Includes Real-World Scenarios, Hands-On Exercises, and Leading-Edge Exam Prep Software Featuring:
• Custom Test Engine • Hundreds of Sample Questions • Electronic Flashcards • Entire Book in PDF
Exam 312-50 Exam EC0-350
Certiﬁed Ethical Hacker
CEH: Certified Ethical Hacker Study Guide
CEH (312-50) Objectives Objective
Ethics and Legality Understand ethical hacking terminology Define the job role of an ethical hacker Understand the different phases involved in ethical hacking Identify different types of hacking technologies List the 5 stages of ethical hacking What is hacktivism? List different types of hacker classes Define the skills required to become an ethical hacker What is vulnerability research? Describe the ways of conducting ethical hacking Understand the legal implications of hacking Understand 18 U.S.C. § 1030 US Federal Law Footprinting Define the term footprinting Describe information gathering methodology Describe competitive intelligence Understand DNS enumeration Understand Whois, ARIN lookup Identify different types of DNS records Understand how traceroute is used in footprinting Understand how email tracking works Understand how web spiders work Scanning Define the terms port scanning, network scanning, and vulnerability scanning Understand the CEH scanning methodology Understand Ping Sweep techniques Understand nmap command switches Understand SYN, Stealth, XMAS, NULL, IDLE, and FIN scans List TCP communication flag types Understand war dialing techniques Understand banner grabbing and OF fingerprinting techniques Understand how proxy servers are used in launching an attack How do anonymizers work? Understand HTTP tunneling techniques Understand IP spoofing techniques
1 1 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 3 3 3 3 3 3 3 3 3 3 3 3
Enumeration What is enumeration? What is meant by null sessions? What is SNMP enumeration? What are the steps involved in performing enumeration? System Hacking Understanding password cracking techniques Understanding different types of passwords Identifying various password cracking tools Understand escalating privileges Understanding keyloggers and other spyware technologies Understand how to hide files Understanding rootkits Understand steganography technologies Understand how to cover your tracks and erase evidence Trojans and Backdoors What is a Trojan? What is meant by overt and covert channels? List the different types of Trojans What are the indications of a Trojan attack? Understand how “Netcat” Trojan works What is meant by “wrapping”? How do reverse connecting Trojans work? What are the countermeasure techniques in preventing Trojans? Understand Trojan evading techniques Sniffers Understand the protocol susceptible to sniffing Understand active and passive sniffing Understand ARP poisoning Understand Ethereal capture and display filters Understand MAC flooding Understand DNS spoofing techniques Describe sniffing countermeasures Denial of Service Understand the types of DoS Attacks Understand how DDoS attack works Understand how BOTs/BOTNETs work What is a “Smurf” attack? What is “SYN” flooding? Describe the DoS/DDoS countermeasures
3 3 3 3 4 4 4 4 4 4 4 4 4 5 5 5 5 5 5 5 5 5 6 6 6 6 6 6 6 7 7 7 7 7 7
Exam specifications and content are subject to change at any time without prior notice and at the EC-Council’s sole discretion. Please visit EC-Council’s website (www.eccouncil.org) for the most current information on their exam content.
Social Engineering What is social engineering? What are the common types of attacks? Understand dumpster diving Understand reverse social engineering Understand insider attacks Understand identity theft Describe phishing attacks Understand online scams Understand URL obfuscation Social engineering countermeasures Session Hijacking Understand spoofing vs. hijacking List...