Prepare for the CEH certification exam with this official review guide and learn how to identify security risks to networks and computers. This easy-to-use guide is organized by exam objectives for quick review so you’ll be able to get the serious preparation you need for the challenging Certified Ethical Hacker certification exam 312-50. As the only review guide officially endorsed by EC-Council, this concise book covers all of the exam objectives and includes a CD with a host of additional...
Prepare for the CEH certification exam with this official review guide and learn how to identify security risks to networks and computers. This easy-to-use guide is organized by exam objectives for quick review so you’ll be able to get the serious preparation you need for the challenging Certified Ethical Hacker certification exam 312-50. As the only review guide officially endorsed by EC-Council, this concise book covers all of the exam objectives and includes a CD with a host of additional study tools.
Introduction xvIntroduction to Ethical Hacking, Ethics, and Legality 1Understanding Ethical Hacking Terminology 2Identifying Different Types of Hacking Technologies 3Understanding the Different Phases Involved in Ethical Hacking and Listing the Five Stages of Ethical Hacking 4Passive and Active Reconnaissance 5Scanning 5Gaining Access 5Maintaining Access 6Covering Tracks 6What Is Hacktivism? 6Listing Different Types of Hacker Classes 6Ethical Hackers and Crackers-Who Are They? 7What Do Ethical Hackers Do? 8Goals Attackers Try to Achieve 8Security, Functionality, and Ease of Use Triangle 9Defining the Skills Required to Become an Ethical Hacker 10What Is Vulnerability Research? 10Describing the Ways to Conduct Ethical Hacking 11Creating a Security Evaluation Plan 11Types of Ethical Hacks 12Testing Types 12Ethical Hacking Report 13Understanding the Legal Implications of Hacking 13Understanding 18 U.S.C. [Section]1029 and 1030 U.S. Federal Law 14Exam Essentials 14Review Questions 16Answers to Review Questions 18Footprinting and Social Engineering 19Footprinting 20Define the Term Footprinting 20Describe the Information Gathering Methodology 21Describe Competitive Intelligence 22Understand DNS Enumeration 23Understand Whois and ARIN Lookups 24Identify Different Types of DNS Records 27Understand How Traceroute Is Used in Footprinting 28Understand How E-Mail Tracking Works 29Understand How Web Spiders Work 29Exam Essentials 29Social Engineering 30What Is Social Engineering? 30What Are the Common Types Of Attacks? 32Understand Insider Attacks 33Understand Identity Theft 33Describe Phishing Attacks 34Understand Online Scams 34Understand URL Obfuscation 35Social-Engineering Countermeasures 35Exam Essentials 36Review Questions 37Answers to Review Questions 40Scanning and Enumeration 41Scanning 42Define the Terms Port Scanning, Network Scanning, and Vulnerability Scanning 42Understand the CEH Scanning Methodology 43Understand Ping Sweep Techniques 44Understand Nmap Command Switches 46Understand Syn, Stealth, Xmas, Null, Idle, and Fin Scans 48List TCP Communication Flag Types 49Understand War-Dialing Techniques 51Understand Banner Grabbing and OS Fingerprinting Techniques 52Understand How Proxy Servers Are Used in Launching an Attack 53How Do Anonymizers Work? 53Understand HTTP Tunneling Techniques 54Understand IP Spoofing Techniques 54Exam Essentials 55Enumeration 55What Is Enumeration? 56What Is Meant by Null Sessions? 56What Is SNMP Enumeration? 58Windows 2000 DNS Zone Transfer 59What Are the Steps Involved in Performing Enumeration? 60Exam Essentials 60Review Questions 62Answers to Review Questions 66System Hacking 67Understanding Password-Cracking Techniques 68Understanding the LanManager Hash 69Cracking Windows 2000 Passwords 70Redirecting the SMB Logon to the Attacker 70SMB Redirection 71SMB Relay MITM Attacks and Countermeasures 71NetBIOS DoS Attacks 72Password-Cracking Countermeasures 72Understanding Different Types of Passwords 74Passive Online Attacks 74Active Online Attacks 75Offline Attacks 77Nonelectronic Attacks 78Understanding Keyloggers and Other Spyware Technologies 78Understand Escalating Privileges 79Executing Applications 80Buffer Overflows 80Understanding Rootkits 81Planting Rootkits on Windows 2000 and XP Machines 81Rootkit Embedded TCP/IP Stack 82Rootkit Countermeasures 82Understanding How to Hide Files 83NTFS File Streaming 83NTFS Stream Countermeasures 83Understanding Steganography Technologies 84Understanding How to Cover Your Tracks and Erase Evidence 85Disabling Auditing 85Clearing the Event Log 86Exam Essentials 86Review Questions 87Answers to Review Questions 89Trojans, Backdoors, Viruses, and Worms 91Trojans and Backdoors 92What Is a Trojan? 93What Is Meant by Overt and Covert Channels? 94List the Different Types of Trojans 94How Do Reverse-Connecting Trojans Work? 94Understand How the Netcat Trojan Works 96What Are the Indications of a Trojan Attack? 97What Is Meant by "Wrapping"? 97Trojan Construction Kit and Trojan Makers 97What Are the Countermeasure Techniques in Preventing Trojans? 98Understand Trojan-Evading Techniques 98System File Verification Subobjective to Trojan Countermeasures 99Viruses and Worms 99Understand the Difference between a Virus and a Worm 99Understand the Types of Viruses 100Understand Antivirus Evasion Techniques 101Understand Virus Detection Methods 101Exam Essentials 101Review Questions 103Answers to Review Questions 106Sniffers 107Understand the Protocols Susceptible to Sniffing 108Understand Active and Passive Sniffing 109Understand ARP Poisoning 110Understand Ethereal Capture and Display Filters 110Understand MAC Flooding 111Understand DNS Spoofing Techniques 111Describe Sniffing Countermeasures 113Exam Essentials 114Review Questions 115Answers to Review Questions 117Denial of Service and Session Hijacking 119Denial of Service 120Understand the Types of DoS Attacks 120Understand How DDoS Attacks Work 122Understand How BOTs/BOTNETs Work 123What Is a "Smurf" Attack? 124What Is "SYN" Flooding? 124Describe the DoS/DDoS Countermeasures 124Session Hijacking 125Understand Spoofing vs. Hijacking 125List the Types of Session Hijacking 126Understand Sequence Prediction 126What Are the Steps in Performing Session Hijacking? 128Describe How You Would Prevent Session Hijacking 129Exam Essentials 130Review Questions 131Answers to Review Questions 135Hacking Web Servers, Web Application Vulnerabilities, and Web-Based Password Cracking Techniques 137Hacking Web Servers 138List the Types of Web Server Vulnerabilities 138Understand the Attacks against Web Servers 139Understand IIS Unicode Exploits 139Understand Patch Management Techniques 140Describe Web Server Hardening Methods 140Web Application Vulnerabilities 141Understanding How Web Applications Work 141Objectives of Web Application Hacking 142Anatomy of an Attack 142Web Application Threats 142Understand Google Hacking 143Understand Web Application Countermeasures 143Web-Based Password Cracking Techniques 144List the Authentication Types 144What Is a Password Cracker? 144How Does a Password Cracker Work? 144Understand Password Attacks: Classification 145Understand Password-Cracking Countermeasures 145Exam Essentials 145Review Questions 147Answers to Review Questions 149SQL Injection and Buffer Overflows 151SQL Injection 152What Is SQL Injection? 152Understand the Steps to Conduct SQL Injection 152Understand SQL Server Vulnerabilities 153Describe SQL Injection Countermeasures 153Buffer Overflows 154Identify the Different Types of Buffer Overflows and Methods of Detection 154Overview of Stack-Based Buffer Overflows 154Overview of Buffer Overflow Mutation Techniques 155Exam Essentials 155Review Questions 156Answers to Review Questions 158Wireless Hacking 159Overview of WEP, WPA Authentication Mechanisms, and Cracking Techniques 160Overview of Wireless Sniffers and Locating SSIDs, MAC Spoofing 162Understand Rogue Access Points 163Understand Wireless Hacking Techniques 163Describe the Methods Used to Secure Wireless Networks 164Exam Essentials 164Review Questions 165Answers to Review Questions 167Physical Security 169Physical Security Breach Incidents 170Understanding Physical Security 171What Is the Need for Physical Security? 171Who Is Accountable for Physical Security? 172Factors Affecting Physical Security 172Exam Essentials 172Review Questions 174Answers to Review Questions 176Linux Hacking 177Linux Basics 178Understand How to Compile a Linux Kernel 179Understand GCC Compilation Commands 180Understand How to Install Linux Kernel Modules 180Understand Linux Hardening Methods 181Exam Essentials 182Review Questions 183Answers to Review Questions 185Evading IDSs, Honeypots, and Firewalls 187List the Types of Intrusion Detection Systems and Evasion Techniques 188List the Firewall Types and Honeypot Evasion Techniques 189Exam Essentials 191Review Questions 192Answers to Review Questions 194Cryptography 195Overview of Cryptography and Encryption Techniques 196Describe How Public and Private Keys Are Generated 197Overview of the MD5, SHA, RC4, RC5, and Blowfish Algorithms 197Exam Essentials 198Review Questions 199Answers to Review Questions 201Penetration Testing Methodologies 203Defining Security Assessments 204Overview of Penetration Testing Methodologies 204List the Penetration Testing Steps 205Overview of the Pen-Test Legal Framework 206List the Automated Penetration Testing Tools 207Overview of the Pen-Test Deliverables 208Exam Essentials 208Review Questions 209Answers to Review Questions 211Glossary 213Index 225