizzes and Review Questions 649<br/><strong>Appendix B</strong> <em>CEH Certified Ethical Hacker Cert Guide</em> Exam Updates 685<br/></p><p>Index 687</p><p><strong>Online Elements:</strong><br/><strong>Appendix C</strong> Study Planner<br/>Glossary of Key Terms<br/>9780137489985 TOC 12/15/2021</p>

Michael Gregg

Omar Santos

Pearson eText for CEH Certified Ethical Hacker Cert Guide, 4e

A digital version of the text you can personalize and read online or offline.

eTextbook

CEH Certified Ethical Hacker Cert Guide

A digital version of the text you can personalize and read online or offline. If your instructor has invited you to join a specific Pearson eTextbook course for your class, you will need to purchase your eText through the course invite link they provide.

Now available on

This product is a bound, printed text book.

Print

Hardcover

CEH Certified Ethical Hacker Cert Guide, 4th edition

Access details

Features

Pearson+