: Sean & Philip Oriyano
: 44.14 MB
If you’re preparing to take the CEH exam, you’ll undoubtedly want to find as much information as you can about computers, networks, applications, and physical security. The more information you have at your disposal and the more hands-on experience you gain, the better off you’ll be when taking the exam. This study guide was written with that goal in mind—to provide enough information to prepare you for the test, but not so much that you’ll be overloaded with information that is too far outside the scope of the exam. To make the information more understandable, I’ve included practical examples and experience that supplement the theory. This book presents the material at an advanced technical level. An understanding of network concepts and issues, computer hardware and operating systems, and applications will come in handy when you read this book. While every attempt has been made to present the concepts and exercises in an easy-to-understand format, you will need to have experience with IT and networking technology to get the best results. I’ve included review questions at the end of each chapter to give you a taste of what it’s like to take the exam. If you’re already working in the security field, check out these questions first to gauge your level of expertise. You can then use the book to fill in the gaps in your current knowledge. This study guide will help you round out your knowledge base before tackling the exam itself. If you can answer 85 percent to 90 percent or more of the review questions correctly for a given chapter, you can feel safe moving on to the next chapter. If you’re unable to answer that many questions correctly, reread the chapter and try the questions again. Your score should improve. Don’t just study the questions and answers! The questions on the actual exam will be different from the practice questions included in this book. The exam is designed to test your knowledge of a concept or objective, so use this book to learn the objectives behind the questions. Before You Begin Studying Before you begin preparing for the exam, it’s imperative that you understand a few things about the CEH certification. CEH is a certification from the International Council of Electronic Commerce Consultants (EC-Council) granted to those who obtain a passing score on a single exam (number 312-50). The exam is predominantly multiple choice, with some questions including diagrams and sketches that you must analyze to arrive at an answer. This exam requires intermediate- to advanced-level experience; you’re expected to know a great deal about security from an implementation and theory perspective as well as a practical perspective. In many books, the glossary is filler added to the back of the text; this book’s glossary (included as part of the online test bank at sybextestbanks.wiley.com) should be considered necessary reading. You’re likely to see a question on the exam about what a black- or white-box test is—not how to specifically implement it in a working environment. Spend your study time learning the various security solutions and identifying potential security vulnerabilities and where they are applicable. Also spend time thinking outside the box about how things work—the exam is also known to alter phrases and terminology—but keep the underlying concept as a way to test your thought process. The EC-Council is known for presenting concepts in unexpected ways on their exam. The exam tests whether you can apply your knowledge rather than just commit information to memory and repeat it back. Use your analytical skills to visualize the situation and then determine how it works. The questions throughout this book make every attempt to recreate the structure and appearance of the CEH exam questions. Why Become CEH Certified? There are a number of reasons for obtaining the CEH certification. These include the following: Provides Proof of Professional Achievement Specialized certifications are the best way to stand out from the crowd. In this age of technology certifications, you’ll find hundreds of thousands of administrators who have successfully completed the Microsoft and Cisco certification tracks. To set yourself apart from the crowd, you need a bit more. The CEH exam is part of the EC-Council certification track, which includes other securitycentric certifications if you wish to attempt those. Increases Your Marketability The CEH for several years has provided a valuable benchmark of the skills of a pentester to potential employers or clients. Once you hold the CEH certification, you’ll have the credentials to prove your competency. Moreover, certifications can’t be taken from you when you change jobs—you can take that certification with you to any position you accept. Provides Opportunity for Advancement Individuals who prove themselves to be competent and dedicated are the ones who will most likely be promoted. Becoming certified is a great way to prove your skill level and show your employer that you’re committed to improving your skill set. Look around you at those who are certified: They are probably the people who receive good pay raises and promotions. Fulfills Training Requirements Many companies have set training requirements for their staff so that they stay up to date on the latest technologies. Having a certification program in security provides administrators with another certification path to follow when they have exhausted some of the other industry-standard certifications. Raises Customer Confidence Many companies, small businesses, and the governments of various countries have long discovered the advantages of being a CEH. Many organizations require that employees and contractors hold the credential in order to engage in certain work activities. How to Become a CEH-Certified Professional The first place to start on your way to certification is to register for the exam at any Pearson VUE testing center. Exam pricing might vary by country or by EC-Council membership. You can contact Pearson VUE by going to their website (www.vue.com) or in the United States and Canada by calling toll-free (877)-551-7587. When you schedule the exam, you’ll receive instructions about appointment and cancellation procedures, ID requirements, and information about the testing center location. In addition, you will be required to provide a special EC-Council–furnished code in order to complete the registration process. Finally, you will also be required to fill out a form describing your professional experience and background before a code will be issued for you to register. Exam prices and codes may vary based on the country in which the exam is administered. For detailed pricing and exam registration procedures, refer to ECCouncil’s website at www.eccouncil.org/certification. After you’ve successfully passed your CEH exam, the EC-Council will award you with certification. Within four to six weeks of passing the exam, you’ll receive your official ECCouncil CEH certificate. Who Should Read This Book? If you want to acquire solid information in hacking and pen-testing techniques and your goal is to prepare for the exam by learning how to develop and improve security, this book is for you. You’ll find clear explanations of the concepts you need to grasp and plenty of help to achieve the high level of professional competency you need to succeed in your chosen field. If you want to become certified, this book is definitely what you need. However, if you just want to attempt to pass the exam without really understanding security, this study guide isn’t for you. You must be committed to learning the theory and concepts in this book to be successful. In addition to reading this book, consider downloading and reading the white papers on security that are scattered throughout the Internet. What Does This Book Cover? This book covers everything you need to know to pass the CEH exam. Here’s a breakdown chapter by chapter: Chapter 1: Introduction to Ethical Hacking This chapter covers the purpose of ethical hacking, defines the ethical hacker, and describes how to get started performing security audits. Chapter 2: System Fundamentals This chapter presents a look at the various components that make up a system and how they are affected by security. Chapter 3: Cryptography This chapter explores the art and science of cryptography; you’ll learn how cryptography works and how it supports security. Chapter 4: Footprinting In this chapter, you’ll learn how to gain information from a target using both passive and active methods. Chapter 5: Scanning This chapter shows you how to gain information about the hosts and devices on a network as well as what the information means. Chapter 6: Enumeration In this chapter, you’ll learn how to probe the various services present on a given host and how to process the information to determine what it means and how to use it for later actions. Chapter 7: System Hacking This chapter shows you how to use the information gained from footprinting, scanning, and earlier examinations in order to break into or gain access to a system. Chapter 8: Malware This chapter covers the varieties of malware and how each can be created, used, or defended against. Chapter 9: Sniffers This chapter discusses using packet sniffers to gather information that is flowing across the network. You’ll learn how to dissect this information for immediate or later use. Chapter 10: Social Engineering This chapter covers how to manipulate human beings in order to gain sensitive information. Chapter 11: Denial of Service This chapter includes an analysis of attacks that are designed to temporarily or permanently shut down a target. Chapter 12: Session Hijacking This chapter covers how to disrupt communications as well as take over legitimate sessions between two parties. Chapter 13: Web Servers and Applications This chapter explains how to break into and examine web servers and applications as well as the various methods of attack. Chapter 14: SQL Injection In this chapter, you’ll learn how to attack databases and data stores using SQL injection to alter, intercept, view, or destroy information. Chapter 15: Hacking Wi-Fi and Bluetooth In this chapter, you’ll learn how to target, analyze, disrupt, and shut down wireless networks either temporarily or permanently. Chapter 16: Mobile Device Security In this chapter, you’ll learn how to target, analyze, and work with mobile devices. Chapter 17: Evasion This chapter covers how to deal with the common protective measures that a system administrator may put into place; these measures include intrusion detection systems (IDSs), firewalls, and honeypots. Chapter 18: Cloud Technologies and Security In this chapter, you’ll learn how to integrate and secure cloud technologies. Chapter 19: Physical Security This chapter deals with the aspects of physical security and how to protect assets from being stolen, lost, or otherwise compromised. Appendix A: Answers to Review Questions In this appendix, you can find all the answers to the review questions throughout the book. Appendix B: Penetration Testing Frameworks In this appendix, you will explore an alternative penetration testing framework. Appendix C: Building a Lab In this appendix, you’ll learn how to build a lab to test and experiment with your penetration testing skills. Tips for Taking the CEH Exam Here are some general tips for taking your exam successfully: Bring two forms of ID with you. One must be a photo ID, such as a driver’s license. The other can be a major credit card or a passport. Both forms must include a signature. Arrive early at the exam center so that you can relax and review your study materials, particularly tables and lists of exam-related information. When you are ready to enter the testing room, you will need to leave everything outside; you won’t be able to bring any materials into the testing area. Read the questions carefully. Don’t be tempted to jump to an early conclusion. Make sure that you know exactly what each question is asking. Don’t leave any unanswered questions. Unanswered questions are scored against you. There will be questions with multiple correct responses. When there is more than one correct answer, a message at the bottom of the screen will prompt you either to “Choose two” or “Choose all that apply.” Be sure to read the messages displayed to know how many correct answers you must choose. When answering multiple-choice questions about which you’re unsure, use a process of elimination to get rid of the obviously incorrect answers first. Doing so will improve your odds if you need to make an educated guess. On form-based tests (nonadaptive), because the hard questions will take the most time, save them for last. You can move forward and backward through the exam. For the latest pricing on the exams and updates to the registration procedures, visit the EC-Council’s website at www.eccouncil.org/certification. What’s Included in the Book I’ve included several testing features in this book and on the online test bank for the book at sybextestbanks.wiley.com. These tools will help you retain vital exam content as well as prepare you to sit for the actual exam: Assessment Test At the end of this introduction is an assessment test that you can use to check your readiness for the exam. Take this test before you start reading the book; it will help you determine the areas in which you might need to brush up. The answers to the assessment test questions appear on a separate page after the last question of the test. Objective Map and Opening List of Objectives In the book’s front matter, I have included a detailed exam objective map showing you where each of the exam objectives is covered in this book. In addition, each chapter opens with a list of the exam objectives it covers. Use these to see exactly where each of the exam topics is covered. Exam Essentials Each chapter, just before the summary, includes a number of exam essentials. These are the key topics you should take from the chapter in terms of areas to focus on when preparing for the exam. Chapter Review Questions To test your knowledge as you progress through the book, there are review questions at the end of each chapter. As you finish each chapter, answer the review questions and then check your answers. The correct answers and explanations are in Appendix A. You can go back to reread the section that deals with each question you got wrong to ensure that you answer correctly the next time you’re tested on the material. Interactive Online Learning Environment and Test Bank I’ve included a number of additional study tools that can be found on the book’s online test bank at sybextestbanks.wiley.com. All of these electronic study aids will run in your browser and you should work through them as you study for the test: Sybex Test Engine The main site for the online study aids is sybextestbanks.wiley.com. After registration, you’ll get access to the Sybex Test Engine. In addition to taking the assessment test and the chapter review questions via the electronic test engine, you’ll find practice exams. Take these practice exams just as if you were taking the actual exam (without any reference material). When you’ve finished the first exam, move on to the next one to solidify your test-taking skills. If you get more than 90 percent of the answers correct, you’re ready to take the certification exam.