ITP Course Practice Test: Certified Ethical Hacker (CEH)

Take your IT career to the next level with this video-based online training course designed to provide you with the hands-on experience to mitigate your network, guard it from multifaceted attacks, and prepare you to succeed on the Certified Ethical Hacker (CEH) exam. With this expert-led certification prep course you'll get more than enough practice tests to confidently prepare for the CEH, along with lab-based, real-world projects that explore all sides of multi-pronged cybersecurity attacks to ensure your preparedness to combat attack threats. Who should take this course Skill level | Intermediate Anyone planning to take the EC-Council Certified Ethical Hacker (CEH) Exam to become a Certified Ethical Hacker Anyone who is interested in becoming a cybersecurity professional or concerned about the integrity of their network infrastructure Anyone interested in ethical hacking (penetration testing) In order to achieve certification via the Ethical Hacker (CEH) Certification exam, the EC-Council requires that applicants attend an EC-Council training session or show that they have 2 years of information security experience in each of the 5 CCISCO Domains. For an optimal course experience, we recommend using these browsers and devices. Course includes 18 hours of targeted video-based lessons led by industry experts Hands-on labs to simulate real-world experience performing footprinting, penetration testing, and security risk analysis, as well as measures to guard your network Self-study tools, such as flashcards to study key terms and quizzes to self-asses your progress Exclusive Pearson Test Prep practice exams to fully prepare to take the Certified Ethical Hacker (CEH) exam with confidence 1 year of access* What you'll learn This Pearson IT Training Course covers the full range of topics tested on the Certified Ethical Hacker (CEH) exam, including: Performing footprinting and reconScan networks Performing countermeasures against enumeration Conducting vulnerability analysis Hacking systems and covering your tracks Using and preventing malware Performing network sniffing Conducting social engineering methodologies and learning how to prevent them from happening Performing Denial-of-Service (DoS) and session hijacking attacks, as well as taking measures to guard against them Hacking web servers and applications using multiple tools and techniques Performing attacks using SQL injection Using the best tools and techniques for hacking wireless networks Deploying IDS, firewalls, and honeypots, as well as learning how to evade them Understanding and learning how to use cloud computing for penetration testing Understanding cryptography and cryptanalysis Exploiting the vulnerabilities of Internet of Things (IoT) devices Understanding the vulnerabilities of and methods to hack mobile devices *Retake guarantee Didn't pass your certification exam on your first try? We'll give you six months of additional access at no cost. About Pearson IT Training Courses Pearson IT Training Courses are complete and affordable packages of expert-led, self-paced courses designed to help you stand out with in-demand skills that take your career to the next level. From learning to hands-on practice and application, our comprehensive certification prep courses ensure you are ready for exam success.

Table of Contents:
Introduction Overview Module 1: Security Essentials Module 1: Introduction Lesson 1: Course Overview Lesson 1 Learning Objectives 1.1 Areas of Focus and Exam Info 1.2 Course Is and Isn't Lesson 2: Introduction to Ethical Hacking Lesson 2 Learning Objectives 2.1 Cybersecurity Overview 2.2 Threats and Attack Vectors 2.3 Attack Concepts 2.4 Understanding the Legal Aspects of Penetration Testing 2.5 Exploring Penetration Testing Methodologies 2.6 Attack Phases 2.7 Attack Types 2.8 InfoSec Policies Lesson 2: Review Lesson 2 Flashcards Lesson 2 Quiz Lesson 3: Footprinting and Recon Lesson 3 Learning Objectives 3.1 Footprinting Concepts 3.2 Footprinting Objectives 3.3 Footprinting Methodologies 3.4 Search Engines 3.5 Finding People 3.6 Competitive Intelligence 3.7 Websites 3.8 Email Tracking 3.9 Network Discovery 3.10 DNS/Whois 3.11 Social Engineering 3.12 Employee Online Activities 3.13 Footprinting Tools 3.14 Footprinting Countermeasures 3.15 Penetration Testing: Footprinting and Recon Lesson 3: Review Lesson 3 Flashcards Lesson 3 Quiz Lesson 4: Scanning Networks Lesson 4 Learning Objectives 4.1 Network Scanning Overview 4.2 Scanning Techniques 4.3 TCP/UDP Refresher 4.4 TCP Scanning Types 4.5 More TCP Scanning Techniques 4.6 Nmap Demo 4.7 IDS Evasion 4.8 Banner Grabbing 4.9 Vulnerability Scanning 4.10 Network Diagramming 4.11 Using and Chaining Proxies 4.12 HTTP and SSH Tunneling 4.13 Anonymizers 4.14 IP Spoofing and Countermeasures 4.15 Penetration Testing: Scanning Networks Lesson 4: Review Lesson 4 Flashcards Lesson 4 Quiz Module 1: Review Module 1 Quiz Module 2: System Security Module 2: Introduction Lesson 5: Enumeration Lesson 5 Learning Objectives 5.1 Enumeration Overview 5.2 NetBIOS Enumeration 5.3 Users and Default Passwords 5.4 SNMP Enumeration 5.5 Linux Enumeration 5.6 LDAP, NTP, SMTP, DNS Enumeration 5.7 Enumerating IKE, IPsec, VPNs 5.8 Enumeration Countermeasures 5.9 Penetration Testing: Enumeration Lesson 5: Review Lesson 5 Flashcards Lesson 5 Quiz Lesson 6: Vulnerability Analysis Lesson 6 Learning Objectives 6.1 Introducing Vulnerability Research and Classification 6.2 Exploring Vulnerability Assessment 6.3 Vulnerability Management Lifecycle (Vulnerability Assessment Phases) 6.4 Understanding Different Approaches of Vulnerability Assessment Solutions 6.5 Overview of Vulnerability Scoring Systems 6.6 Vulnerability Assessment Tools 6.7 Overview of Vulnerability Assessment Reports Lesson 6: Review Lesson 6 Flashcards Lesson 6 Quiz Lesson 7: System Hacking Lesson 7 Learning Objectives 7.1 Hacking Methodology 7.2 Password Cracking 7.3 Keyloggers and Anti-keyloggers 7.4 Microsoft Authentication 7.5 Defense Against Password Cracking 7.6 Privilege Escalation 7.7 Executing Applications 7.8 Rootkits and Anti-rootkits 7.9 NTFS Stream Manipulation 7.1 Steganography and Steganalysis Methods 7.11 Covering Tracks 7.12 Penetration Testing: System Hacking Lesson 7: Review Lesson 7 Flashcards Lesson 7 Quiz Lesson 8: Malware Threats Lesson 8 Learning Objectives 8.1 Understanding Malware and Malware Propagation Techniques 8.2 Trojans, Backdoors, Viruses, Worms 8.3 Indications of Infection 8.4 Common Ports 8.5 How Malware Gets Into a System 8.6 How to Detect 8.7 Anti-malware Software 8.8 Online Malware Analysis Services 8.9 Countermeasures 8.10 Penetration Testing: Malware Threats Lesson 8: Review Lesson 8 Flashcards Lesson 8 Quiz Lesson 9: Sniffing Lesson 9 Learning Objectives 9.1 Sniffing Overview 9.2 Sniffing Attack Types 9.3 Protocol Analyzers 9.4 Sniffing Tools 9.5 Sniffing Detection and Defense 9.6 Penetration Testing: Sniffing Lesson 9: Review Lesson 9 Flashcards Lesson 9 Quiz Lesson 10: Social Engineering Lesson 10 Learning Objectives 10.1 Social Engineering Concepts 10.2 Social Networking 10.3 Identity Theft 10.4 Social Engineering Countermeasures 10.5 Understanding Social Engineering 10.6 Surveying Social Engineering Methodologies 10.7 Understanding How to Target Employees 10.8 Exploring Social Engineering Tools 10.9 Exploring the Social Engineering Toolkit (SET) 10.10 Surveying Social Engineering Case Studies 10.11 Penetration Testing: Social Engineering Lesson 10: Review Lesson 10 Flashcards Lesson 10 Quiz Module 2: Review Module 2 Quiz Module 3: Network Security Module 3: Introduction Lesson 11: Denial-of-Service (DoS) Lesson 11 Learning Objectives 11.1 DoS/DDoS Overview 11.2 DoS Techniques 11.3 Botnets 11.4 DoS Attack Tools 11.5 Detection and Countermeasures 11.6 DDoS Protection Tools 11.7 Penetration Testing: DoS Lesson 11: Review Lesson 11 Flashcards Lesson 11 Quiz Lesson 12: Session Hijacking Lesson 12 Learning Objectives 12.1 What Is Session Hijacking? 12.2 Techniques 12.3 Application Level Session Hijacking 12.4 MitM Attacks 12.5 Cross-site Attacks 12.6 Network Level Hijacking 12.7 Session Hijacking Tools 12.8 Hijacking Protection 12.9 Penetration Testing: Session Hijacking Lesson 12: Review Lesson 12 Flashcards Lesson 12 Quiz Module 3: Review Module 3 Quiz Module 4: Web Services Security Module 4: Introduction Lesson 13: Hacking Webservers Lesson 13 Learning Objectives 13.1 Webserver Concepts 13.2 Webserver Attacks 13.3 Attack Methodology 13.4 Countermeasures 13.5 System Patch Management 13.6 Security Tools 13.7 Exploring CMS and Framework Identification 13.8 Surveying Web Crawlers and Directory Brute Force 13.9 Understanding How Web Application Scanners Work 13.10 Introducing Nikto 13.11 Introducing the Burp Suite 13.12 Introducing OWASP Zed Application Proxy (ZAP) 13.13 Introducing OpenVAS Lesson 13: Review Lesson 13 Flashcards Lesson 13 Quiz Lesson 14: Hacking Web Applications Lesson 14 Learning Objectives 14.1 Attack Vectors and Threats 14.2 Footprinting 14.3 Authentication and Authorization System Attacks 14.4 Understanding the Need for Web Application Penetration Testing 14.5 Exploring How Web Applications Have Evolved Over Time 14.6 Understanding the Web Application Protocols 14.7 Exploring the HTTP Request and Response 14.8 Surveying Session Management and Cookies 14.9 Understanding the APIs 14.10 Exploring the Tools Used to Test the APIs 14.11 Exploring Cloud Services 14.12 Exploring Web Application Frameworks 14.13 Surveying Docker Containers 14.14 Introducing DevOps 14.15 Understanding Authentication Schemes in Web Applications 14.16 Exploring Session Management Mechanisms and Related Vulnerabilities 14.17 Database Connectivity Attacks Lesson 14: Review Lesson 14 Flashcards Lesson 14 Quiz Lesson 15: Advanced Web Application Hacking Lesson 15 Learning Objectives 15.1 Understanding What is Command Injection 15.2 Exploiting Command Injection Vulnerabilities 15.3 Understanding What is XML Injection 15.4 Exploiting XML Injection Vulnerabilities 15.5 Undertanding How to Mitigate Injection Vulnerabilities 15.6 Understanding What is XSS 15.7 Exploiting Reflected XSS Vulnerabilities 15.8 Exploiting Stored XSS Vulnerabilities 15.9 Exploiting DOM Based XSS Vulnerabilities 15.10 Understanding Cross-Site Request Forgery (CSRF) 15.11 Exploiting CSRF Vulnerabilities 15.12 Evading Web Application Security Controls 15.13 Mitigating XSS and CSRF Vulnerabilities 15.14 Surveying the Client-side Code and Storage 15.15 Understanding HTML5 Implementations 15.16 Understanding AJAX Implementations 15.17 Mitigating AJAX, HTML5, and Client-side Vulnerabilities 15.18 Understanding the Other Common Security Flaws in Web Applications 15.19 Exploiting Insecure Direct Object References and Path Traversal 15.20 Surveying Information Disclosure Vulnerabilities 15.21 Fuzzing Web Applications 15.22 Web Application Security Tools 15.23 Web Application Firewalls Lesson 15: Review Lesson 15 Flashcards Lesson 15 Quiz Lesson 16: SQL Injection Lesson 16 Learning Objectives 16.1 Overview 16.2 Attacks Using SQL Injection 16.3 Methodology 16.4 Understanding SQL Injection 16.5 Exploiting SQL Injection Vulnerabilities 16.6 SQL Injection Defense 16.7 Detection Tools Lesson 16: Review Lesson 16 Flashcards Lesson 16 Quiz Module 4: Review Module 4 Quiz Module 5: Wireless and Internet Security Module 5: Introduction Lesson 17: Hacking Wireless Lesson 17 Learning Objectives 17.1 Wireless LAN Overview 17.2 Wireless Encryption 17.3 Wireless Threats 17.4 Understanding Wireless Antennas 17.5 Surveying Wi-Fi Devices Like the Pinneaple 17.6 Building Your Own Lab 17.7 Introducing the Aircrack-ng Suite 17.8 Introducing Airmon-ng 17.9 Understanding Airodump-ng 17.10 Introducing Aireplay-ng 17.11 Introducing Airdecap-ng 17.12 Introducing Airserv-ng 17.13 Introducing Airtun-ng 17.14 Understanding WEP Fundamentals 17.15 Learning How to Crack WEP 17.16 Understanding WPA Fundamentals 17.17 Surveying Attacks Against WPA2-PSK Networks 17.18 Using coWPAtty 17.19 Using Pyrit 17.20 Exploring WPA Enterprise Hacking 17.21 Using Kismet 17.22 Using Wireshark 17.23 Defining Evil Twin Attacks 17.24 Performing Evil Twin Attacks 17.25 Using Karmetasploit 17.26 Bluetooth and Bluejacking 17.27 Understanding Bluetooth Vulnerabilities 17.28 Surveying Tools for Bluetooth Monitoring 17.29 Wireless Attack Defense 17.30 Wireless IPS Lesson 17: Review Lesson 17 Flashcards Lesson 17 Quiz Lesson 18: IDS, Firewalls, and Honeypots Lesson 18 Learning Objectives 18.1 IDS, Firewall, and Honeypot Concepts 18.2 Firewall Tools 18.3 Honeypot Tools 18.4 IDS Tools 18.5 Evading IDS and Firewalls 18.6 Evading IDS and Firewall Tools 18.7 Detecting Honeypots 18.8 Penetration Testing: IDS, Firewalls, and Honeypots Lesson 18: Review Lesson 18 Flashcards Lesson 18 Quiz Lesson 19: Cloud Computing Lesson 19 Learning Objectives 19.1 Overview 19.2 Providers 19.3 Detection 19.4 Instance and VPC Security Methods 19.5 Cloud Use as a Pen Testing Source 19.6 Understanding the Challenge of Testing Cloud Services 19.7 Exploring How to Test in the Cloud Lesson 19: Review Lesson 19 Flashcards Lesson 19 Quiz Lesson 20: Cryptography Lesson 20 Learning Objectives 20.1 Overview 20.2 Algorithms 20.3 Tools 20.4 Public Key Infrastructure 20.5 Email 20.6 Disk Encryption and Tools 20.7 Attacks Against Cryptography 20.8 Cryptanalysis Tools Lesson 20: Review Lesson 20 Flashcards Lesson 20 Quiz Lesson 21: IoT Hacking Lesson 21 Learning Objectives 21.1 Understanding IoT Fundamentals 21.2 Exploring ZigBee and IEEE 802.15.4 21.3 Exploring INSTEON 21.4 Exploring ZWave 21.5 Exploring LoRA 21.6 Overview of IoT Penetration Testing 21.7 IoT Security Tools Lesson 21: Review Lesson 21 Flashcards Lesson 21 Quiz Lesson 22: Hacking Mobile Platforms Lesson 22 Learning Objectives 22.1 Understanding OWASP Mobile Device Vulnerabilities 22.2 Wrestling with the BYOD Dilemma 22.3 Understanding Mobile Device Management (MDM) 22.4 Understanding Mobile Device Security Policies 22.5 Exploring The Android Security Model 22.6 Exploring Android Emulators and SDK 22.7 Understanding Android Hacking Tools and Methodologies 22.8 Introducing iOS Security 22.9 Exploring Jailbraking iOS 22.1 Surveying Tools for Dissasembling iOS Applications 22.11 Understanding Mobile Spyware 22.12 Exploring How to Make Your Own STORM-like Mobile Hacking Device Lesson 22: Review Lesson 22 Flashcards Lesson 22 Quiz Module 5: Review Module 5 Quiz CEH Version 11 Bonus Content CEH v11 Bonus Content Learning Objectives Understanding IoT Security Threats The Utility Industry Communications Over the Utility WAN Field Area Networks (FANs) IoT Industrial Network Architecture Factory Security The Oil and Gas Industry—Trends and Challenges IoT Architectures for Oil and Gas Securing IoT for Oil and Gas IoT Architecture for Mining Surveying Unsecure Code Practices and Insecure APIs Understanding Security Threats in Cloud Environments Understanding VXLAN and Network Overlays Understanding Microsegmentation Introducing the Different Cloud Deployment and Service Models Surveying Patch Management in the Cloud Performing Security Assessments in Cloud Environments Introducing Agile, DevOps, and CI/CD Pipelines Introducing Serverless Computing Understanding Container Orchestration and an Introduction to Kubernetes Exploring the Concepts of DevSecOps Attacking WPA2 Implementations Assessing Unsecure Code Practices and APIs Exploring Sandboxes and Virtual Machine Escape Attacks The Evolution of IEEE 802.11 Security WPA3 Security Understanding API Access Understanding Authentication Understanding Authorization Modes Managing Security Contexts Managing Kubernetes User Accounts Managing Security (Video Lab) Managing Security (Video Lab Solution) Understanding File-less Malware Concepts Introducing Malware Analysis Exploring WPA3 Attacks and Mitigation

About the Author :
Course experts Omar Santos - Principal engineer, security expert, and author Omar Santos is a Principal Engineer of the Cisco Product Security Incident Response Team (PSIRT). Omar is the author of more than 20 books and video courses and has been quoted by numerous media outlets, such as TheRegister, Wired, ZDNet, ThreatPost, CyberScoop, TechCrunch, Fortune Magazine, Ars Technica, and more. You can follow Omar on Twitter @santosomar. Nick Garner - Senior Solutions Architect and instructor Nick Garner, CCIE No. 17871, is a solutions integration architect for Cisco Systems. He has been in Cisco Advanced Services supporting customers in both transactional and subscription engagements for 8 years. In his primary role, he has deployed and supported large-scale data center designs for prominent clients in the San Francisco Bay area. His primary technical focus outside of data center routing and switching designs is security and multicast. William "Bo" Rothwell - Lead instructor and courseware developer Wiliam "Bo" Rothwell's passion for understanding how computers work and sharing this knowledge with others has resulted in a rewarding career in IT training. His experience includes Linux, Unix, and programming languages such as Perl, Python, Tcl, and BASH. He is the founder and president of One Course Source, an IT training organization. Michael Gregg - Cybersecurity author and expert security practitioner Michael Gregg, CISSP is the president of Superior Solutions, Inc., a Houston based training and consulting firm. He has more than 20 years experience in the IT field. He holds two associate's degrees, a bachelor's degree, and a master's degree. He presently maintains the following certifications: CISSP, MCSE, MCT, CTT+, A+, N+, Security+, CNA, CCNA, CIW Security Analyst, CCE, CEH, CHFI, CEI, DCNP, ES Dragon IDS, ES Advanced Dragon IDS, and TICSA. He has consulted and taught for many organizations, and he is a 9-time winner of Global Knowledge's Perfect Instructor Award.