You are previewing CEH Certified Ethical Hacker All-in-One Exam Guide, Second Edition, 2nd Edition.
O'Reilly logo
CEH Certified Ethical Hacker All-in-One Exam Guide, Second Edition, 2nd Edition

Book Description

Thoroughly revised for the latest release of the Certified Ethical Hacker (CEH) v8 certification exam

Fully updated for the CEH v8 exam objectives, this comprehensive guide offers complete coverage of the EC-Council's Certified Ethical Hacker exam. In this new edition, IT security expert Matt Walker discusses the latest tools, techniques, and exploits relevant to the CEH exam. You'll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the exam with ease, this authoritative resource also serves as an essential on-the-job reference.

Covers all exam topics, including:

  • Introduction to ethical hacking
  • Reconnaissance and footprinting
  • Scanning and enumeration
  • Sniffing and evasion
  • Attacking a system
  • Hacking web servers and applications
  • Wireless network hacking
  • Trojans and other attacks
  • Cryptography
  • Social engineering and physical security
  • Penetration testing

Electronic content includes:

  • Hundreds of practice questions
  • Test engine that provides customized exams by chapter
  • PDF copy of the book

Table of Contents

  1. Cover 
  2. About the Author
    1. About the Technical Editor
  3. Title Page
  4. Copyright Page
  5. Contents at a Glance
  6. Contents 
  7. Acknowledgments
  8. Introduction
  9. Chapter 1: Getting Started: Essential Knowledge
    1. Security 101
      1. Basic Networking
      2. Security Essentials
    2. Introduction to Ethical Hacking
      1. Hacking Terminology
      2. The Ethical Hacker
    3. Chapter Review
      1. Questions
      2. Answers
  10. Chapter 2: Reconnaissance: Information Gathering for the Ethical Hacker
    1. Getting Started
      1. Vulnerability Research
    2. Footprinting
      1. Passive Footprinting
      2. Active Footprinting
      3. DNS Footprinting
      4. Determining Network Range
      5. Google Hacking
      6. Footprinting Tools
    3. Chapter Review
      1. Questions
      2. Answers
  11. Chapter 3: Scanning and Enumeration
    1. Scanning Fundamentals
      1. Scanning Methodology
      2. The TCP Handshake
      3. Identifying Targets
      4. Port Scanning
    2. Enumeration
      1. Windows System Basics
      2. Enumeration Techniques
    3. Chapter Review
      1. Questions
      2. Answers
  12. Chapter 4: Sniffing and Evasion
    1. Fundamentals
      1. How It All Works
      2. Passive and Active Sniffing
    2. Sniffing Tools and Techniques
      1. Wireshark
      2. Other Tools
    3. Evasion
      1. IDS
      2. Firewalls
    4. Chapter Review
      1. Questions
      2. Answers
  13. Chapter 5: Attacking a System
    1. Getting Started
      1. Methodology
      2. Windows Security Architecture
      3. Linux Security Architecture
    2. Cracking Passwords
      1. Password 101
      2. Password Attacks
    3. Privilege Escalation and Executing Applications
      1. Privilege Escalation
      2. Executing Applications
    4. Stealth
      1. Hiding Files and Activity
      2. Covering Your Tracks
    5. Chapter Review
      1. Questions
      2. Answers
  14. Chapter 6: Web-Based Hacking: Servers and Applications
    1. Attacking Web Servers
      1. Web Server Architecture
      2. Attack Methodology
      3. Web Server Attacks
    2. Attacking Web Applications
      1. Web Application Architecture
      2. Application Attacks
      3. SQL Injection
    3. Chapter Review
      1. Questions
      2. Answers
  15. Chapter 7: Wireless Network Hacking
    1. Wireless 101
      1. Wireless Architecture and Standards
      2. Finding and Identifying Wireless Networks
    2. Wireless Hacking
      1. Wireless Attacks
      2. Mobile Platform Attacks
    3. Chapter Review
      1. Questions
      2. Answers
  16. Chapter 8: Trojans and Other Attacks
    1. The “Malware” Attacks
      1. Trojans, Backdoors, Viruses, and Worms
    2. Remaining Attacks
      1. Denial of Service
      2. Session Hijacking
    3. Chapter Review
      1. Questions
      2. Answers
  17. Chapter 9: Cryptography 101
    1. Cryptography and Encryption Overview
      1. Encryption Algorithms and Techniques
    2. PKI, the Digital Certificate, and Digital Signatures
      1. The PKI System
      2. Digital Certificates
      3. Digital Signatures
    3. Encrypted Communication and Cryptography Attacks
      1. Data Encryption: At Rest and While Communicating
      2. Cryptography Attacks
    4. Chapter Review
      1. Questions
      2. Answers
  18. Chapter 10: Low Tech: Social Engineering and Physical Security
    1. Social Engineering
      1. Human-Based Attacks
      2. Computer-Based Attacks
      3. Mobile-Based Attacks
    2. Physical Security
      1. Physical Security 101
    3. Chapter Review
      1. Questions
      2. Answers
  19. Chapter 11: The Pen Test: Putting It All Together
    1. Methodology and Steps
      1. The Security Assessments
      2. Security Assessment Deliverables
    2. Miscellaneous Information
      1. Guidelines
      2. More Terminology
    3. Chapter Review
      1. Questions
      2. Answers
  20. Appendix A: Tool, Sites, and References
    1. Vulnerability Research Sites
    2. Footprinting Tools
      1. People Search Tools
      2. Competitive Intelligence
      3. Website Research Tools
      4. DNS and Whois Tools
      5. Traceroute Tools and Links
      6. Website Mirroring Tools and Sites
      7. E-mail Tracking
      8. Google Hacking
    3. Scanning and Enumeration Tools
      1. Ping Sweep
      2. Scanning Tools
      3. War Dialing
      4. Banner Grabbing
      5. Vulnerability Scanning
      6. Network Mapping
      7. Proxy, Anonymizer, and Tunneling
      8. Enumeration
      9. SNMP Enumeration
    4. System Hacking Tools
      1. Password Hacking Tools
      2. Sniffing
      3. Keyloggers and Screen Capture
      4. Privilege Escalation
      5. Executing Applications
      6. Spyware
      7. Covering Tracks
      8. Packet Crafting/Spoofing
      9. Session Hijacking
    5. Cryptography and Encryption
      1. Encryption Tools
      2. Hash Tools
      3. Steganography
      4. Cryptanalysis
    6. Sniffing
      1. Packet Capture
      2. Wireless
      3. MAC Flooding/Spoofing
      4. ARP Poisoning
    7. Wireless
      1. Discovery
      2. Packet Sniffing
      3. WEP/WPA Cracking
      4. Bluetooth
      5. Mobile Device Tracking
    8. Trojans and Malware
      1. Wrappers
      2. Monitoring Tools
      3. Attack Tools
    9. IDS
      1. Evasion Tools
    10. Wireless
    11. Web Attacks
      1. SQL Injection
    12. Miscellaneous
      1. Pen Test Suites
      2. VPN/FW Scanner
      3. Social Engineering
      4. Extras
      5. Linux Distributions
    13. Tools, Sites, and References Disclaimer
  21. Appendix B: About the Download
    1. System Requirements
    2. Installing and Running Total Tester
      1. About Total Tester
    3. Technical Support
  22. Glossary
  23. Index