Résumé
CEH Certified Ethical Hacker Exam Cram is the perfect study guide to help you pass the updated CEH exam. Dr. Chuck Easttom's expert real-world approach reflects both his expertise as one of the world's leading cybersecurity practitioners and instructors, as well as test-taking insights he has gained from teaching CEH preparation courses worldwide, including courses taught directly for EC-Council. Easttom assumes no prior knowledge: his expert coverage of every exam topic can help readers with little ethical hacking experience to obtain the knowledge they need to succeed.
Covers the critical information you'll need to score higher on your CEH exam!
Review the core principles and concepts of ethical hacking
Perform key pre-attack tasks, including reconnaissance and footprinting
Master enumeration, vulnerability scanning, and vulnerability analysis
Learn system hacking methodologies, how to cover your tracks, and more
Utilize modern malware threats, including ransomware and financial malware
Exploit packet sniffing and social engineering
Master denial of service and session hacking attacks, tools, and countermeasures
Evade security measures, including IDS, firewalls, and honeypots
Hack web servers and applications, and perform SQL injection attacks
Compromise wireless and mobile systems, from wireless encryption to recent Android exploits
Hack Internet of Things (IoT) and Operational Technology (OT) devices and systems
Attack cloud computing systems, misconfigurations, and containers
Use cryptanalysis tools and attack cryptographic systemsIntroduction. . . . . . . . . . . . . . . . . . . . . . . xx
CHAPTER 1:
Reconnaissance and Scanning.. . . . . . . . . . . . . . . . . 1
Reconnaissance Types.. . . . . . . . . . . . . . . . . . 1
Active Reconnaissance Techniques. . . . . . . . . . . . . . 22
What Next?.. . . . . . . . . . . . . . . . . . . . . 32
CHAPTER 2:
Enumeration and Vulnerability Scanning.. . . . . . . . . . . . . 33
Scanning.. . . . . . . . . . . . . . . . . . . . . . 33
Scanning Process.. . . . . . . . . . . . . . . . . . . 43
Network Packet Capture.. . . . . . . . . . . . . . . . . 52
Vulnerability Scanning. . . . . . . . . . . . . . . . . . 57
What Next?.. . . . . . . . . . . . . . . . . . . . . 63
CHAPTER 3:
System Hacking. . . . . . . . . . . . . . . . . . . . . . 65
CEH Methodology.. . . . . . . . . . . . . . . . . . . 65
Pass the Hash.. . . . . . . . . . . . . . . . . . . . . 73
Spyware. . . . . . . . . . . . . . . . . . . . . . . 79
What Next?.. . . . . . . . . . . . . . . . . . . . . 92
CHAPTER 4:
Malware.. . . . . . . . . . . . . . . . . . . . . . . . 93
Malware Types.. . . . . . . . . . . . . . . . . . . . 94
Viruses. . . . . . . . . . . . . . . . . . . . . . . 108
Protecting Against Malware.. . . . . . . . . . . . . . . . 115
What Next?.. . . . . . . . . . . . . . . . . . . . . 122
CHAPTER 5:
Packet Sniffing and Social Engineering.. . . . . . . . . . . . . 123
Social Engineering.. . . . . . . . . . . . . . . . . . . 123
Packet Sniffing.. . . . . . . . . . . . . . . . . . . . 138
What Next?.. . . . . . . . . . . . . . . . . . . . . 150
CHAPTER 6:
Denial of Service and Session Hijacking.. . . . . . . . . . . . . 151
Denial of Service. . . . . . . . . . . . . . . . . . . . 151
Session Hijacking.. . . . . . . . . . . . . . . . . . . 165
What Next?.. . . . . . . . . . . . . . . . . . . . . 172
CHAPTER 7:
Evading Security Measures. . . . . . . . . . . . . . . . . . 173
Intrusion Detection Systems. . . . . . . . . . . . . . . . 173
Firewalls and Honeypots.. . . . . . . . . . . . . . . . . 183
Virtual Private Networks.. . . . . . . . . . . . . . . . . 189
IDS Evasion Techniques.. . . . . . . . . . . . . . . . . 192
Firewall Evasion Techniques. . . . . . . . . . . . . . . . 198
What Next?.. . . . . . . . . . . . . . . . . . . . . 204
CHAPTER 8:
Hacking Web Servers and Web Applications.. . . . . . . . . . . 205
Web Servers.. . . . . . . . . . . . . . . . . . . . . 205
Web Applications.. . . . . . . . . . . . . . . . . . . 214
What Next?.. . . . . . . . . . . . . . . . . . . . . 232
CHAPTER 9:
Hacking Wireless.. . . . . . . . . . . . . . . . . . . . . 233
Wireless Technology.. . . . . . . . . . . . . . . . . . 233
Hacking Wireless.. . . . . . . . . . . . . . . . . . . 245
What Next?.. . . . . . . . . . . . . . . . . . . . . 258
CHAPTER 10:
Hacking Mobile.. . . . . . . . . . . . . . . . . . . . . . 259
Mobile Technologies.. . . . . . . . . . . . . . . . . . 259
Mobile Threats. . . . . . . . . . . . . . . . . . . . 274
What Next?.. . . . . . . . . . . . . . . . . . . . . 282
CHAPTER 11:
IOT and OT Hacking. . . . . . . . . . . . . . . . . . . . 283
IoT Fundamentals. . . . . . . . . . . . . . . . . . . 283
What Next?.. . . . . . . . . . . . . . . . . . . . . 308
CHAPTER 12:
Cloud Computing and Hacking.. . . . . . . . . . . . . . . . 309
Cloud Fundamentals.. . . . . . . . . . . . . . . . . . 309
What Next?.. . . . . . . . . . . . . . . . . . . . . 331
CHAPTER 13:
Cryptography. . . . . . . . . . . . . . . . . . . . . . . 333
Cryptography Concepts.. . . . . . . . . . . . . . . . . 333
PKI. . . . . . . . . . . . . . . . . . . . . . . . 349
Cryptographic Attacks.. . . . . . . . . . . . . . . . . . 357
What Next?.. . . . . . . . . . . . . . . . . . . . . 365
Glossary.. . . . . . . . . . . . . . . . . . . . . . . . 367
Index. . . . . . . . . . . . . . . . . . . . . . . . . . 391
12/7/2021, TOC, 978137513444Dr. Chuck Easttom is the author of 34 books, including several on computer security, forensics, and cryptography. He holds a doctor of science degree in cybersecurity, a Ph.D. in nanotechnology, a Ph.D. in computer science, and three master's degrees (one in applied computer science, one in education, and one in systems engineering). He is also an inventor with 23 patents. He is a senior member of both the IEEE and the ACM. He is also a Distinguished Speaker of the ACM and a Distinguished Visitor of the IEEE. Dr. Easttom is currently an adjunct professor for Georgetown University and for University of Dallas.
