The latest version of the official study guide for the in-demand CEH certification, now with 750 Practice Test Questions

Information security and personal privacy remains a growing concern for businesses in every sector. And even as the number of certifications increases, the Certified Ethical Hacker, Version 12 (CEH v12) maintains its place as one of the most sought-after and in-demand credentials in the industry.

In CEH v12 Certified Ethical Hacker Study Guide with 750 Practice Test Questions, you’ll find a comprehensive overview of the CEH certification requirements. Concise and easy-to-follow instructions are combined with intuitive organization that allows you to learn each exam objective in your own time and at your own pace. The Study Guide now contains more end of chapter review questions and more online practice tests. This combines the value from the previous two-book set including a practice test book into a more valuable Study Guide.

The book offers thorough and robust coverage of every relevant topic, as well as challenging chapter review questions, even more end of chapter review questions to validate your knowledge, and Exam Essentials, a key feature that identifies important areas for study. There are also twice as many online practice tests included. You’ll learn about common attack practices, like reconnaissance and scanning, intrusion detection, DoS attacks, buffer overflows, wireless attacks, mobile attacks, Internet of Things vulnerabilities, and more. It also provides:

Practical, hands-on exercises that reinforce vital, real-world job skills and exam competencies
Essential guidance for a certification that meets the requirements of the Department of Defense 8570 Directive for Information Assurance positions
Complimentary access to the Sybex online learning center, complete with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms

The CEH v12 Certified Ethical Hacker Study Guide with 750 Practice Test Questions is your go-to official resource to prep for the challenging CEH v12 exam and a new career in information security and privacy.

ABOUT THE AUTHOR

RIC MESSIER, CEH, GCIH, GSEC, CISSP, CCSP, is a consultant, educator, and author of numerous books on information security and digital forensics. With decades of experience in information technology and information security, Ric has held the varied roles of programmer, system administrator, network engineer, security engineering manager, VoIP engineer, consultant, and professor and he is currently a Principal Consultant with Mandiant.

Introduction xvii

Assessment Test xxv

Chapter 1 Ethical Hacking 1

Overview of Ethics 2

Overview of Ethical Hacking 5

Attack Modeling 6

Cyber Kill Chain 7

Attack Lifecycle 8

MITRE ATT&CK Framework 10

Methodology of Ethical Hacking 12

Reconnaissance and Footprinting 12

Scanning and Enumeration 12

Gaining Access 13

Maintaining Access 14

Covering Tracks 14

Summary 15

Chapter 2 Networking Foundations 17

Communications Models 19

Open Systems Interconnection 20

TCP/IP Architecture 23

Topologies 24

Bus Network 24

Star Network 25

Ring Network 26

Mesh Network 27

Hybrid 28

Physical Networking 29

Addressing 29

Switching 30

IP 31

Headers 32

Addressing 34

Subnets 35

TCP 37

UDP 40

Internet Control Message Protocol 41

Network Architectures 42

Network Types 43

Isolation 44

Remote Access 45

Cloud Computing 46

Storage as a Service 47

Infrastructure as a Service 48

Platform as a Service 49

Software as a Service 51

Internet of Things 53

Summary 54

Review Questions 56

Chapter 3 Security Foundations 59

The Triad 61

Confidentiality 61

Integrity 63

Availability 64

Parkerian Hexad 65

Information Assurance and Risk 66

Policies, Standards, and Procedures 69

Security Policies 69

Security Standards 70

Procedures 71

Guidelines 72

Organizing Your Protections 72

Security Technology 75

Firewalls 76

Intrusion Detection Systems 80

Intrusion Prevention Systems 83

Endpoint Detection and Response 84

Security Information and Event Management 86

Being Prepared 87

Defense in Depth 87

Defense in Breadth 89

Defensible Network Architecture 90

Logging 91

Auditing 93

Summary 95

Review Questions 96

Chapter 4 Footprinting and Reconnaissance 101

Open Source Intelligence 103

Companies 103

People 112

Social Networking 115

Domain Name System 129

Name Lookups 130

Zone Transfers 136

Passive DNS 138

Passive Reconnaissance 142

Website Intelligence 145

Technology Intelligence 150

Google Hacking 150

Internet of Things (IoT) 152

Summary 154

Review Questions 157

Chapter 5 Scanning Networks 161

Ping Sweeps 163

Using fping 163

Using MegaPing 165

Port Scanning 167

nmap 168

masscan 184

MegaPing 186

Metasploit 188

Vulnerability Scanning 190

OpenVAS 192

Nessus 203

Looking for Vulnerabilities with Metasploit 209

Packet Crafting and Manipulation 210

hping 211

packETH 214

fragroute 217

Evasion Techniques 218

Evasion with nmap 221

Protecting and Detecting 223

Summary 224

Review Questions 226

Chapter 6 Enumeration 231

Service Enumeration 233

Countermeasures 236

Remote Procedure Calls 236

SunRPC 237

Remote Method Invocation 239

Server Message Block 242

Built- in Utilities 243

nmap Scripts 247

NetBIOS Enumerator 249

Metasploit 250

Other Utilities 254

Countermeasures 257

Simple Network Management Protocol 258

Countermeasures 259

Simple Mail Transfer Protocol 260

Countermeasures 263

Web- Based Enumeration 264

Countermeasures 271

Summary 272

Review Questions 274

Chapter 7 System Hacking 279

Searching for Exploits 281

System Compromise 285

Metasploit Modules 286

Exploit- DB 290

Gathering Passwords 292

Password Cracking 295

John the Ripper 296

Rainbow Tables 298

Kerberoasting 300

Client- Side Vulnerabilities 305

Living Off the Land 307

Fuzzing 308

Post Exploitation 313

Evasion 313

Privilege Escalation 314

Pivoting 319

Persistence 322

Covering Tracks 326

Summary 332

Review Questions 334

Chapter 8 Malware 339

Malware Types 341

Virus 341

Worm 342

Trojan 344

Botnet 344

Ransomware 345

Dropper 347

Fileless Malware 348

Polymorphic Malware 348

Malware Analysis 349

Static Analysis 350

Dynamic Analysis 361

Automated Malware Analysis 370

Creating Malware 371

Writing Your Own 372

Using Metasploit 375

Obfuscating 381

Malware Infrastructure 382

Antivirus Solutions 384

Persistence 385

Summary 386

Review Questions 388

Chapter 9 Sniffing 393

Packet Capture 394

tcpdump 395

tshark 401

Wireshark 403

Berkeley Packet Filter 408

Port Mirroring/Spanning 410

Detecting Sniffers 410

Packet Analysis 412

Spoofing Attacks 417

ARP Spoofing 418

DNS Spoofing 422

DHCP Starvation Attack 424

sslstrip 425

Spoofing Detection 426

Summary 428

Review Questions 430

Chapter 10 Social Engineering 435

Social Engineering 436

Pretexting 438

Social Engineering Vectors 440

Identity Theft 441

Physical Social Engineering 442

Badge Access 442

Man Traps 444

Biometrics 445

Phone Calls 446

Baiting 447

Tailgating 448

Phishing Attacks 448

Contact Spamming 452

Quid Pro Quo 452

Social Engineering for Social Networking 453

Website Attacks 454

Cloning 454

Rogue Attacks 457

Wireless Social Engineering 458

Automating Social Engineering 461

Summary 464

Review Questions 466

Chapter 11 Wireless Security 471

Wi- Fi 472

Wi- Fi Network Types 474

Wi- Fi Authentication 477

Wi- Fi Encryption 478

Bring Your Own Device 483

Wi- Fi Attacks 484

Bluetooth 495

Scanning 496

Bluejacking 498

Bluesnarfing 498

Bluebugging 498

Bluedump 499

Bluesmack 499

Mobile Devices 499

Mobile Device Attacks 500

Summary 504

Review Questions 506

Chapter 12 Attack and Defense 511

Web Application Attacks 512

OWASP Top 10 Vulnerabilities 514

Web Application Protections 524

Denial- of- Service Attacks 526

Bandwidth Attacks 527

Slow Attacks 529

Legacy 531

Application Exploitation 531

Buffer Overflow 532

Heap Spraying 534

Application Protections and Evasions 535

Lateral Movement 536

Defense in Depth/Defense in Breadth 538

Defensible Network Architecture 540

Summary 542

Review Questions 544

Chapter 13 Cryptography 549

Basic Encryption 551

Substitution Ciphers 551

Diffie–Hellman 553

Symmetric Key Cryptography 555

Data Encryption Standard 555

Advanced Encryption Standard 556

Asymmetric Key Cryptography 558

Hybrid Cryptosystem 559

Nonrepudiation 559

Elliptic Curve Cryptography 560

Certificate Authorities and Key Management 562

Certificate Authority 562

Trusted Third Party 565

Self- Signed Certificates 566

Cryptographic Hashing 569

PGP and S/MIME 571

Disk and File Encryption 572

Summary 576

Review Questions 578

Chapter 14 Security Architecture and Design 581

Data Classification 582

Security Models 584

State Machine 584

Biba 585

Bell–LaPadula 586

Clark–Wilson Integrity Model 586

Application Architecture 587

n- tier Application Design 588

Service- Oriented Architecture 591

Cloud- Based Applications 593

Database Considerations 595

Security Architecture 598

Zero- Trust Model 602

Summary 604

Review Questions 606

Chapter 15 Cloud Computing and the Internet of Things 611

Cloud Computing Overview 612

Cloud Services 616

Shared Responsibility Model 621

Public vs. Private Cloud 623

Grid Computing 624

Cloud Architectures and Deployment 625

Responsive Design 629

Cloud- Native Design 629

Deployment 631

Dealing with REST 633

Common Cloud Threats 639

Access Management 639

Data Breach 641

Web Application Compromise 642

Credential Compromise 643

Insider Threat 645

Internet of Things 646

Fog Computing 651

Operational Technology 652

The Purdue Model 654

Summary 655

Review Questions 657

Appendix Answers to Review Questions 661

Chapter 2: Networking Foundations 662

Chapter 3: Security Foundations 663

Chapter 4: Footprinting and Reconnaissance 666

Chapter 5: Scanning Networks 669

Chapter 6: Enumeration 672

Chapter 7: System Hacking 675

Chapter 8: Malware 678

Chapter 9: Sniffing 681

Chapter 10: Social Engineering 683

Chapter 11: Wireless Security 686

Chapter 12: Attack and Defense 688

Chapter 13: Cryptography 691

Chapter 14: Security Architecture and Design 693

Chapter 15: Cloud Computing and the Internet of Things 695

Index 699

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rent More, Save More! Use code: ECRENTAL

Rent More, Save More! Use code: ECRENTAL

5% off 1 book, 7% off 2 books, 10% off 3+ books

CEH v12 Certified Ethical Hacker Study Guide with 750 Practice Test Questions

How To: Textbook Rental

Summary

Author Biography

Table of Contents

Supplemental Materials

Rewards Program