Title Page Page: iii
Copyright Page: iv
Acknowledgments Page: vi
About the Author Page: vii
Contents at a Glance Page: ix
Contents Page: xi
Introduction Page: xxi
Assessment Test Page: xxxii
Chapter 1 Introduction to Ethical Hacking Page: 1
Hacking: the Evolution Page: 3
The Early Days of Hacking Page: 3
Current Developments Page: 4
Hacking: Fun or Criminal Activity? Page: 5
The Evolution and Growth of Hacking Page: 7
So, What Is an Ethical Hacker? Page: 9
What Are Your Responsibilities? Page: 9
Code of Conduct and Ethics Page: 11
Ethical Hacking and Penetration Testing Page: 12
Hacking Methodologies Page: 17
Vulnerability Research and Tools Page: 21
What Is Incident Response? Page: 21
Business Continuity Plan Page: 26
Ethics and the Law Page: 33
Summary Page: 34
Exam Essentials Page: 35
Review Questions Page: 36
Chapter 2 System Fundamentals Page: 39
Exploring Network Topologies Page: 40
Working with the Open Systems Interconnection Model Page: 44
Dissecting the TCP/IP Suite Page: 47
IP Subnetting Page: 49
Hexadecimal vs. Binary Page: 49
Exploring TCP/IP Ports Page: 50
Domain Name System Page: 53
Understanding Network Devices Page: 53
Routers and Switches Page: 53
Working with MAC Addresses Page: 55
Proxies and Firewalls Page: 56
Intrusion Prevention and Intrusion Detection Systems Page: 57
Network Security Page: 58
Knowing Operating Systems Page: 60
Microsoft Windows Page: 60
Mac OS Page: 61
Android Page: 62
Linux Page: 62
Backups and Archiving Page: 63
Summary Page: 64
Exam Essentials Page: 65
Review Questions Page: 66
Chapter 3 Cryptography Page: 71
Cryptography: Early Applications and Examples Page: 73
History of Cryptography Page: 73
Tracing the Evolution Page: 75
Cryptography in Action Page: 76
So How Does It Work? Page: 77
Symmetric Cryptography Page: 77
Asymmetric, or Public Key, Cryptography Page: 80
Understanding Hashing Page: 86
Issues with Cryptography Page: 88
Applications of Cryptography Page: 89
IPsec Page: 90
Pretty Good Privacy Page: 92
Secure Sockets Layer Page: 93
Summary Page: 94
Exam Essentials Page: 94
Review Questions Page: 95
Chapter 4 Footprinting Page: 99
Understanding the Steps of Ethical Hacking Page: 100
Phase 1: Footprinting Page: 100
Phase 2: Scanning Page: 101
Phase 3: Enumeration Page: 101
Phase 4: System Hacking Page: 102
What Is Footprinting? Page: 102
Why Perform Footprinting? Page: 103
Goals of the Footprinting Process Page: 103
Terminology in Footprinting Page: 106
Open Source and Passive Information Gathering Page: 106
Passive Information Gathering Page: 106
Pseudonymous Footprinting Page: 106
Internet Footprinting Page: 107
Threats Introduced by Footprinting Page: 107
The Footprinting Process Page: 108
Using Search Engines Page: 108
Google Hacking Page: 108
Public and Restricted Websites Page: 111
Location and Geography Page: 112
Social Networking and Information Gathering Page: 113
Financial Services and Information Gathering Page: 116
The Value of Job Sites Page: 116
Working with Email Page: 117
Competitive Analysis Page: 118
Gaining Network Information Page: 119
Social Engineering: the Art of Hacking Humans Page: 120
Summary Page: 121
Exam Essentials Page: 121
Review Questions Page: 123
Chapter 5 Scanning Page: 127
What Is Scanning? Page: 128
Types of Scans Page: 129
Checking for Live Systems Page: 130
Wardialing Page: 131
Using Ping Page: 133
Hping3: the Heavy Artillery Page: 134
Checking the Status of Ports Page: 135
The Family Tree of Scans Page: 138
Full-Open Scan Page: 138
Stealth or Half-Open Scan Page: 138
Xmas Tree Scan Page: 139
FIN Scan Page: 140
NULL Scan Page: 141
Idle Scanning Page: 142
ACK Scanning Page: 143
UDP Scanning Page: 144
OS Fingerprinting Page: 145
Active Fingerprinting with Nmap Page: 146
Passive Fingerprinting an OS Page: 147
Banner Grabbing Page: 149
Countermeasures Page: 151
Vulnerability Scanning Page: 151
Mapping the Network Page: 152
Using Proxies Page: 153
Setting a Web Browser to Use a Proxy Page: 154
Summary Page: 155
Exam Essentials Page: 155
Review Questions Page: 156
Chapter 6 Enumeration Page: 159
A Quick Review Page: 160
Footprinting Page: 160
Scanning Page: 161
What Is Enumeration? Page: 161
About Windows Enumeration Page: 163
Users Page: 163
Groups Page: 164
Security Identifiers Page: 166
Linux Basic Page: 168
Users Page: 168
Services and Ports of Interest Page: 169
Commonly Exploited Services Page: 170
NULL Sessions Page: 173
SuperScan Page: 174
DNS Zone Transfers Page: 174
The PsTools Suite Page: 177
Using finger Page: 178
Enumeration with SNMP Page: 178
Management Information Base Page: 179
SNScan Page: 180
Unix and Linux Enumeration Page: 180
finger Page: 180
rpcinfo Page: 181
showmount Page: 181
enum4linux Page: 181
LDAP and Directory Service Enumeration Page: 182
JXplorer Page: 183
Preventing LDAP Enumeration Page: 183
Enumeration Using NTP Page: 184
SMTP Enumeration Page: 184
Using VRFY Page: 185
Using EXPN Page: 185
Using RCPT TO Page: 186
SMTP Relay Page: 186
Summary Page: 187
Exam Essentials Page: 187
Review Questions Page: 189
Chapter 7 System Hacking Page: 193
Up to This Point Page: 194
Footprinting Page: 194
Scanning Page: 195
Enumeration Page: 195
System Hacking Page: 196
Password Cracking Page: 196
Authentication on Microsoft Platforms Page: 209
Executing Applications Page: 213
Covering Your Tracks Page: 215
Summary Page: 217
Exam Essentials Page: 218
Review Questions Page: 219
Chapter 8 Malware Page: 223
Malware Page: 224
Malware and the Law Page: 226
Categories of Malware Page: 227
Viruses Page: 228
Worms Page: 234
Spyware Page: 236
Adware Page: 237
Scareware Page: 237
Ransomware Page: 238
Trojans Page: 238
Overt and Covert Channels Page: 247
Summary Page: 249
Exam Essentials Page: 250
Review Questions Page: 251
Chapter 9 Sniffers Page: 255
Understanding Sniffers Page: 256
Using a Sniffer Page: 259
Sniffing Tools Page: 259
Wireshark Page: 260
Tcpdump Page: 264
Reading Sniffer Output Page: 266
Switched Network Sniffing Page: 270
MAC Flooding Page: 270
ARP Poisoning Page: 271
MAC Spoofing Page: 272
Port Mirror or SPAN Port Page: 272
On the Defensive Page: 273
Mitigating MAC Flooding Page: 274
Detecting Sniffing Attacks Page: 275
Summary Page: 275
Exam Essentials Page: 276
Review Questions Page: 277
Chapter 10 Social Engineering Page: 281
What Is Social Engineering? Page: 282
Why Does Social Engineering Work? Page: 283
The Power of Social Engineering Page: 284
Social-Engineering Phases Page: 285
What Is the Impact of Social Engineering? Page: 285
Common Targets of Social Engineering Page: 286
Social Networking to Gather Information? Page: 287
Networking Page: 289
Countermeasures for Social Networking Page: 291
Commonly Employed Threats Page: 293
Identity Theft Page: 296
Protective Measures Page: 297
Know What Information Is Available Page: 298
Summary Page: 298
Exam Essentials Page: 299
Review Questions Page: 300
Chapter 11 Denial of Service Page: 305
Understanding DoS Page: 306
DoS Targets Page: 308
Types of Attacks Page: 308
Buffer Overflow Page: 314
Understanding DDoS Page: 317
DDoS Attacks Page: 318
DoS Tools Page: 319
DDoS Tools Page: 320
DoS Defensive Strategies Page: 323
Botnet-Specific Defenses Page: 323
DoS Pen-Testing Considerations Page: 324
Summary Page: 324
Exam Essentials Page: 324
Review Questions Page: 326
Chapter 12 Session Hijacking Page: 331
Understanding Session Hijacking Page: 332
Spoofing vs. Hijacking Page: 334
Active and Passive Attacks Page: 335
Session Hijacking and Web Apps Page: 336
Types of Application-Level Session Hijacking Page: 337
A Few Key Concepts Page: 341
Network Session Hijacking Page: 344
Exploring Defensive Strategies Page: 352
Summary Page: 353
Exam Essentials Page: 353
Review Questions Page: 355
Chapter 13 Web Servers and Applications Page: 359
Exploring the Client-Server Relationship Page: 360
Looking Closely at Web Servers Page: 361
Web Applications Page: 363
The Client and the Server Page: 364
A Look at the Cloud Page: 365
Closer Inspection of a Web Application Page: 366
Vulnerabilities of Web Servers and Applications Page: 369
Common Flaws and Attack Methods Page: 375
Testing Web Applications Page: 383
Summary Page: 384
Exam Essentials Page: 384
Review Questions Page: 385
Chapter 14 SQL Injection Page: 389
Introducing SQL Injection Page: 390
Results of SQL Injection Page: 392
The Anatomy of a Web Application Page: 393
Databases and Their Vulnerabilities Page: 394
Anatomy of a SQL Injection Attack Page: 396
Altering Data with a SQL Injection Attack Page: 399
Injecting Blind Page: 401
Information Gathering Page: 402
Evading Detection Mechanisms Page: 403
SQL Injection Countermeasures Page: 404
Summary Page: 405
Exam Essentials Page: 405
Review Questions Page: 406
Chapter 15 Hacking Wi-Fi and Bluetooth Page: 409
What Is a Wireless Network? Page: 410
Wi-Fi: an Overview Page: 410
The Fine Print Page: 411
Wireless Vocabulary Page: 414
A Close Examination of Threats Page: 425
Ways to Locate Wireless Networks Page: 429
Choosing the Right Wireless Card Page: 430
Hacking Bluetooth Page: 431
Summary Page: 433
Exam Essentials Page: 434
Review Questions Page: 435
Chapter 16 Mobile Device Security Page: 439
Mobile OS Models and Architectures Page: 440
Goals of Mobile Security Page: 441
Device Security Models Page: 442
Google Android OS Page: 443
Apple iOS Page: 446
Common Problems with Mobile Devices Page: 447
Penetration Testing Mobile Devices Page: 449
Penetration Testing Using Android Page: 450
Countermeasures Page: 454
Summary Page: 455
Exam Essentials Page: 456
Review Questions Page: 457
Chapter 17 Evasion Page: 461
Honeypots, IDSs, and Firewalls Page: 462
The Role of Intrusion Detection Systems Page: 462
Firewalls Page: 467
What’s That Firewall Running? Page: 470
Honeypots Page: 473
Run Silent, Run Deep: Evasion Techniques Page: 475
Evading Firewalls Page: 477
Summary Page: 480
Exam Essentials Page: 481
Review Questions Page: 482
Chapter 18 Cloud Technologies and Security Page: 485
What Is the Cloud? Page: 486
Types of Cloud Solutions Page: 487
Forms of Cloud Services Page: 488
Threats to Cloud Security Page: 489
Cloud Computing Attacks Page: 491
Controls for Cloud Security Page: 494
Testing Security in the Cloud Page: 495
Summary Page: 496
Exam Essentials Page: 497
Review Questions Page: 498
Chapter 19 Physical Security Page: 501
Introducing Physical Security Page: 502
Simple Controls Page: 503
Dealing with Mobile Device Issues Page: 505
Data Storage Security Page: 506
Securing the Physical Area Page: 510
Entryways Page: 517
Server Rooms and Networks Page: 518
Other Items to Consider Page: 519
Education and Awareness Page: 519
Defense in Depth Page: 519
Summary Page: 520
Exam Essentials Page: 521
Review Questions Page: 522
Appendix A Answers to Review Questions Page: 525
Chapter 1: Introduction to Ethical Hacking Page: 526
Chapter 2: System Fundamentals Page: 527
Chapter 3: Cryptography Page: 528
Chapter 4: Footprinting Page: 529
Chapter 5: Scanning Page: 530
Chapter 6: Enumeration Page: 532
Chapter 7: System Hacking Page: 532
Chapter 8: Malware Page: 533
Chapter 9: Sniffers Page: 534
Chapter 10: Social Engineering Page: 536
Chapter 11: Denial of Service Page: 537
Chapter 12: Session Hijacking Page: 539
Chapter 13: Web Servers and Applications Page: 540
Chapter 14: SQL Injection Page: 541
Chapter 15: Hacking Wi-Fi and Bluetooth Page: 542
Chapter 16: Mobile Device Security Page: 544
Chapter 17: Evasion Page: 544
Chapter 18: Cloud Technologies and Security Page: 546
Chapter 19: Physical Security Page: 547
Appendix B Penetration Testing Frameworks Page: 549
Overview of Alternative Methods Page: 550
Penetration Testing Execution Standard Page: 552
Working with PTES Page: 553
Pre-Engagement Interactions Page: 553
Contents of a Contract Page: 555
Gaining Permission Page: 556
Intelligence Gathering Page: 557
Threat Modeling Page: 558
Vulnerability Analysis Page: 559
Exploitation Page: 560
Post-Exploitation Page: 560
Reporting Page: 562
Mopping Up Page: 563
Summary Page: 563
Appendix C Building a Lab Page: 565
Why Build a Lab? Page: 566
The Build Process Page: 566
What You Will Need Page: 567
Creating a Test Setup Page: 568
Virtualization Software Options Page: 569
The Installation Process Page: 569
Installing a Virtualized Operating System Page: 570
Installing Tools Page: 570
Summary Page: 574
Index Page: 575
Advert Page: 608
EULA Page: a1
The ultimate preparation guide for the unique CEH exam. The CEH v9: Certified Ethical Hacker Version 9 Study Guide is your ideal companion for CEH v9 exam preparation. This comprehensive, in-depth review of CEH certification requirements is designed to help you internalize critical information using concise, to-the-point explanations and an easy-to-follow approach to the material. Covering all sections of the exam, the discussion highlights essential topics like intrusion detection, DDoS attacks, buffer overflows, and malware creation in detail, and puts the concepts into the context of real-world scenarios. Each chapter is mapped to the corresponding exam objective for easy reference, and the Exam Essentials feature helps you identify areas in need of further study. You also get access to online study tools including chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key terms to help you ensure full mastery of the exam material.
The Certified Ethical Hacker is one-of-a-kind in the cybersecurity sphere, allowing you to delve into the mind of a hacker for a unique perspective into penetration testing. This guide is your ideal exam preparation resource, with specific coverage of all CEH objectives and plenty of practice material.
- Review all CEH v9 topics systematically
- Reinforce critical skills with hands-on exercises
- Learn how concepts apply in real-world scenarios
- Identify key proficiencies prior to the exam
The CEH certification puts you in professional demand, and satisfies the Department of Defense's 8570 Directive for all Information Assurance government positions. Not only is it a highly-regarded credential, but it's also an expensive exam—making the stakes even higher on exam day. The CEH v9: Certified Ethical Hacker Version 9 Study Guide gives you the intense preparation you need to pass with flying colors.
