Name: Ethical Hacker's Certification Guide (CEHv11)
Price: 19.95 USD
ISBN: 9789391392161

BPB Online LLP

Mohd Sohaib

Ethical Hacker's Certification Guide (CEHv11)

US$ 19.95

Buy eBook Now Gift eBook

The publisher has enabled DRM protection, which means that you need to use the BookFusion iOS, Android or Web app to read this eBook. This eBook cannot be used outside of the BookFusion platform.

Description

Contents

Reviews

Dive into the world of securing digital networks, cloud, IoT, mobile infrastructure, and much more.

Key Features
● Courseware and practice papers with solutions for C.E.H. v11.
● Includes hacking tools, social engineering techniques, and live exercises.
● Add on coverage on Web apps, IoT, cloud, and mobile Penetration testing.

Description
The 'Certified Ethical Hacker's Guide' summarises all the ethical hacking and penetration testing fundamentals you'll need to get started professionally in the digital security landscape. The readers will be able to approach the objectives globally, and the knowledge will enable them to analyze and structure the hacks and their findings in a better way.

The book begins by making you ready for the journey of a seasonal, ethical hacker. You will get introduced to very specific topics such as reconnaissance, social engineering, network intrusion, mobile and cloud hacking, and so on. Throughout the book, you will find many practical scenarios and get hands-on experience using tools such as Nmap, BurpSuite, OWASP ZAP, etc. Methodologies like brute-forcing, wardriving, evil twining, etc. are explored in detail. You will also gain a stronghold on theoretical concepts such as hashing, network protocols, architecture, and data encryption in real-world environments.

In the end, the evergreen bug bounty programs and traditional career paths for safety professionals will be discussed. The reader will also have practical tasks and self-assessment exercises to plan further paths of learning and certification.

What you will learn
● Learn methodologies, tools, and techniques of penetration testing and ethical hacking.
● Expert-led practical demonstration of tools and tricks like nmap, BurpSuite, and OWASP ZAP.
● Learn how to perform brute forcing, wardriving, and evil twinning.
● Learn to gain and maintain access to remote systems.
● Prepare detailed tests and execution plans for VAPT (vulnerability assessment and penetration testing) scenarios.

Who this book is for
This book is intended for prospective and seasonal cybersecurity lovers who want to master cybersecurity and ethical hacking. It also assists software engineers, quality analysts, and penetration testing companies who want to keep up with changing cyber risks.

Table of Contents
1. Cyber Security, Ethical Hacking, and Penetration Testing
2. CEH v11 Prerequisites and Syllabus
3. Self-Assessment
4. Reconnaissance
5. Social Engineering
6. Scanning Networks
7. Enumeration
8. Vulnerability Assessment
9. System Hacking
10. Session Hijacking
11. Web Server Hacking
12. Web Application Hacking
13. Hacking Wireless Networks
14. Hacking Mobile Platforms
15. Hacking Clout, IoT, and OT Platforms
16. Cryptography
17. Evading Security Measures
18. Practical Exercises on Penetration Testing and Malware Attacks
19. Roadmap for a Security Professional
20. Digital Compliances and Cyber Laws
21. Self-Assessment-1
22. Self-Assessment-2

Language

English

ISBN

9789391392161

web and mobile security

cloud and iot security

white hat tools and technologies

session attacks

Cover Page

Title Page

Dedication Page

About the Author

About the Reviewer

Acknowledgement

Preface

Errata

Table of Contents

1. Cyber Security, Ethical Hacking, and Penetration Testing

Introduction

Structure

Objectives

The Ten Thousand Feet View

Cyber Security

Free comic strip subscription service

Electronic health record service

Ethical Hacking

Phases of a Hack

Penetration testing

Conclusion

2. CEH v11 Prerequisites and Syllabus

Introduction

Structure

Objectives

Certified Ethical Hacker

Version 10 & 11

Prerequisites

Modes of study and examination

Option 1: ECC Exam voucher

Option 2: VUE Exam voucher

Conclusion

3. Self-Assessment

Introduction

Structure

Objectives

SECTION 'A'

Information Security and Penetration Testing

SECTION 'B'

EC-Council CEH

Answers

Conclusion

4. Reconnaissance

Introduction

Structure

Objectives

Understanding Reconnaissance

Financial Information

Technology Stack

Workforce and Clientele

Operating Environment

Network Configurations

Web content

Conclusion

Test Your Understanding

Answers

5. Social Engineering

Introduction

Structure

Objectives

Social Engineering: The Bookie Story

Social Engineering Methodology

Social Engineering Techniques

Tools of Social Engineering

Social Engineering Countermeasures

Conclusion

Test Your Understanding

Answers

6. Scanning Networks

Introduction

Structure

Objectives

Anatomy of a Computer Network

Live Host Discovery

Port Scan and Service Discovery

TCP Scan

UDP Scan

Banner Grabbing

Network Mapping

Conclusion

Test Your Understanding

Answers

7. Enumeration

Introduction

Structure

Objectives

Enumeration as a successor to network scan

NetBIOS enumeration

SNMP Enumeration

LDAP enumeration

NTP enumeration

NTP enumeration commands

SMTP enumeration

DNS enumeration

Conclusion

Test Your Understanding

Answers

8. Vulnerability Assessment

Introduction

Structure

Objectives

Process Overview

Residual Risk

DevSecOps

Conclusion

Test Your Understanding

Answers

9. System Hacking

Introduction

Structure

Objectives

System hacking stages

Password cracking

Password storage in modern systems

Security Account Manager (SAM)

NTLM Authentication

Kerberos authentication

Rainbow tables

Backdoor Entry – Trojans

Password cracking defense checklist

Privilege escalation

Horizontal privilege escalation

Vertical privilege escalation

DLL hijacking

Executing application

Remote execution tools

Hiding files and covering tracks

Conclusion

Test Your Understanding

Answers

10. Session Hijacking

Introduction

Structure

Objectives

TCP and Web sessions

Network-level session hijacking

TCP session hijacking

UDP hijacking

Application-level session hijacking

Countermeasures to session hijacking

Conclusion

Test Your Understanding

Answers

11. Web Server Hacking

Introduction

Structure

Objectives

Web server

Tools for web server hacking

Conclusion

Test Your Understanding

Answers

12. Web Application Hacking

Introduction

Structure

Objectives

Tools used in web application hacking

Conclusion

Test Your Understanding

Answers

13. Hacking Wireless Networks

Introduction

Structure

Objectives

The wireless connectivity

Wireless standards

802.11a

802.11b

802.11g

IEEE 802.11ac (Wi-Fi)

802.16 (WiMAX)

Bluetooth

Wired Equivalent Privacy (WEP)

Wi-Fi Protected Access (WPA)

WPA2

WPA3

Wireless Hacking Methodology

Wireless network discovery

Wireless network mapping

Wireless network analysis

Wireless network attacks

Deauthentication attack

WPA Handshake Capture

Man-in-the-Middle Attack (MITM)

Wireless Honeypots

Conclusion

Test Your Understanding

Answers

14. Hacking Mobile Platforms

Introduction

Structure

Objectives

Mobile platform landscape

Attack vectors in mobile platforms

Android OS architecture

iOS architecture

Jailbreaking/Rooting mobile devices

Mobile application repackaging

Mobile device management

Mobile spyware and privacy concerns

Security guidelines for mobile devices and platforms

Conclusion

Test Your Understanding

Answers

15. Hacking Cloud, IoT, and OT Platforms

Introduction

Structure

Objectives

Cloud Computing

Cloud Infrastructure

Cloud Deployment Models

Virtualization

Containers

NIST Cloud Computing Reference Architecture

Cloud computing threats

Cloud attack vectors

Internet of Things (IoT)

IoT Architecture

IoT communication models

Threats to IoT Networks

IoT attack vectors

Operational Technologies (OT) and Industrial Internet of Things (IIoT)

OT and IIoT attack vectors

Cloud, IoT, and OT hacking tools

Conclusion

Test Your Understanding

Answers

16. Cryptography

Introduction

Structure

Objectives

Cryptographic primitives

Cryptanalysis tools

Conclusion

Multiple Choice Questions

Answers

17. Evading Security Measures

Introduction

Structure

Objectives

Security of an information system

Threat Modelling

Intrusion Detection System (IDS)

Intrusion Prevention System (IPS)

Evading security measures

Detection by Association

Conclusion

Test Your Understanding

Answers

18. Practical Exercises on Penetration Testing and Malware Attacks

Structure

Objectives

Exercise 1

Solution

Exercise 2

Solution

Exercise 3

Solution

Exercise 4

Solution

Exercise 5

Solution

Exercise 6

Solution

Exercise 7

Solution

Exercise 8

Solution

Exercise 9

Solution

Exercise 10

Solution

Exercise 11

Solution

Exercise 12

Solution

Exercise 13

Solution

Conclusion

19. Roadmap for a Security Professional

Introduction

Structure

Objectives

Cybersecurity Landscape

Network Security

Cyber Forensics

Penetration Testing

Cyber Auditing

Software Professional

Conclusion

20. Digital Compliances and Cyber Laws

Introduction

Structure

Objectives

Need for Compliances and Cyber Laws

The privacy debate

Activity

Conclusion

21. Self-Assessment 1

Objective

Instructions

Assessment

Answers

22. Self-Assessment 2

Objective

Instructions

Assessment

Answers

Index

The book hasn't received reviews yet.