






































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Training Notes and review questions with answers.
Typology: Exercises
1 / 46
This page cannot be seen from the preview
Don't miss anything!
What's New in CEH V9?
This CEH course puts you in the driver’s seat of a handson environment with a systematic process. Here, you will be exposed to an entirely different way of achieving optimal information security posture in their organization; by hacking it! You will scan, test, hack and secure your own systems. You will be thought the five phases of CEH and thought how you can approach your target and succeed at breaking in every time! The five phases include Reconnaissance, Gaining Access, Enumeration, Maintaining Access, and covering your tracks.
The hacking tools and techniques in each of these five phases are provided in detail in an encyclopedic approach to help you identify when an attack has been used against your own targets. Why then is this training called the CEH Course? This is because by using the same techniques as the bad guys, you can assess the security posture of an organization with the same approach these malicious crackers use, identify weaknesses and fix the problems before they are identified by the enemy, causing what could potentially be a catastrophic damage to your respective organization. We live in an age where attacks are all susceptible and come from anyplace at any time and we never know how skilled, wellfunded, or persistent the threat will be. Throughout the CEH course, you will be immersed in a cracker's mindset, evaluating not just logical, but physical security. Exploring every possible point of entry to find the weakest link in an organization. From the end user, the secretary, the CEO, misconfigurations, vulnerable times during migrations even information left in the dumpster.
The CEH program is the core of the most desired information security training system any information security professional will ever want to be in. The CEH, is the first part of a 3 part EC Council Information Security Track which helps you master hacking technologies. You will become a cracker, but hopefully an ethical one! A very “ironical” statement indeed. As the security mindset in any organization must not be limited to the silos of a certain vendor, technologies or pieces of equipment, This course was designed to provide you with the tools and techniques used by crackers and information security professionals alike to break into an organization. As we put it, “To beat a cracker, you need to think like a cracker”. This course will immerse you into the cracker Mindset so that you will be able to defend against future attacks. It puts you in the driver’s seat of a handson environment with a systematic CEH process. Here, you will be exposed to an entirely different way of achieving optimal information security posture in their organization; by cracking it! You will scan, test, hack and secure your own systems. You will be thought the Five Phases of CEH and thought how you can approach your target and succeed at breaking in every time! The five phases include Reconnaissance, Gaining Access, Enumeration, Maintaining Access, and covering your tracks. The tools and techniques in each of these five phases are provided in detail in an encyclopedic approach to help you identify when an attack has been used against your own targets. Why should we learn cracking? This is because by using the same techniques as the bad guys, you can assess the security posture of an organization with the same approach these malicious crackers use, identify weaknesses and fix the problems before they are identified by the enemy, causing what
could potentially be a catastrophic damage to your respective organization. Throughout the CEH course, you will be immersed in a cracker's mindset, evaluating not just logical, but physical security. What is new in version 9 This is the worlds most advanced CEH course with 18 of the most current security domains any ethical cracker will ever want to know when they are planning to beef up the information security posture of their organization. In 18 comprehensive modules, the course covers 270 attack technologies, commonly used by crackers. Real Life Scenario Our security experts have designed over 140 labs which mimic real time scenarios in the course to help you “live” through an attack as if it were real and provide you with access to over 2200 commonly used hacking tools to immerse you into the cracker world.
Certified CEH FAQs
The CEH and Countermeasures course prepares candidates for the CEH exam offered by EC Council. The course focuses on hacking techniques and technology from an offensive perspective. The advanced security course is regularly updated to reflect latest developments in the domain, including new hacking techniques, exploits, automated programs as well as defensive recommendations as outlined by experts in the field. The CEH body of knowledge represents detailed contributions from security experts, academicians, industry practitioners and the security community at large. What is "Cracking techniques and technology"? Cracking techniques represent ways and means by which computer programs can be made to behave in ways they are not meant to. These techniques extend beyond the technology domain and can be applied to test security policies and procedures. Cracking technology is used to refer to those tools and automated programs that can be used by perpetrators against an organization to incur critical damage. As technology advances, the skill required to execute a hack is much lesser as precompiled programs are available to effect havoc with simple point and click.
Does it matter if an elite cracker writes a buffer overflow or a script kiddy runs a tool if the target system gets compromised anyway? The point of emphasis here is that the enemy may be intellectually great or small, but he requires just one port of entry to wreck damage while the organization has the entire perimeter to guard with limited time and resources.
Since the CEH Course is related more to cracking, it would be apt to have a real cracker teach it. However real crackers are usually those who used to be spoiled brats who had plenty of time to explore the field. So what we have is real hackers who have system administration experience collaborating along with real crackers who used to penetrate networks as consultants for our courses at ATRC. Certainly, experience is the greatest teacher. A real hacker would not know all the tricks and techniques which are used by the crackers. Many techniques are representative of the different
crackers. ECCouncil gets a signature from the students so they can adhere to a code of ethics and encourages security professionals with significant years of teaching exposure in the industry and security related experience to handle its security related courses. However in our experience of more than 20 years, those who want to crack shall do so whether they sign or not. Also real crackers do not really need such a course to learn the techniques. The certifications are useful for two things. Telling the HR people that you know something, and making IT people learn the basics of security so they are not as lame as they are usually in their default state. Why is this in the brochure? Because this brochure is made by a real hacker who is going to teach this to you. So you shall be getting the real guru stuff. Not just what you are expected to know in the exam. Also real hackers who have been sysops or sysadmins know many techniques on stopping crackers which are not covered in any book. They are specific to the sysadmins themselves. Just like different crackers have their own special recipes to penetrate.
ECCouncil fulfills its social responsibility by ensuring that only persons with a minimum of two years of security related experience are eligible for the course. In addition all candidates are required to sign an agreement where they agree to respect the knowledge acquired and not misuse it in any way. The candidate also agrees to abide by all legal laws of the land in the use of thus acquired knowledge. Besides the CEH exam is a tough one to pass as students must have indepth knowledge to achieve the globally recognized CEH certification.
ECCouncil believes in giving back to the security community as it has partaken of it. When you are a CEH, you are more than a security auditor or a vulnerability tester or a penetration tester alone. You are exposed to security checklists that will help you audit the organization's information assets, tools which will check for vulnerabilities that can be exploited and above all a methodology to assess the security posture of your organization by doing a penetration test against it. In short, the knowledge you will acquire has practical value to make your work place a more secure and efficient one.
Congratulations on becoming a CEH. You have joined elite group of professionals around the world. Your next level is to become a Licensed Penetration Tester (LPT).
Legal Agreement CEH and Countermeasures course mission is to educate, introduce and demonstrate cracking tools for penetration testing purposes only. Prior to attending this course, you will be asked to sign an agreement stating that you will not use the newly acquired skills for illegal or malicious attacks and you will not use such tools in an attempt to compromise any computer system, and to indemnify ECCouncil and ATRC with respect to the use or misuse of these tools, regardless of intent. What is New in the CEHV9 Course This is the worlds most advanced cracking course with 18 of the most current security domains any cracker will ever want to know when they are planning to beef up the information security posture of their organization. In 18 comprehensive modules, the course covers over 270 attack technologies, commonly used by crackers. Our security experts have designed over 140 labs which mimic real time scenarios in the course to help you “live” through an attack as if it were real and provide you with access to over 2200 commonly used hacking tools to immerse you into the cracker world. As “a picture tells a thousand words”, our developers have all this and more for you in over 2200 graphically rich, specially designed slides to help you grasp complex security concepts in depth which will be presented to you in 5 day hands on class by our Instructor. The goal of this course is to help you master an CEH methodology that can be used in a penetration testing or CEH situation. You walk out the door with CEH skills that are highly in demand, as well as the globally recognized CEH certification! This course prepares you for ECCouncil CEH exam
In short, you walk out the door with cracking skills that are high in demand, as well as the internationally recognized CEH cracking certification!
Exam Info
Skills Measured The exam 312-50 tests CEH candidates on the following 18 domains.
ECCouncil CEH Application Process / Eligibility
1. ELIGIBILITY CRITERIA - For the CCISO Certified Chief Information Security Officer (CCISO)certification eligibility criteria, kindly go to https://cert.eccouncil.org/cciso.html - For the ibusiness certification eligibility criteria , kindly go to http://www.eccouncil.org/ibusiness/certifieddigitalmarketer.html http://www.eccouncil.org/ibusiness/certifiedinternetmarketingpractitioner.html - For the ECCouncil Licensed Penetration Tester (LPT) certification eligibility criteria , kindly go to http://cert.eccouncil.org/licensedpenetrationtester.html In order to be eligible to attempt ECCouncil CEH, CHFI v8 or ECSA v8 certification examination, candidate may opt to : Attend Official Training If a candidate attends an official instructorled training (ILT), computerbased training (CBT), online live training, or academic learning, candidate is eligible to attempt the relevant ECCouncil exam. Attempt Exam without Official Training In order to be considered for the ECCouncil CEH, CHFI v8 and ECSA v8 exam without attending official training, candidate must: Have at least two years of information security related experience. Remit a nonrefundable eligibility application fee of USD 100. Submit a completed Exam Eligibility Application Form. Purchase an official exam voucher DIRECTLY from ECCouncil through ECCouncil’s web store In order to be considered for the ECCouncil ECSA v9 exam without attending official training, candidate must: Have at least two years of information security related experience. Remit a nonrefundable eligibility application fee of USD 100. Submit a completed Exam Eligibility Application Form. Purchase an official ECSA v9 Exam Kit [consists of ECSA Aspen Dashboard Access Code (valid for 90 days from date of release), ECSA v9 iLabs Cyber Range Access Code (30 days from date of activation) and ECSA v9 Exam voucher (valid for 90 days from the date of distribution)]
Submit an acceptable pen testing report based on pen testing performed over ECCouncil’s secure cyber range
2. ELIGIBILITY PROCESS Applicant will need to go to https://cert.eccouncil.org/ExamEligibilityForm.html to fill in an online request for the Eligibility Application Form. Applicant will receive an electronic Exam Eligibility Application Form and the applicant will need to complete the information required on the form. Submit the completed Exam Eligibility Application form. The Application is valid only for 60 days from the date when Application is submitted. Should we not received any update from the applicant post 60 days, the Application will be automatically rejected. Applicant will need to submit a new application form. Waiting time for processing of Eligibility Application is approximately 5 working days after receiving the verification from verifier. Should the applicant not hear from us after 5 working days, the applicant can contact For USA/Canada/LATAM applicants – applicationservices@eccouncil.org For International applicants – cehapp@eccouncil.org ECCouncil will contact applicant’s Boss/ Supervisor/ Department head, who have agreed to act as applicant’s verifier in the application form, for authentication purposes. For verification of Educational Background ECCouncil requires a written letter in physical or electronic format confirming the certification(s) earned by the candidate. If application is approved, applicant will be required to purchase a voucher from ECCouncil DIRECTLY. ECCouncil will then send the candidate the eligibility code and the voucher code which candidate can use to register and schedule the test at any Authorized Prometric or VUE Testing Center globally. Please note that Prometric and VUE Registration will not entertain any requests without the eligibility code. The Approved application stands valid for 3 months from the date of Approval, the candidate needs to test 3 months from date of Approval. An extension request will require the Approval of Cert director. If application is not approved, the application fee of USD 100 will not be refunded. Important Note: Successful applicant will be required to purchase an exam voucher DIRECTLY from ECCouncil through the webstore at www.eccouncil.org/store.aspx before the eligibility code is released to the applicant. For students who took CBT solutions through authorized partners like Specialized