Certified Ethical Hacker - CEH

o 웹 페이지 방문
 - http://www.eccouncil.org/Exam/312-50.htm

o PDF 문서
 - http://www.eccouncil.org/ipdf/EthicalHacker.pdf

Ethical Hacking and Countermeasures (312-50)

New CEHv5 Exam

Note:

• The exam codes EC0-350 are 312-50 are the same exam.
• The exam title "Certified Ethical Hacker" and "Ethical Hacking and Countermeasures" are the same
• VUE and Prometric systems use different exam codes.
• The CEHv4 exam has been retired since June 1st 2007
• CEHv5 exam is available on Prometric Prime, APTC and VUE.
• Exams at VUE and Prometric APTC requires Eligibility Code. Please visit http://www.eccouncil.org/takeexam.htm for details

Credit Towards Certification
 

	Certified Ethical Hacker
	Master of Security Science (MSS)

Exam Details (CEHv5)
 

	Number of Questions: 150
	Passing Score: 70%
	Test Duration: 4 Hours
	Test Format: Multiple Choice
	Test Delivery: Prometric Prime
	Exam Version: 5
	Release Date: November 13th, 2006
	Exam Cost: USD 250

Skills Measured

The Exam 312-50 tests CEH candidates on the following 22 domains.

1. Ethics and Legal Issues
2.  Footprinting
3. Scanning
4. Enumeration
5. System Hacking
6. Trojans and Backdoors
7. Sniffers
8. Denial of Service
9. Social Engineering
10. Session Hijacking
11. Hacking Web Servers
12. Web Application Vulnerabilities
13. Web Based Password Cracking Techniques
14. SQL Injection
15. Hacking Wireless Networks
16. Virus and Worms
17. Physical Security
18. Hacking Linux
19. IDS, Firewalls and Honeypots
20. Buffer Overflows
21. Cryptography
22. Penetration Testing Methodologies

---

Ethics and Legality

• Ethics and Legality
• Understand Ethical Hacking terminology
• Define the Job role of an ethical hacker
• Understand the different phases involved in ethical hacking
• Identify different types of hacking technologies
• List the 5 stages of ethical hacking?
• What is hacktivism?
• List different types of hacker classes
• Define the skills required to become an ethical hacker
• What is vulnerability research?
• Describe the ways in conducting ethical hacking
• Understand the Legal implications of hacking
• Understand 18 U.S.C. § 1030 US Federal Law

Footprinting

• Define the term Footprinting
• Describe information gathering methodology
• Describe competitive intelligence
• Understand DNS enumeration
• Understand Whois, ARIN lookup
• Identify different types of DNS records
• Understand how  traceroute is used in Footprinting
• Understand how e-mail tracking works
• Understand how web spiders work

Scanning

• Define the term port scanning, network scanning and vulnerability scanning
• Understand the CEH scanning methodology
• Understand Ping Sweep techniques
• Understand nmap command switches
• Understand SYN, Stealth, XMAS, NULL, IDLE and FIN scans
• List TCP communication flag types
• Understand War dialing techniques
• Understand banner grabbing and OF fingerprinting techniques
• Understand how proxy servers are used in launching an attack
• How does anonymizers work
• Understand HTTP tunneling techniques
• Understand IP spoofing techniques

Enumeration

• What is Enumeration?
• What is meant by null sessions
• What is SNMP enumeration?
• What are the steps involved in performing enumeration?

System hacking 

• Understanding password cracking techniques
• Understanding different types of passwords
• Identifying various password cracking tools
• Understand Escalating privileges
• Understanding keyloggers and other spyware technologies
• Understand how to Hide files
• Understanding rootkits
• Understand Steganography technologies
• Understand how to covering your tracks and erase evidences

Trojans and Backdoors 

• What is a Trojan?
• What is meant by overt and covert channels?
• List the different types of Trojans
• What are the indications of a Trojan attack?
• Understand how “Netcat” Trojan works
• What is meant by “wrapping”
• How does reverse connecting Trojans work?
• What are the countermeasure techniques in preventing Trojans?
• Understand Trojan evading techniques

Sniffers

• Understand the protocol susceptible to sniffing
• Understand active and passive sniffing
• Understand ARP poisoning
• Understand ethereal capture and display filters
• Understand MAC flooding
• Understand DNS spoofing techniques
• Describe sniffing countermeasures

Denial of Service

• Understand the types of DoS Attacks
• Understand how DDoS attack works
• Understand how BOTs/BOTNETS work
• What is “smurf” attack
• What is “SYN” flooding
• Describe the DoS/DDoS countermeasures

Social Engineering

• What is Social Engineering?
• What are the Common Types of Attacks
• Understand Dumpster Diving
• Understand Reverse Social Engineering
• Understand Insider attacks
• Understand Identity Theft
• Describe Phishing Attacks
• Understand Online Scams
• Understand URL obfuscation
• Social Engineering countermeasures

Session Hijacking 

• Understand Spoofing vs. Hijacking
• List the types of Session Hijacking
• Understand Sequence Prediction
• What are the steps in performing session hijacking
• Describe how you would prevent session hijacking

Hacking Web Servers 

• List the types of web server vulnerabilities
• Understand the attacks Against Web Servers
• Understand IIS Unicode exploits
• Understand patch management techniques
• Understand Web Application Scanner
• What is Metasploit Framework?
• Describe Web Server hardening methods

Web Application Vulnerabilities 

• Understanding how web application works
• Objectives of web application hacking
• Anatomy of an attack
• Web application threats
• Understand Google hacking
• Understand Web Application Countermeasures

Web Based Password Cracking Techniques 

• List the Authentication types
• What is a Password Cracker?
• How does a Password Cracker work?
• Understand Password Attacks - Classification
• Understand Password Cracking Countermeasures

SQL Injection 

• What is SQL injection?
• Understand the Steps to conduct SQL injection
• Understand SQL Server vulnerabilities
• Describe SQL Injection countermeasures

Wireless Hacking 

• Overview of WEP, WPA authentication systems and cracking techniques
• Overview of wireless Sniffers and SSID, MAC Spoofing
• Understand Rogue Access Points
• Understand Wireless hacking techniques
• Describe the methods in securing wireless networks

Virus and Worms 

• Understand the difference between an virus and a Worm
• Understand the types of Viruses
• How a virus spreads and infects the system
• Understand antivirus evasion techniques
• Understand Virus detection methods

Physical Security 

• Physical security breach incidents
• Understanding physical security
• What is the need for physical security?
• Who is accountable for physical security?
• Factors affecting physical security

Linux Hacking 

• Understand how to compile a Linux Kernel
• Understand GCC compilation commands
• Understand how to install LKM modules
• Understand Linux hardening methods

Evading IDS, Honeypots and Firewalls 

• List the types of Intrusion Detection Systems and evasion techniques
• List firewall and honeypot evasion techniques

Buffer Overflows

• Overview of stack based buffer overflows
• Identify the different types of buffer overflows and methods of detection
• Overview of buffer overflow mutation techniques

Cryptography 

• Overview of cryptography and encryption techniques
• Describe how public and private keys are generated
• Overview of MD5, SHA, RC4, RC5, Blowfish algorithms

Penetration Testing Methodologies 

• Overview of penetration testing methodologies
• List the penetration testing steps
• Overview of the Pen-Test legal framework
• Overview of the Pen-Test deliverables
• List the automated penetration testing tools