Certified Ethical Hacker (CEH) Cert Guide

Certified Ethical Hacker (CEH) Cert Guide

4.07 (13 ratings by Goodreads)
By (author) 

List price: US$63.98

Currently unavailable

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks


Learn, prepare, and practice for CEH v8 exam success with Certified Ethical Hacker (CEH) Cert Guide from Pearson IT Certification, a leader in IT certification.

Master CEH exam topics
Assess your knowledge with chapter-ending quizzes
Review key concepts with exam preparation tasks
Practice with realistic exam questions on the CD

Certified Ethical Hacker (CEH) Cert Guide is a best-of-breed exam study guide. Leading security consultant and certification expert Michael Gregg shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

You'll get a complete test preparation routine organized around proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.

The companion CD contains the powerful Pearson IT Certification Practice Test engine, complete with hundreds of exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most, so you can succeed on the exam the first time.

This study guide helps you master all the topics on the CEH v8 (312-50) exam, including

Ethical hacking basics
Technical foundations of hacking
Footprinting and scanning
Enumeration and system hacking
Linux distros and automated assessment tools
Trojans and backdoors
Sniffers, session hijacking, and denial of service
Web server hacking, web applications, and database attacks
Wireless technologies, mobile security, and mobile attacks
IDS, firewalls, and honeypots
Buffer overflows, viruses, and worms
Cryptographic attacks and defenses
Physical security and social engineering

Companion CD

The CD contains two free, complete practice exams, plus memory tables and answers to help you study more efficiently and effectively.

Pearson IT Certification Practice Test minimum system requirements:

Windows XP (SP3), Windows Vista (SP2), Windows 7, or Windows 8; Microsoft .NET Framework 4.0 Client; Pentium class 1GHz processor (or equivalent); 512MB RAM; 650MB disc space plus 50MB for each downloaded practice exam; access to the Internet to register and download exam databases
show more

Product details

  • Mixed media product | 704 pages
  • 193.04 x 233.68 x 43.18mm | 1,292.73g
  • Pearson It Certification
  • Upper Saddle River, United States
  • English
  • New.
  • 0789751275
  • 9780789751270
  • 825,591

Table of contents

Introduction xxiii

Chapter 1 Ethical Hacking Basics 3

"Do I Know This Already?" Quiz 3

Foundation Topics 6

Security Fundamentals 6

Goals of Security 7

Risk, Assets, Threats, and Vulnerabilities 8

Defining an Exploit 10

Security Testing 10

No-Knowledge Tests (Black Box) 11

Full-Knowledge Testing (White Box) 11

Partial-Knowledge Testing (Gray Box) 11

Types of Security Tests 12

Hacker and Cracker Descriptions 13

Who Attackers Are 15

Hacker and Cracker History 16

Ethical Hackers 17

Required Skills of an Ethical Hacker 18

Modes of Ethical Hacking 19

Test Plans-Keeping It Legal 21

Test Phases 23

Establishing Goals 24

Getting Approval 25

Ethical Hacking Report 25

Vulnerability Research-Keeping Up with Changes 26

Ethics and Legality 27

Overview of U.S. Federal Laws 28

Compliance Regulations 30

Chapter Summary 31

Exam Preparation Tasks 32

Review All Key Topics 32

Hands-On Labs 32

Lab 1-1 Examining Security Policies 32

Review Questions 33

Define Key Terms 36

View Recommended Resources 36

Chapter 2 The Technical Foundations of Hacking 39

"Do I Know This Already?" Quiz 39

Foundation Topics 42

The Attacker's Process 42

Performing Reconnaissance and Footprinting 42

Scanning and Enumeration 43

Gaining Access 44

Escalation of Privilege 45

Maintaining Access 45

Covering Tracks and Planting Backdoors 45

The Ethical Hacker's Process 46

National Institute of Standards and Technology 47

Operational Critical Threat, Asset, and Vulnerability Evaluation 47

Open Source Security Testing Methodology Manual 48

Security and the Stack 48

The OSI Model 48

Anatomy of TCP/IP Protocols 51

The Application Layer 53

The Transport Layer 57

The Internet Layer 60

The Network Access Layer 65

Chapter Summary 67

Exam Preparation Tasks 67

Review All Key Topics 67

Define Key Terms 68

Exercises 68

2.1 Install a Sniffer and Perform Packet Captures 68

2.2 List the Protocols, Applications, and Services Found at Each Layer of the Stack 70

Review Questions 71

Suggested Reading and Resources 75

Chapter 3 Footprinting and Scanning 77

"Do I Know This Already?" Quiz 77

Foundation Topics 80

The Seven-Step Information-Gathering Process 80

Information Gathering 80

Documentation 80

The Organization's Website 81

Job Boards 83

Employee and People Searches 84

EDGAR Database 87

Google Hacking 88

Usenet 92

Registrar Query 93

DNS Enumeration 96

Determine the Network Range 101

Traceroute 101

Identifying Active Machines 104

Finding Open Ports and Access Points 105

Nmap 112

SuperScan 115

THC-Amap 115

Scanrand 116

Hping 116

Port Knocking 117

War Dialers 117

War Driving 118

OS Fingerprinting 118

Active Fingerprinting Tools 120

Fingerprinting Services 122

Default Ports and Services 122

Finding Open Services 123

Mapping the Network Attack Surface 125

Manual Mapping 125

Automated Mapping 125

Chapter Summary 127

Exam Preparation Tasks 127

Review All Key Topics 127

Define Key Terms 128

Command Reference to Check Your Memory 128

Exercises 129

3.1 Performing Passive Reconnaissance 129

3.2 Performing Active Reconnaissance 130

Review Questions 131

Suggested Reading and Resources 134

Chapter 4 Enumeration and System Hacking 137

"Do I Know This Already?" Quiz 137

Foundation Topics 140

Enumeration 140

Windows Enumeration 140

Windows Security 142

NetBIOS and LDAP Enumeration 143

NetBIOS Enumeration Tools 145

SNMP Enumeration 148

Linux/UNIX Enumeration 149

NTP Enumeration 150

SMTP Enumeration 150

DNS Enumeration 151

System Hacking 151

Nontechnical Password Attacks 151

Technical Password Attacks 152

Password Guessing 152

Automated Password Guessing 153

Password Sniffing 154

Keystroke Loggers 155

Privilege Escalation and Exploiting Vulnerabilities 155

Exploiting an Application 156

Exploiting a Buffer Overflow 156

Owning the Box 157

Authentication Types 158

Cracking the Passwords 159

Hiding Files and Covering Tracks 162

File Hiding 163

Chapter Summary 165

Exam Preparation Tasks 165

Review All Key Topics 165

Define Key Terms 166

Command Reference to Check Your Memory 166

Exercise 166

4.1 NTFS File Streaming 166

Review Questions 167

Suggested Reading and Resources 171

Chapter 5 Linux and Automated Assessment Tools 173

"Do I Know This Already?" Quiz 173

Foundation Topics 176

Linux 176

Linux or Windows? Picking the Right Platform 176

Linux File Structure 177

Linux Basics 179

Passwords and the Shadow File 182

Linux Passwords 183

Compressing, Installing, and Compiling Linux 185

Hacking Linux 186

Reconnaissance 186

Scanning 186

Enumeration 188

Gaining Access 188

Privilege Escalation 190

Maintaining Access and Covering Tracks 191

Hardening Linux 194

Automated Assessment Tools 196

Automated Assessment Tools 196

Source Code Scanners 197

Application-Level Scanners 197

System-Level Scanners 198

Automated Exploit Tools 201

Chapter Summary 203

Exam Preparation Tasks 204

Review All Key Topics 204

Define Key Terms 204

Command Reference to Check Your Memory 205

Exercises 205

5.1 Downloading and Running Backtrack 205

5.2 Using Backtrack to Perform a Port Scan 206

5.3 Creating a Virtual Machine 206

5.4 Cracking Passwords with John the Ripper 207

Review Questions 208

Suggested Reading and Resources 210

Chapter 6 Trojans and Backdoors 213

"Do I Know This Already?" Quiz 213

Foundation Topics 216

Trojans 216

Trojan Types 216

Trojan Ports and Communication Methods 217

Trojan Goals 219

Trojan Infection Mechanisms 219

Effects of Trojans 220

Trojan Tools 221

Distributing Trojans 225

Trojan Tool Kits 226

Covert Communication 227

Covert Communication Tools 231

Port Redirection 232

Other Redirection and Covert Tools 234

Keystroke Logging and Spyware 235

Hardware 236

Software 236

Spyware 237

Trojan and Backdoor Countermeasures 238

Chapter Summary 240

Exam Preparation Tasks 241

Review All Key Topics 241

Define Key Terms 242

Command Reference to Check Your Memory 242

Exercises 243

6.1 Finding Malicious Programs 243

6.2 Using a Scrap Document to Hide Malicious Code 244

6.3 Using Process Explorer 244

Review Questions 246

Suggested Reading and Resources 248

Chapter 7 Sniffers, Session Hijacking, and Denial of Service 251

"Do I Know This Already?" Quiz 251

Foundation Topics 254

Sniffers 254

Passive Sniffing 254

Active Sniffing 255

Address Resolution Protocol 255

ARP Poisoning and Flooding 256

Tools for Sniffing 260

Wireshark 260

Other Sniffing Tools 262

Sniffing and Spoofing Countermeasures 263

Session Hijacking 264

Transport Layer Hijacking 264

Predict the Sequence Number 265

Take One of the Parties Offline 267

Take Control of the Session 267

Application Layer Hijacking 267

Session Sniffing 267

Predictable Session Token ID 268

Man-in-the-Middle Attacks 268

Man-in-the-Browser Attacks 269

Client-Side Attacks 269

Session-Hijacking Tools 271

Preventing Session Hijacking 273

Denial of Service, Distributed Denial of Service, and Botnets 274

Types of DoS 275

Bandwidth Attacks 276

SYN Flood Attacks 277

Program and Application Attacks 277

Distributed Denial of Service 278

DDoS Tools 280

Botnets 282

DoS, DDOS, and Botnet Countermeasures 285

Summary 288

Exam Preparation Tasks 289

Review All Key Topics 289

Define Key Terms 290

Exercises 290

7.1 Scanning for DDoS Programs 290

7.2 Using SMAC to Spoof Your MAC Address 291

Review Questions 291

Suggested Reading and Resources 294

Chapter 8 Web Server Hacking, Web Applications, and Database Attacks 297

"Do I Know This Already?" Quiz 297

Foundation Topics 300

Web Server Hacking 300

Scanning Web Servers 302

Banner Grabbing and Enumeration 302

Web Server Vulnerability Identification 306

Attacks Against Web Servers 307

IIS Vulnerabilities 308

Securing IIS and Apache Web Servers 312

Web Application Hacking 314

Unvalidated Input 315

Parameter/Form Tampering 315

Injection Flaws 315

Cross-Site Scripting and Cross-Site Request Forgery Attacks 316

Hidden Field Attacks 317

Other Web Application Attacks 318

Web-Based Authentication 319

Web-Based Password Cracking and Authentication Attacks 320

Cookies 324

URL Obfuscation 324

Intercepting Web Traffic 326

Database Hacking 329

Identifying SQL Servers 330

SQL Injection Vulnerabilities 331

SQL Injection Hacking Tools 333

Summary 334

Exam Preparation Tasks 335

Review All Key Topics 335

Define Key Terms 336

Exercise 336

8.1 Hack the Bank 336

Review Questions 337

Suggested Reading and Resources 339

Chapter 9 Wireless Technologies, Mobile Security, and Attacks 341

"Do I Know This Already?" Quiz 341

Foundation Topics 344

Wireless Technologies 344

Wireless History 344

Satellite TV 344

Cordless Phones 346

Cell Phones and Mobile Devices 346

Mobile Devices 348

Smartphone Vulnerabilities and Attack Vectors 349

Android 350

iOS 352

Windows Phone 8 352

BlackBerry 353

Mobile Device Management and Protection 353

Bluetooth 354

Wireless LANs 355

Wireless LAN Basics 355

Wireless LAN Frequencies and Signaling 357

Wireless LAN Security 358

Wireless LAN Threats 361

Eavesdropping 362

Configured as Open Authentication 363

Rogue and Unauthorized Access Points 363

Denial of Service (DoS) 365

Wireless Hacking Tools 366

Discover WiFi Networks 366

Perform GPS Mapping 367

Wireless Traffic Analysis 367

Launch Wireless Attacks 368

Crack and Compromise the WiFi Network 368

Securing Wireless Networks 369

Defense in Depth 369

Site Survey 371

Robust Wireless Authentication 372

Misuse Detection 373

Summary 374

Exam Preparation Tasks 374

Review All Key Topics 375

Define Key Terms 375

Review Questions 375

Suggested Reading and Resources 378

Chapter 10 IDS, Firewalls, and Honeypots 381

"Do I Know This Already?" Quiz 381

Intrusion Detection Systems 385

IDS Types and Components 385

Pattern Matching and Anomaly Detection 387

Snort 388

IDS Evasion 392

IDS Evasion Tools 394

Firewalls 395

Firewall Types 395

Network Address Translation 395

Packet Filters 396

Application and Circuit-Level Gateways 398

Stateful Inspection 399

Identifying Firewalls 400

Bypassing Firewalls 402

Honeypots 407

Types of Honeypots 408

Detecting Honeypots 409

Summary 410

Exam Preparation Tasks 411

Review All Key Topics 411

Define Key Terms 411

Review Questions 412

Suggested Reading and Resources 414

Chapter 11 Buffer Overflows, Viruses, and Worms 417

"Do I Know This Already?" Quiz 417

Foundation Topics 420

Buffer Overflows 420

What Is a Buffer Overflow? 420

Why Are Programs Vulnerable? 421

Understanding Buffer-Overflow Attacks 423

Common Buffer-Overflow Attacks 426

Preventing Buffer Overflows 427

Viruses and Worms 429

Types and Transmission Methods of Viruses 429

Virus Payloads 431

History of Viruses 432

Well-Known Viruses 434

The Late 1980s 434

The 1990s 434

2000 and Beyond 435

Virus Tools 438

Preventing Viruses 439

Antivirus 440

Malware Analysis 442

Static Analysis 442

Dynamic Analysis 445

Summary 446

Exam Preparation Tasks 447

Review All Key Topics 447

Define Key Terms 447

Exercises 448

11.1 Locating Known Buffer Overflows 448

11.2 Review CVEs and Buffer Overflows 449

Review Questions 449

Suggested Reading and Resources 451

Chapter 12 Cryptographic Attacks and Defenses 453

"Do I Know This Already?" Quiz 453

Foundation Topics 456

Functions of Cryptography 456

History of Cryptography 457

Algorithms 459

Symmetric Encryption 460

Data Encryption Standard (DES) 461

Advanced Encryption Standard (AES) 463

Rivest Cipher (RC) 463

Asymmetric Encryption (Public Key Encryption) 464

RSA 465

Diffie-Hellman 465

ElGamal 466

Elliptic Curve Cryptography (ECC) 466

Hashing 466

Digital Signature 467

Steganography 468

Steganography Operation 469

Steganographic Tools 470

Digital Watermark 472

Digital Certificates 473

Public Key Infrastructure 474

Trust Models 475

Single Authority 475

Hierarchical Trust 476

Web of Trust 476

Protocols, Standards, and Applications 477

Encryption Cracking and Tools 479

Weak Encryption 481

Encryption-Cracking Tools 482

Summary 483

Exam Preparation Tasks 484

Review All Key Topics 484

Define Key Terms 484

Exercises 485

12.1 Examining an SSL Certificate 485

12.2 Using PGP 486

12.3 Using a Steganographic Tool to Hide a Message 487

Review Questions 487

Suggested Reading and Resources 490

Chapter 13 Physical Security and Social Engineering 493

"Do I Know This Already?" Quiz 493

Foundation Topics 496

Physical Security 496

Threats to Physical Security 496

Equipment Controls 499

Locks 499

Fax Machines 504

Area Controls 505

Location Data and Geotagging 506

Facility Controls 508

Personal Safety Controls 510

Fire Prevention, Detection, and Suppression 510

Physical Access Controls 511

Authentication 511

Defense in Depth 512

Social Engineering 513

Six Types of Social Engineering 513

Person-to-Person Social Engineering 514

Computer-Based Social Engineering 514

Reverse Social Engineering 515

Policies and Procedures 515

Employee Hiring and Termination Policies 516

Help Desk Procedures and Password Change Policies 516

Employee Identification 516

Privacy Policies 517

Governmental and Commercial Data Classification 518

User Awareness 519

Summary 519

Exam Preparation Tasks 520

Review All Key Topics 520

Define Key Terms 521

Exercises 521

13.1 Biometrics and Fingerprint Recognition 521

Review Questions 522

Suggested Reading and Resources 524

Chapter 14 Final Preparation 527

Tools for Final Preparation 527

Pearson Cert Practice Test Engine and Questions on the CD 527

Install the Software from the CD 527

Activate and Download the Practice Exam 528

Activating Other Exams 529

Premium Edition 529

Memory Tables 530

End-of-Chapter Review Tools 530

Suggested Plan for Final Review and Study 530

Summary 532

Glossary 535

Practice Exam 1 EC-Council CEH 312-50 561

Practice Exam 2 EC-Council CEH 312-50 603

Appendix A Answers to the "Do I Know This Already?" Quizzes and Review Questions (CD only)

Appendix B Memory Tables (CD only)

Appendix C Memory Table Answer Key (CD only)

9780789751270 TOC 11/4/2013
show more

About Michael Gregg

Michael Gregg (CISSP, SSCP, CISA, MCSE, MCT, CTT+, A+, N+, Security+, CCNA, CASP, CISA, CISM, CEH, CHFI, and GSEC) is the founder and president of Superior Solutions, Inc., a Houston, Texas-based IT security consulting firm. Superior Solutions performs security assessments and penetration testing for Fortune 1000 firms. The company has performed security assessments for private, public, and governmental agencies. Its Houston-based team travels the country to assess, audit, and provide training services.

Michael is responsible for working with organizations to develop cost-effective and innovative technology solutions to security issues and for evaluating emerging technologies. He has more than 20 years of experience in the IT field and holds two associate's degrees, a bachelor's degree, and a master's degree. In addition to coauthoring the first, second, and third editions of Security Administrator Street Smarts, Michael has written or co-authored 14 other books, including Build Your Own Security Lab: A Field Guide for Network Testing (Wiley, 2008); Hack the Stack: Using Snort and Ethereal to Master the 8 Layers of an Insecure Network (Syngress, 2006); Certified Ethical Hacker Exam Prep 2 (Que, 2006); and Inside Network Security Assessment: Guarding Your IT Infrastructure (Sams, 2005).

Michael has been quoted in newspapers such as the New York Times and featured on various television and radio shows, including NPR, ABC, CBS, Fox News, and others, discussing cyber security and ethical hacking. He has created more than a dozen IT security training security classes. He has created and performed video instruction on many security topics, such as cyber security, CISSP, CISA, Security+, and others.

When not consulting, teaching, or writing, Michael enjoys 1960s muscle cars and has a slot in his garage for a new project car.

You can reach Michael by email at MikeG@thesolutionfirm.com.
show more

Rating details

13 ratings
4.07 out of 5 stars
5 46% (6)
4 15% (2)
3 38% (5)
2 0% (0)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X