Download Certified Ethical Hacker (CEH) Foundation Guide PDF

TitleCertified Ethical Hacker (CEH) Foundation Guide
File Size12.2 MB
Total Pages207
Table of Contents
                            Contents at a Glance
Contents
About the Author
Acknowledgments
Introduction
Part I
	Chapter 1: Operating System Basics
		What Is an Operating System?
			What Is a Kernel?
			The Ring Architecture
			What Is a File System?
			What Are Device Drivers?
		Memory Management: Stack versus Heap
		Microsoft Windows
			Windows Authentication: Local versus Centralized
				Local Authentication
				Centralized Authentication
			The Windows Registry
				Backing Up and Restoring the Windows Registry
			The Windows Event Viewer
			Windows Services
			Windows Processes
			Windows Security Policies
			The Windows Firewall
			Cheat-Sheet to Windows Commands
		Linux
			Linux Directory Structure
			Passwords in Linux
			Linux Permissions in a Nutshell
			Processes
			Understanding the Linux Firewall (IP tables)
			TCP Wrappers
			Cheat-Sheet to Linux Commands
		Summary
		Do-It-Yourself (DIY) Exercises
		Test Your Knowledge: Sample Questions
	Chapter 2: Database Basics
		What Is a Database?
			Widely Used Database Software
			ACID Properties
		What Is SQL?
		Important Database Concepts
		Data Definition Language: CREATE, ALTER, RENAME, DROP, TRUNCATE
			CREATE
			ALTER
			DROP
			TRUNCATE
		Data Control Language: GRANT, REVOKE
			GRANT
			REVOKE
		Query and Clauses: SELECT, FROM, WHERE, GROUP BY, HAVING, ORDER BY, DISTINCT
			SELECT and FROM
			WHERE
			GROUP BY
			HAVING
			ORDER BY
			DISTINCT
		Data Manipulation: INSERT, UPDATE, DELETE
			INSERT
			UPDATE
			DELETE
		The Significance of Symbols in SQL
		Query Processing Internals
		Summary
		Do-It-Yourself (DIY) Exercises
		Sample Questions
	Chapter 3: Networking Basics
		The Open System Interconnection (OSI) Model
		The TCP/IP Model
		Comparing the OSI and TCP/IP Models
		TCP Vs UDP
		TCP Handshake and TCP Flags
		IP Addressing and Sockets
		Private IP and Public IP
		Port Numbers
		IP V6 Basics
		MAC Addresses
		Introduction to DNS
		DHCP: Dynamic Host Control Protocol
		ARP: Address Resolution Protocol
		Network Address Translation: NAT
		Access Control Lists: ACL
		VPN (Remote Access VPN, Site-to-Site VPN)
		Common Network and Network Security Devices
			Routers and Switches
			Firewall, IDS, and IPS
				Firewall
				Intrusion Detection System
				Intrusion Prevention System
		Summary
		Do-It-Yourself (DIY) Exercises
		Test Your Knowledge – Sample Questions
	Chapter 4: Programming Basics for Security Enthusiasts and Hackers
		Windows PowerShell
			The PowerShell Integrated Scripting Environment
				Logic Building
			For Loops
			Pipes
			File-Handling Functions
				Create a New File or Directory
				Delete a File or Directory
				Copy Files
				Check File Properties
			Web / Networking Functions
				Get IP Address of Current System
				List all WiFi Connections in Range
				Fetch a file from Remote URL
			Some Useful PowerShell Cmdlets
		Linux Shell Scripting
			Structural Basics of a Shell Script
			Creating Your First Shell Script
			Reading Input from the User
			Logic Building
				If Conditions
				FOR Loops
			Redirection
				Single Output Redirection
				Double Output Redirection (Append)
				Input Redirection
		Python
			Getting Started with Python
			Printing and Reading Input
			Lists
			Conditions: IF-ELSE
			FOR Loops
			Functions
				File Handling
			Libraries and Modules
		Summary
		Do-It-Yourself (DIY) Exercises
		Test Your Knowledge: Sample Questions
	Chapter 5: Virtualization and Cloud Basics
		What Is Virtualization?
		Hypervisors
			The Type 1 Hypervisor
			Type 2 Hypervisor
			Commonly Used Hypervisors
		Snapshots
		Common Security Issues with Virtual Machines
		Creating a New Virtual Machine with Oracle VirtualBox
		Software Containerization with Docker
		Cloud Computing
			Types of Cloud
			Cloud Service Offerings
			Benefits of Using the Cloud
			Cloud Security Considerations
		Summary
		Do-It-Yourself (DIY) Exercises
		Test Your Knowledge – Sample Questions
Part II
	Chapter 6: Information Security Basics
		Understanding the Basics: Confidentiality, Integrity and Availability
			Confidentiality
			Integrity
			Availability
		Common Challenges in Implementing Information Security Controls
		Authentication, Authorization, and Accounting (AAA)
			Authentication
			Authorization
			Accounting
		Information Security Terminology
			What Is Nonrepudiation?
			What Is a Vulnerability?
		What Is a Zero-Day Vulnerability/Exploit?
			What Is an Exploit?
			What Is a Risk?
			What Is a Threat?
			Putting It All together: Vulnerability, Risk, Threat, and Exploit
		Information Security Threats
			Natural Threats
			Physical Threats
			Human Threats
		Defense In Depth
		Types of Hackers
			Black Hats
			White Hats
			Gray Hats
			Suicide Hackers
			Script-Kiddies
			Spy Hackers
			Cyber Terrorists
			State-Sponsored Hackers
		What Is the Difference between Hacking and Ethical Hacking?
		Policy, Procedure, Guidelines, and Standards
		Incident Management
		Summary
		Do-It-Yourself Exercises
		Sample Questions: Test Your Knowledge
	Chapter 7: Penetration Testing
		Why Security Assessments Are Required
			Security Audits
			Vulnerability Assessments
			Penetration Testing
		Deciding What Should Be Tested
			External and Internal Testing
			Black Box Penetration Testing
			Gray-Box Penetration Testing
			White-Box Penetration Testing
			Announced Testing
			Unannounced Testing
			Automated Testing
			Manual Testing
		The Penetration Testing Lifecycle
			The Pre-Attack Phase
			The Attack Phase
			The Post-Attack Phase
		False Positives and False Negatives
		Summary
		Do-It-Yourself (DIY) Exercises
		Test Your Knowledge: Sample Questions
	Chapter 8: Information Gathering
		What is Footprinting?
		What is Enumeration?
		Summary
		Do-It-Yourself (DIY) Exercises
		Test Your Knowledge: Sample Questions
	Chapter 9: Hacking Basics
		Password-Cracking Techniques
		Keyloggers
		Trojans
			Types of Trojans
		Viruses
			Types of Viruses
		Computer Worms
		Rootkits
		Online Malware Analysis
		What Is Social Engineering?
		Privilege Escalation
		Denial of Service Attack
		Botnet
		Alternate Data Streams
		Steganography
		Covering Tracks
		Summary
		Test Your Knowledge: Sample Questions
	Chapter 10: Web Application Hacking
		How Web Applications Work
		Attack Vectors
		Web Application Flaws
		Web Application Hacking Methodology
		Hacking Web Servers
		Automated Scanning Tools
		Mitigations
		Summary
		Do-It-Yourself Exercises
		Test Your Knowledge: Sample Questions
	Chapter 11: Wireless Hacking
		Wireless Networking Primer
			Wireless Standards
		SSID
		Wi-Fi Authentication
		Searching for Wi-Fi Networks
			Common Wireless Threats
			Wireless Hacking Methodology
		Spectrum Analysis
		Bluetooth Hacking
			Bluetooth Pairing
			Common Bluetooth Threats
			Defending against Bluetooth Attacks
		Summary
		Do-It-Yourself (DIY) Exercises
		Test Your Knowledge: Sample Questions
	Chapter 12: Hacking Mobile Platforms
		Mobile Terminology
		Common Mobile Attack Vectors
		Overview of Android OS
		Components of Android Application
		Android Security Testing
			Manual Testing
			Automated Testing
		Jaibreaking iOS
		iOS Security Guidelines
		Mobile Device Management
		Summary
		Do-It-Yourself (DIY) Exercises
		Test Your Knowledge: Sample Questions
	Chapter 13: IDSes, Firewalls, and Honeypots
		What an IDS Is and How It Works
			Types of IDS
			Evading an IDS
			Common Symptoms of an Intrusion
		Firewalls
			DMZ
			Firewall Architecture
			Types of Firewall
			Firewall Identification Techniques
			Evading Firewalls
		Honeypots
			Types of Honeypots
			Detecting Honeypots
		Summary
		Do-It-Yourself Exercises
		Sample Questions: Test Your Knowledge
	Chapter 14: Cryptography
		Cryptography and Its Objectives
		Types of Cryptography
			Symmetric Encryption
			Asymmetric Encryption
			Key Escrow
			Types of Ciphers
		Cryptography Tools
		Message Digests
			Secure Shell (SSH)
		PKI
			Common PKI Terminology
		Components and Types of an SSL Certificate
			Testing an SSL Certificate
			Digital Signatures
			SSL and TLS
		Data That Can Be Encrypted
			Attacks on Cryptography and Cryptanalysis
		Summary
		Do-It-Yourself (DIY) Exercises
		Test Your Knowledge: Sample Questions
Appendix A: Career Tracks Available after CEH
	Certifications
		The Network Security Track
		The Forensics Track
		The Auditing Track
		The Security Testing Track
		The Information Security General Track
	The Next Steps
		Learning Programming Languages
		Bug Bounty
		Social Presence
		Speaking at Information Security Conferences
		Publishing Articles and Research Papers in Magazines
		Developing Tools
Appendix B: Interview Questions
Appendix C: Answers for Sample Questions
	Chapter 1- Operating Systems
	Chapter 2 - Database basics
	Chapter 3 - Networking Basics
	Chapter 4- Programming Basics
	Chapter 5- Virtualization and cloud basics
	Chapter 6- Information Security Basics
	Chapter 7 - Penetration Testing
	Chapter 8 - Information Gathering
	Chapter 9 - Hacking Basics
	Chapter 10 - Web Application Hacking
	Chapter 11 - Wireless Hacking
	Chapter 12 - Mobile hacking
	Chapter 13 - IDS and Honeypots
	Chapter 14 - Cryptography
Index
                        

Similer Documents