IT EXPERT BD: Learn Share Explore Innovate

Certified Ethical Hacker (CEH) V13

EC-Council

What is an Ethical Hacker?
To beat a hacker, you need to think like one!
Ethical Hacking is often referred to as the process of penetrating one’s own computer/s or computers to which one has official permission to do so as to determine if vulnerabilities exist and to undertake preventive, corrective, and protective countermeasures before an actual compromise to the system takes place. Around the world, partners and customers look to the EC-Council to deliver the highest quality exams and certifications. EC-Council has developed a number of policies to support the goals of the EC-Council certification program, including: Become a Certified Ethical Hacker A Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The Certified Ethical Hacker credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective.

What is an Ethical Hacker?

What is an Ethical Hacker?

To beat a hacker, you need to think like one!

Ethical Hacking is often referred to as the process of penetrating one’s own computer/s or computers to which one has official permission to do so as to determine if vulnerabilities exist and to undertake preventive, corrective, and protective countermeasures before an actual compromise to the system takes place.

Around the world, partners and customers look to EC-Council to deliver the highest quality exams and certifications. EC-Council has developed a number of policies to support the goals of EC-Council certification program, including:

Become a Certified Ethical Hacker

A Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The Certified Ethical Hacker credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective.

The purpose of the Certified Ethical Hacker credential is to:

· Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.

· Inform the public that credentialed individuals meet or exceed the minimum standards.

· Reinforce ethical hacking as a unique and self-regulating profession.

Training Outline

Module 1: Introduction to Ethical Hacking

Overview of ethical hacking, legal and ethical issues, types of hackers, hacking methodologies, and the importance of ethical hacking in securing IT infrastructure.

Module 2: Footprinting and Reconnaissance

Techniques to gather information about the target system or network, including footprinting, DNS queries, and social engineering techniques.

Module 3: Scanning Networks

Network scanning techniques to identify live systems, open ports, services, and vulnerabilities. Tools like Nmap, Netcat, and others are discussed.

Module 4: Enumeration

Methods to extract detailed information about a target system, network, or service, including active directory enumeration and SNMP enumeration.

Module 5: Vulnerability Analysis

How to identify vulnerabilities in systems and networks, using tools like Nessus, OpenVAS, and other scanning tools.

Module 6: System Hacking

Techniques to exploit system vulnerabilities, escalate privileges, maintain access, and perform post-exploitation tasks.

Module 7: Malware Threats

Understanding different types of malware (viruses, worms, Trojans, ransomware, etc.), their delivery methods, and how to detect and mitigate them.

Module 8: Sniffing

Using sniffing tools to capture and analyze network traffic to gain information about the network and users.

Module 9: Social Engineering

Techniques used by attackers to manipulate people into divulging confidential information, including phishing, vishing, and impersonation.

Module 10: Denial-of-Service (DoS) Attacks

Understanding DoS and DDoS attacks, their impact, and techniques used to mitigate such attacks.

Module 11: Session Hijacking

Techniques to hijack web sessions, how they work, and methods to prevent session hijacking attacks.

Module 12: Evading IDS, Firewalls, and Honeypots

Techniques and tools to bypass intrusion detection systems (IDS), firewalls, and honeypots to avoid detection.

Module 13: Hacking Web Servers

Web server vulnerabilities and the methods used to exploit them, including SQL injection, cross-site scripting (XSS), and other web application attacks.

Module 14: Hacking Web Applications

How web applications can be attacked, identifying vulnerabilities in web applications, and exploitation techniques like SQL injection, cross-site scripting (XSS), and more.

Module 15: SQL Injection

In-depth coverage of SQL injection attacks, how to perform them, and ways to mitigate this vulnerability in web applications.

Module 16: Hacking Wireless Networks

Techniques to hack into wireless networks, including WPA/WPA2 cracking, rogue access points, and security measures to protect wireless networks.

Module 17: Hacking Mobile Platforms

Vulnerabilities in mobile operating systems, techniques for mobile device exploitation, and ways to secure mobile platforms.

Module 18: IoT Hacking

Understanding the Internet of Things (IoT) security risks, and how to identify and exploit vulnerabilities in IoT devices.

Module 19: Cloud Computing

Security concerns and vulnerabilities in cloud computing platforms, such as AWS, Azure, Google Cloud, and methods to protect cloud-based infrastructures.

Module 20: Cryptography

Cryptographic algorithms, encryption methods, hashing, and ways to break or bypass cryptographic security.

Module 21: Penetration Testing

The process of performing penetration tests on networks and systems, including the tools and methodologies used in real-world scenarios.

Module 22: Reporting and Communication

How to create reports detailing findings from ethical hacking engagements, and how to communicate those findings to stakeholders in a meaningful way.

Who is it for?

Who is it for?

· Mid-Level Information Security Auditor

· Cybersecurity Auditor

· Security Administrator

· IT Security Administrator

· Cyber Defense Analyst

· Vulnerability Assessment Analyst

· Warning Analyst

· Information Security Analyst 1

· Security Analyst L1

· Infosec Security Administrator

· Cybersecurity Analyst Level 1, Level 2, & Level 3

· Network Security Engineer

· SOC Security Analyst

· Security Analyst

· Network Engineer

· Senior Security Consultant

· Information Security Manager

· Senior SOC Analyst

· Solution Architect

· Cybersecurity Consultant

Vendor Exam Certification

C|EH Exam (312-50)

Exam Code: 312-50
Passing Score: 70%
Number of Questions: 125 multiple-choice questions
Duration: 4 hours
Content: The exam covers various topics related to ethical hacking, including footprinting, scanning, enumeration, system hacking, malware, sniffing, social engineering, DoS attacks, web application hacking, cryptography, and more.

C|EH Practical Exam

Duration: 6 hours
Number of Questions: 20 scenario-based questions
Format: Hands-on practical exam in which you perform penetration testing activities in a controlled, real-world environment. You'll demonstrate your ability to apply ethical hacking techniques.

Exam Registration

The privacy and contract outlines the terms and conditions of a person who shares confidential information with IT Expert BD. in business or professional relationships to protect sensitive information from being disclosed to unauthorized parties.