Transcription
Certified Ethical Hacker (CEH) - PracticalExam Blueprint v1
EC-CouncilDomainSub Domain1. InformationSecurity andEthical HackingOverviewIntroduction toEthicalHackingDescription Information Security OverviewWeightage(%)6% Cyber Kill Chain Concepts Hacking Concepts Ethical Hacking Concepts Information Security Controls Information Security Laws andStandards2. ReconnaissanceTechniquesFootprinting andReconnaissance Footprinting Concepts21% Footprinting Methodology Footprinting through Search Scanning NetworksEnginesFootprinting through WebServicesFootprinting through SocialNetworking SitesWebsite FootprintingEmail FootprintingWhois FootprintingDNS FootprintingNetwork FootprintingFootprinting through SocialEngineeringFootprinting ToolsFootprinting Countermeasures Network Scanning Concepts Scanning Tools Host Discovery Port and Service Discovery OS Discovery(BannerGrabbing/OSFingerprinting) Scanning Beyond IDS andFirewall Draw Network DiagramsPage 2Copyright by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
EC-CouncilEnumeration Enumeration Concepts NetBIOS Enumeration SNMP Enumeration LDAP Enumeration NTP and NFS Enumeration SMTP and DNS Enumeration Other Enumeration Techniques(IPsec, VoIP, RPC, Unix/Linux,Telnet, FTP, TFTP, SMB, IPv6, andBGPenumeration) Enumeration Countermeasures3. System HackingPhases andAttackTechniquesVulnerabilityAnalysis Vulnerability AssessmentSystem Hacking System Hacking Concepts17%Concepts Vulnerability Classificationand AssessmentTypes Vulnerability AssessmentSolutions and Tools Vulnerability AssessmentReports Gaining Access Cracking Passwords Vulnerability Exploitation Escalating Privileges Maintaining Access Executing Applications Hiding Files Clearing LogsMalware Threats Malware Concepts APT Concepts Trojan Concepts Virus and Worm Concepts File-less Malware Concepts Malware Analysis Malware Countermeasures Anti-Malware SoftwarePage 3Copyright by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
EC-Council4. Network andPerimeterHackingSniffing Sniffing Concepts14% Sniffing Technique: MAC Attacks Sniffing Technique: DHCP Attacks Sniffing Technique: ARP Social EngineeringPoisoningSniffing Technique: SpoofingAttacksSniffing Technique: DNSPoisoningSniffing ToolsSniffing CountermeasuresSniffing Detection Techniques Social Engineering Concepts Social Engineering Techniques Insider Threats Impersonation on Social Networking Sites Identity Theft Social EngineeringCountermeasuresDenial-of-Service DoS/DDoS Concepts DoS/DDoS Attack Techniques Botnets DDoS Case Study DoS/DDoS Attack Tools DoS/DDoS Countermeasures DoS/DDoS Protection ToolsSession Hijacking Session Hijacking Concepts Application-Level SessionHijacking Network Level Session Hijacking Session Hijacking Tools Session HijackingCountermeasuresPage 4Copyright by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
EC-CouncilEvading IDS,Firewalls,andHoneypots IDS, IPS, Firewall, and Honeypot 5. Web Application Hacking WebHackingServersConceptsIDS, IPS, Firewall, and HoneypotSolutionsEvading IDSEvading FirewallsIDS/Firewall Evading ToolsDetecting HoneypotsIDS/Firewall EvasionCountermeasures Web Server Concepts16% Web Server Attacks Web Server Attack Hacking WebApplicationsMethodologyWeb Server Attack ToolsWeb Server CountermeasuresPatch ManagementWeb Server Security Tools Web App Concepts Web App Threats Web App Hacking Page 5MethodologyFootprint Web InfrastructureAnalyze Web ApplicationsBypass Client-Side ControlsAttack AuthenticationMechanismAttack Authorization SchemesAttack Access ControlsAttack Session ManagementMechanismPerform Injection AttacksAttack Application Logic FlawsAttack Shared EnvironmentsAttack Database ConnectivityAttack Web App ClientAttack Web ServicesCopyright by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
EC-Council Web API, Webhooks and WebShell Web App SecuritySQL Injection SQL Injection Concepts Types of SQL Injection SQL Injection Methodology SQL Injection Tools Evasion Techniques SQL Injection Countermeasures6. WirelessNetworkHackingHacking WirelessNetworks Wireless Concepts6% Wireless Encryption Wireless Threats Wireless Hacking Methodology Wireless Hacking Tools Bluetooth Hacking Wireless Countermeasures Wireless Security Tools7. MobilePlatform, IoT,and OT HackingHacking MobilePlatforms Mobile Platform Attack Vectors8% Hacking Android OS Hacking iOS Mobile Device Management Mobile Security Guidelines andToolsIoT and OT Hacking IoT Concepts IoT Attacks IoT Hacking Methodology IoT Hacking Tools IoT Countermeasures OT Concepts OT Attacks OT Hacking Methodology OT Hacking Tools OT Countermeasures8. CloudComputingCloud Computing Cloud Computing Concepts6% Container Technology Serverless ComputingPage 6Copyright by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
EC-Council Cloud Computing Threats Cloud Hacking Cloud Security9. CryptographyCryptography Cryptography Concepts6% Encryption Algorithms Cryptography Tools Public Key Infrastructure (PKI) Email Encryption Disk Encryption Cryptanalysis CountermeasuresPage 7Copyright by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
Certified Ethical Hacker (CEH) - Practical Exam Blueprint v1. Domain Sub Domain Description Weightage(%) 1. Information Security and Ethical Hacking Overview Introduction to EthicalHacking
