Hacker exam may be taken on the last day of the training (optional). Students need to pass the online exam to receive CEH certification. Certification. Number of Questions: ; Test Duration: 4 Hours; Test Format: Multiple Choice; Test Delivery: ECC EXAM, VUE; Exam Prefix: (ECC EXAM), ECCouncil TestKing’s Certified Ethical Hacker () PassGuide 50_,Q&A ECCouncil Ethical Hacking and Countermeasures.
|Published (Last):||1 September 2013|
|PDF File Size:||17.1 Mb|
|ePub File Size:||2.44 Mb|
|Price:||Free* [*Free Regsitration Required]|
Skip to main content.
Log In Sign Up. Jeff Kellum Technical Editor: Sondra Schneider Production Editor: Rachel Meyers Copy Editor: Tiffany Taylor Production Manager: Wikert Vice President and Publisher: Neil Edde Media Project Supervisor: Laura Atkinson Media Development Specialist: Steve Kudirka Media Quality Assurance: Angie Denny Book Designers: Judy Fung and Bill Gibson Compositor: Ted Laux Anniversary Logo Design: Richard Pacifico Cover Designer: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose.
No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other pro- fessional services. If professional assistance is required, the services of a competent professional person should be sought.
Neither the publisher nor the author shall be liable for damages arising herefrom. Further, readers should be aware that Internet Websites listed in this work may have changed or disappeared between when this work was written and when it is read. For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.
Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books. Library of Congress Cataloging-in-Publication Data is available from the publisher.
All other trademarks are the property of their respective owners. Passive and Active Reconnaissance 5 Phase 2: Scanning 5 Phase 3: Gaining Access 5 Phase 4: Maintaining Access 6 Phase 5: Covering Tracks 6 What Is Hacktivism? The CEH certification is granted to those who have attained the level of knowledge and troubleshooting skills needed to provide capable support in the field of computer and network security.
The CEH exam is periodically updated to keep the certification applicable to the most recent hardware and software. This is necessary because a CEH must be able to work on the latest equipment.
The most recent revisions to the objectives—and to the whole program— were enacted in and are reflected in this book. This certification is designed for security officers, auditors, security professionals, site administrators, and anyone 321-50 deals with the security of the network infrastructure on a day-to-day basis. The goal of ethical hackers fioetype to help organizations take preemptive measures against mali- cious attacks by attacking systems themselves, all the while staying within legal limits.
This philosophy stems from the proven practice of trying to catch a thief by thinking like a thief. As technology advances organizations increasingly depend on technology, and filetyppe assets have evolved into critical components of survival.
You need to pass only a single exam to become a CEH. For the latest exam pricing and updates to the registration procedures, call either Thomson Prometric at oror Pearson VUE at You can also go to either www. If you have further questions about filegype scope of the exams or related EC-Council programs, refer to the EC-Council website at www.
Who Should Buy This Book? These tools 312-05 help you retain vital exam content as well as prepare to sit for the actual exam: Chapter Review Questions To test your knowledge as you progress through the book, there are review questions at the end of each chapter. As you finish each chapter, answer the review questions and then check your answers—the correct answers appear on the page following the last review question.
These are short questions and answers, just like the flashcards you probably used to study in school. You can answer them on your PC or download them onto a Palm device for quick and con- venient reviewing.
Using this custom test engine, you can identify weak areas up front and then develop a solid studying strategy using each of these robust testing features. Our thorough readme file will walk you through the quick, easy instal- lation process.
Take these prac- tice exams just as if you were taking the actual exam without any reference material. If you have to travel and brush up on any key terms, and you have a laptop with a CD-ROM drive, you can do so with this resource. The other can be a major credit card or a passport. Both forms must include a signature. Make sure you know exactly what the question is asking. Unanswered questions are scored against you.
Doing so will improve your odds if you need to make an educated guess. You can move forward and backward through the exam.
These are provided for easy reference and to assure you that you are on track with the objectives. How to Contact the Publisher Sybex welcomes feedback on all of its titles. Visit the Sybex website at www. She currently works with Symbol Technolo- gies and other leading wireless and security vendors as an instructor. She has served various edu- cational institutions in Washington, D. The term hacker conjures up images of a young computer whiz who types a few commands at a computer screen—and poof!
The com- puter spits back account numbers or other confidential data. In reality, a good hacker just has to understand how a computer system works and know what tools to employ in order to find a security weakness. The realm of hackers and how they operate is unknown to most computer and security pro- fessionals. The goal of this chapter is to introduce you to the world of the hacker and to define the terms that will be tested on the Certified Ethical Hacker CEH exam.
A threat is an environment or situation that could lead to a potential breach of security. Ethical hackers look for and prioritize threats when performing a security analysis. In computer security, an exploit is a piece of software that takes advantage of a bug, glitch, or vulnerability, leading to unauthorized access, privilege escalation, or denial of service on a computer system.
There are two methods of classifying exploits: A remote exploit works over a network and exploits security vulnerabilities without any prior access to the vulnerable system.
TestKings – PDF Drive
A local exploit requires prior access to the vulnerable system to increase privileges. An exploit is a defined way to breach the security of an IT system through a vulnerability. A vulnerability is an existence of a software flaw, logic design, or implementation error that can lead to an unexpected and undesirable event executing bad or damaging instructions to the system.
A target of evaluation is a system, program, or network that is the subject of a security analysis or attack. An attack occurs when a system is compromised based on a vulnerability. Many attacks are perpetuated via an exploit. Ethical hackers use tools to find systems that may be vulnerable to an exploit because of the operating system, network configuration, or applications installed on the systems, and prevent an attack.
This book provides you the toolset necessary to become an ethical hacker. Identifying Different Types of Hacking Technologies Many methods and tools exist for locating vulnerabilities, running exploits, and compromising systems. Trojans, backdoors, sniffers, rootkits, exploits, buffer overflows, and SQL injection are all technologies that can be used to hack a system or network.
These technologies and attack methods will each be discussed in later chapters. Many are so complex that an entire chapter is devoted to explaining the attack and applicable technologies. Most hacking tools exploit weaknesses in one of the following four areas: Operating systems Many systems administrators install operating systems with the default settings, resulting in potential vulnerabilities that remain unpatched.
One example is macros in Microsoft Word, which can allow a hacker to execute programs from within the application.
Misconfigurations Systems can also be misconfigured or left at the lowest common security filetypr to increase ease of use for the user, which may result in vulnerability and an attack. This book will cover all these technologies and hacking tools in depth in later chapters. In addition to the various types of technologies filteype hacker can use, there are different types of attacks. Attacks can be categorized as either passive or active. Passive and active attacks are used on both network security infrastructures and on hosts.
Active attacks affect the availability, integrity, and authenticity of data; passive attacks are breaches of confidentiality. In addition to the active and passive categories, attacks are categorized as either inside or out- side attacks. An outside attack originates from a source outside the security perimeter, such as the Internet or a remote access connection.
The following sections cover these five phases. Passive reconnaissance can be as simple as watching a building to identify what time employees filety;e the building and when they leave.