As protecting information continues to be a growing concern for today's businesses, certifications in IT security have become highly desirable, even as the number of certifications has grown. Now you can set yourself apart with the Certified Ethical Hacker (CEH v11) certification. The CEH v11 Certified Ethical Hacker Study Guide offers a comprehensive overview of the CEH certification requirements using concise and easy-to-follow instructions. Chapters are organized by exam objective, with a handy section that maps each objective to its corresponding chapter, so you can keep track of your progress. The text provides thorough coverage of all topics, along with challenging chapter review questions and Exam Essentials, a key feature that identifies critical study areas. Subjects include common attack practices like reconnaissance and scanning. Also covered are topics like intrusion detection, DoS attacks, buffer overflows, wireless attacks, mobile attacks, Internet of Things (IoT) and more.This study guide goes beyond test prep, providing practical hands-on exercises to reinforce vital skills and real-world scenarios that put what you've learned into the context of actual job roles.* Gain a unique certification that allows you to function like an attacker, allowing you to identify vulnerabilities so they can be remediated* Expand your career opportunities with an IT certificate that satisfies the Department of Defense's 8570 Directive for Information Assurance positions* Fully updated for the 2020 CEH v11 exam, including the latest developments in IT security* Access the Sybex online learning center, with chapter review questions, full-length practice exams, hundreds of electronic flashcards, and a glossary of key termsThanks to its clear organization, all-inclusive coverage, and practical instruction, the CEH v11 Certified Ethical Hacker Study Guide is an excellent resource for anyone who needs to understand the hacking process or anyone who wants to demonstrate their skills as a Certified Ethical Hacker.

Introduction xixAssessment Test xxviChapter 1 Ethical Hacking 1Overview of Ethics 2Overview of Ethical Hacking 5Methodologies 6Cyber Kill Chain 6Attack Lifecycle 8Methodology of Ethical Hacking 10Reconnaissance and Footprinting 10Scanning and Enumeration 11Gaining Access 11Maintaining Access 12Covering Tracks 12Summary 13Chapter 2 Networking Foundations 15Communications Models 17Open Systems Interconnection 18TCP/IP Architecture 21Topologies 22Bus Network 22Star Network 23Ring Network 24Mesh Network 25Hybrid 26Physical Networking 27Addressing 27Switching 28IP 29Headers 29Addressing 31Subnets 33TCP 34UDP 38Internet Control Message Protocol 39Network Architectures 40Network Types 40Isolation 41Remote Access 43Cloud Computing 44Storage as a Service 45Infrastructure as a Service 46Platform as a Service 48Software as a Service 49Internet of Things 51Summary 52Review Questions 54Chapter 3 Security Foundations 57The Triad 59Confidentiality 59Integrity 61Availability 62Parkerian Hexad 63Risk 64Policies, Standards, and Procedures 66Security Policies 66Security Standards 67Procedures 68Guidelines 68Organizing Your Protections 69Security Technology 72Firewalls 72Intrusion Detection Systems 77Intrusion Prevention Systems 80Endpoint Detection and Response 81Security Information and Event Management 83Being Prepared 84Defense in Depth 84Defense in Breadth 86Defensible Network Architecture 87Logging 88Auditing 90Summary 92Review Questions 93Chapter 4 Footprinting and Reconnaissance 97Open Source Intelligence 99Companies 99People 108Social Networking 111Domain Name System 124Name Lookups 125Zone Transfers 130Passive DNS 133Passive Reconnaissance 136Website Intelligence 139Technology Intelligence 144Google Hacking 144Internet of Things (IoT) 146Summary 148Review Questions 150Chapter 5 Scanning Networks 155Ping Sweeps 157Using fping 157Using MegaPing 159Port Scanning 161Nmap 162masscan 176MegaPing 178Metasploit 180Vulnerability Scanning 183OpenVAS 184Nessus 196Looking for Vulnerabilities with Metasploit 202Packet Crafting and Manipulation 203hping 204packETH 207fragroute 209Evasion Techniques 211Protecting and Detecting 214Summary 215Review Questions 217Chapter 6 Enumeration 221Service Enumeration 223Remote Procedure Calls 226SunRPC 226Remote Method Invocation 228Server Message Block 232Built-in Utilities 233nmap Scripts 237NetBIOS Enumerator 239Metasploit 240Other Utilities 242Simple Network Management Protocol 245Simple Mail Transfer Protocol 247Web-Based Enumeration 250Summary 257Review Questions 259Chapter 7 System Hacking 263Searching for Exploits 265System Compromise 269Metasploit Modules 270Exploit-DB 274Gathering Passwords 276Password Cracking 279John the Ripper 280Rainbow Tables 282Kerberoasting 284Client-Side Vulnerabilities 289Living Off the Land 291Fuzzing 292Post Exploitation 295Evasion 295Privilege Escalation 296Pivoting 301Persistence 304Covering Tracks 307Summary 313Review Questions 315Chapter 8 Malware 319Malware Types 321Virus 321Worm 323Trojan 324Botnet 324Ransomware 326Dropper 328Malware Analysis 328Static Analysis 329Dynamic Analysis 340Creating Malware 349Writing Your Own 350Using Metasploit 353Obfuscating 356Malware Infrastructure 357Antivirus Solutions 359Persistence 360Summary 361Review Questions 363Chapter 9 Sniffing 367Packet Capture 368tcpdump 369tshark 376Wireshark 378Berkeley Packet Filter 382Port Mirroring/Spanning 384Packet Analysis 385Spoofing Attacks 390ARP Spoofing 390DNS Spoofing 394sslstrip 397Spoofing Detection 398Summary 399Review Questions 402Chapter 10 Social Engineering 407Social Engineering 408Pretexting 410Social Engineering Vectors 412Physical Social Engineering 413Badge Access 413Man Traps 415Biometrics 416Phone Calls 417Baiting 418Phishing Attacks 418Website Attacks 422Cloning 423Rogue Attacks 426Wireless Social Engineering 427Automating Social Engineering 430Summary 433Review Questions 435Chapter 11 Wireless Security 439Wi-Fi 440Wi-Fi Network Types 442Wi-Fi Authentication 445Wi-Fi Encryption 446Bring Your Own Device 450Wi-Fi Attacks 451Bluetooth 462Scanning 463Bluejacking 465Bluesnarfing 466Bluebugging 466Mobile Devices 466Mobile Device Attacks 467Summary 472Review Questions 474Chapter 12 Attack and Defense 479Web Application Attacks 480XML External Entity Processing 482Cross-SiteScripting 483SQL Injection 485Command Injection 487File Traversal 489Web Application Protections 490Denial-of-Service Attacks 492Bandwidth Attacks 492Slow Attacks 495Legacy 497Application Exploitation 497Buffer Overflow 498Heap Spraying 500Application Protections and Evasions 501Lateral Movement 502Defense in Depth/Defense in Breadth 504Defensible Network Architecture 506Summary 508Review Questions 510Chapter 13 Cryptography 515Basic Encryption 517Substitution Ciphers 517Diffie-Hellman 520Symmetric Key Cryptography 521Data Encryption Standard 522Advanced Encryption Standard 523Asymmetric Key Cryptography 524Hybrid Cryptosystem 525Nonrepudiation 525Elliptic Curve Cryptography 526Certificate Authorities and Key Management 528Certificate Authority 528Trusted Third Party 531Self-Signed Certificates 532Cryptographic Hashing 534PGP and S/MIME 536Disk and File Encryption 538Summary 541Review Questions 543Chapter 14 Security Architecture and Design 547Data Classification 548Security Models 550State Machine 550Biba 551Bell-LaPadula 552Clark-Wilson Integrity Model 552Application Architecture 553n-tier Application Design 554Service-Oriented Architecture 557Cloud-Based Applications 559Database Considerations 561Security Architecture 563Summary 567Review Questions 569Chapter 15 Cloud Computing and the Internet of Things 573Cloud Computing Overview 574Cloud Services 578Shared Responsibility Model 583Public vs. Private Cloud 585Cloud Architectures and Deployment 586Responsive Design 588Cloud-NativeDesign 589Deployment 590Dealing with REST 593Common Cloud Threats 598Access Management 598Data Breach 600Web Application Compromise 600Credential Compromise 602Insider Threat 604Internet of Things 604Operational Technology 610Summary 612Review Questions 614Appendix Answers to Review Questions 617Chapter 2: Networking Foundations 618Chapter 3: Security Foundations 619Chapter 4: Footprinting and Reconnaissance 622Chapter 5: Scanning Networks 624Chapter 6: Enumeration 627Chapter 7: System Hacking 629Chapter 8: Malware 632Chapter 9: Sniffing 635Chapter 10: Social Engineering 636Chapter 11: Wireless Security 638Chapter 12: Attack and Defense 641Chapter 13: Cryptography 643Chapter 14: Security Architecture and Design 645Chapter 15: Cloud Computing and the Internet of Things 646Index 649