دانلود کتاب Certified Ethical Hacker (CEH) v11 312-50 Exam Guide: Keep up to date with ethical hacking trends and hone your skills with hands-on activities

فهرست مطالب :

Cover
Title Page
Copyright and Credits
Dedication
Foreword
Contributors
Table of Contents
Preface
Section 1: Where Every Hacker Starts
Chapter 1: Understanding Ethical Hacking
The benefits of the CEH certification
Is the CEH certification right for you?
The requirements and the skills you need to become a CEH
Ethical hacking
What is information security?
An overview of information security
The CIA triad
Types of cyberattacks
The technology triangle
Types of hackers
Hacking phases
The purpose/goal of cyberattacks
The Cyber Kill Chain – understanding attackers and their methods
Tactics, techniques, and procedures
Adversary behavior identification
Indicators of compromise
Information security controls
Enter ethical hacking
The importance of ethical hacking
Understanding defense-in-depth strategies
Information security laws and standards
Payment Card Industry Data Security Standard
ISO, IEC 2701 2013
Health Insurance Portability and Accountability Act
Privacy rules
Security rule
National identifier
Enforcement rule
The Sarbanes-Oxley (SOX) Act
The Digital Millennium Copyright Act
Federal Information Security Management Act
General Data Protection Regulation
The Data Protection Act 2018
Summary
Questions
Chapter 2: Introduction to Reconnaissance
Overview of reconnaissance
Types of reconnaissance
Goals of recon
Overview of the tools of recon
Search engines
Let\'s start with the basics
Google hacking
Google operators
Using Google operators
Google Hacking Database
Other Google hacking tools
Using WHOIS
Using ping and DNS
Summary
Questions
Chapter 3: Reconnaissance – A Deeper Dive
Investigating the target\'s website
Advanced DNS tricks
Netcraft
The Wayback Machine
What organizations give away for free
Job sites
Marketing and customer support
Financial and competitive analysis data
Employees – the weakest link
Facebook
LinkedIn
Researching people
Social engineering
You\'ve got mail = I\'ve got you!
Reconnaissance countermeasures
Countermeasures
Summary
Questions
Chapter 4: Scanning Networks
Grasping scanning
Types of scanning
What\'s the goal?
What techniques are used?
Tools used for scanning
Understanding the three-way handshake
TCP and UDP communications
Checking for live systems and their ports
ICMP sweep/ping sweep
Port scanning
What\'s firewalking?
Mobile apps that help
Scanning by thinking outside the box
Full scans
Half-open scan
Xmas scans
FIN scans
NULL scans
UDP scans
Idle scans
Listing scanning
SSDP scanning
Countermeasures
More IDS evasion methods
Banner grabbing and OS fingerprinting
OS fingerprinting
Countermeasures
Vulnerability scanning and drawing out the network
What is vulnerability scanning?
Types of scanners
How does vulnerability scanning work?
Vulnerability scanning tools
After scanning
Why draw out the network?
Preparing proxies and other anonymizing techniques
What is a proxy?
How to use a proxy
Proxy o\'plenty
HTTP tunneling
Anonymizers
Summary
Questions
Chapter 5: Enumeration
What is enumeration?
Some of my favorite enumeration weak points
Ports and services to know about
Enumerating via defaults
NetBIOS enumeration
Enumerating using SNMP
Enumerating via LDAP
Understanding LDAP
Classes
What can we learn from LDAP?
Network Time Protocol
Enumerating using SMTP
The golden ticket – DNS
Reverse lookups
Zone transfers
DNS records
Sum it up
Oh wait, there\'s more!
IPsec
VoIP enumeration
Enumerating with Remote Procedure Call (RPC)
The countermeasures
Defaults and NetBIOS
SNMP
LDAP
Network Time Protocol (NTP)
Simple Mail Transfer Protocol (SMTP)
DNS
Summary
Questions
Chapter 6: Vulnerability Analysis
Vulnerability analysis – where to start
Vulnerability classifications
The benefits of a vulnerability management program (VMP)
Vulnerability assessments
Types of vulnerability assessments
The vulnerability life cycle
Types of vulnerability assessment solutions
Corporate policies and regulations
The scope of scanning
Scanning frequency
Types of scans
Scanner maintenance
Classifying data
Document management
Ongoing scanning and monitoring
Understanding which scanner you should use
The difference between open source and commercial scanners
On-premises versus the cloud
Security Content Automation Protocol (SCAP)
Exploit scanners
Common Vulnerability Scoring System (CVSS)
Trends
Summary
Questions
Chapter 7: System Hacking
Understanding our objectives
The five phases
Phase 1 – Gaining access and cracking passwords
What\'s cracking?
Complexity
Password architecture
Methods for cracking/password hacking
Types of attacks
Authentication methods designed to help
Other cracking methods
Phase 2 – Escalating privileges
We\'ve made it in. What now?
Countermeasures
Types of escalations
Other Windows issues
Scheduled tasks
Apple issues
Linux issues
Web shells
Buffer overflows
Denial of service
Phase 3 – Maintaining access and executing applications
Spyware and backdoors
Types of spyware
More about backdoors
Phase 4 – Maintaining access and hiding your tools
Rootkits
Horse Pill
Alternate Data Streams
Detecting rootkits
Steganography
Phase 5 – Covering your tracks – Clearing logs and evidence
Basic method – Five things to do
Advanced methods
Summary
Questions
Chapter 8: Social Engineering
Understanding social engineering
Social engineering\'s most common victims
The effects of a social engineering attack on a company
Attack-vulnerable behaviors
Factors that predispose businesses to attacks
What makes social engineering work?
Social engineering\'s attack phases
Social engineering methods
People-based social engineering
Computer-based social engineering
Mobile-based social engineering
Threats from within
Reasons for insider attacks
Different kinds of insider threats
Why are insider attacks so successful?
Insider threat behavioral signs
Impersonation on social networking sites
Threats to corporate networks from social media
Identity theft
Different kinds of identity theft
Identity theft warning signs
Countermeasures
Countermeasures against social engineering
Policies for passwords
Policies concerning physical security
Planning for defense
Discovering insider threats
Countermeasures against insider threats
Countermeasures against identity theft
Countermeasures against phishing
Summary
Questions
Further reading
Section 2: A Plethora of Attack Vectors
Chapter 9: Malware and Other Digital Attacks
So, what is malware?
What\'s the purpose of malware?
Types of malware
The life cycle of malware
Phase 1 – Infection phase
Phase 2 – Attack phase
Phase 3 – Camouflage
How is malware injected into a target system?
Advanced persistent threats
What is a Trojan?
Types of Trojans
Common Trojans
So, what\'s the difference?
Trojan creators\' goals
How Trojans communicate and hide
Symptoms of Trojan infection
How to infect a target with a Trojan
How do Trojans get into our systems?
How Trojans avoid being picked up by antivirus
Viruses and worms
Types of viruses and worms
Why a virus and signs you\'ve got one
Signs of infection
Deployment of viruses
Investigation of malware
Tools in our utility belt
DoS threats
Distributed DoS (DDoS) attack
Botnets
Mitigation strategies
Session-hijacking threats
Preventing session hijacking
Master list of countermeasures
Antivirus
Creating a security policy
Watching the download
Updating your software
Updating applications
Attachment issues
Legitimate source
Keeping informed
Antivirus
Checking your media
Watching your popups
Chat files
Firewall and UAC
Summary
Questions
Chapter 10: Sniffing and Evading IDS, Firewalls, and Honeypots
What is sniffing?
Sniffing dangers
Types of sniffing
Spoofing attacks
DHCP starvation attack
DHCP server attack
MAC flooding attack
DNS poisoning
ARP poisoning
Password sniffing
Switch-port stealing technique
Hardware versus software sniffing
Sniffing mobile apps
DHCP assaults
DHCP starvation attacks
Going rogue
Countermeasures
MAC attacks
CAM
Flooding
Countermeasures
ARP poisoning
ARP spoofing
How to poison the network via ARP
IRDP attacks
Dangers of ARP attacks
Countermeasures
DNS poisoning
Intranet poisoning
Internet poisoning
Proxy server poisoning
Poisoning the cache
Detecting sniffing methods
Various techniques to detect sniffing attacks
Sniffing attacks countermeasures
Evading IDS
So, how do hackers evade IDSs?
Moving around firewalls
Bastion host
Screened subnet (or demilitarized zone (DMZ))
Multi-homed firewall
Software firewalls
Hardware firewalls
Application proxy
A few techniques to evade firewalls
Honeypots
Detecting a honeypot
Honeypot tools
Summary
Questions
Chapter 11: Hacking Wireless Networks
The wireless network and its types
Frequency hopping spread spectrum
Direct sequence spread spectrum
Basic service set identifier
SSID
Global System for Mobile Communications
Hotspot
Association
MIMO-OFDM
The disadvantages of Wi-Fi
The advantages of Wi-Fi
Types of Wi-Fi networks
Different Wi-Fi technologies
Wi-Fi authentication modes
Chalking – ways to identify Wi-Fi networks
Antenna types
The right encryption can help
WEP encryption
Wi-Fi Protected Access
WPA2
WPA3
Weak initialization vectors
Security measures
A plethora of attack vectors
Access control attacks
Integrity attacks
Confidentiality attacks
Availability attacks
Authentication attacks
Attacks on the APs
Attacks on clients
Methodology of wireless hacking
Step 1: Wi-Fi discovery
Step 2: Wireless traffic analysis
Step 3: In-depth reconnaissance
Step 4: Launching the attack
Step 5: Cracking the encryption
Hacking Bluetooth
More about Bluetooth
Countermeasures for Bluetooth
The six layers of wire security
Countermeasures
Disable SSID broadcasting
Disable remote login and wireless administration to the device
Enable MAC filtering
Update drivers on Wi-Fi devices
Create a centralized authentication server
Secure Wi-Fi devices
Best practices for the SSID settings
Summary
Questions
Chapter 12: Hacking Mobile Platforms
Vulnerabilities in mobile environments
OWASP\'s Top 10 risks for mobile devices
Hacking Android
Android security
Hacking techniques
Locking down Android devices
Hacking iOS
The Apple architecture
Jailbreaking
Mobile device management
Guidelines and cool tools
Summary
Questions
Section 3: Cloud, Apps, and IoT Attacks
Chapter 13: Hacking Web Servers and Web Apps
Why web servers create security issues
Components of a web server
Types of architecture
Why are web servers compromised?
Adding web apps
Threats to both servers and applications
Web server attacks
Authorization attacks
Web application attacks
The vulnerabilities of web APIs, web shells, and webhooks
Web APIs
Web shells
Webhooks
Detecting web server hacking attempts
Web application security testing
Summary
Questions
Chapter 14: Hacking IoT and OT
Understanding IoT
How does it all work?
The architecture of IoT
Protocols and technologies
Operating systems for IoT
The challenges that IoT presents
Physical issues
IoT hacking
Types of IoT attacks
Methods used for IoT
Reconnaissance
Vulnerability scanning
Launching attacks
Gaining and maintaining remote access
Countermeasures to protect IoT devices
OT and methods used to hack it
Hacking OT – a threat to critical infrastructure
Introduction to industrial control systems (ICSs)
Summary
Questions
Chapter 15: Cloud Computing
Living on Cloud 9
Cloud computing models
Separation of responsibilities in cloud computing
Deployment models
Container technology
Cloud storage architecture
Cloud storage services
NIST cloud deployment reference architecture
Attacking the cloud
Cloud security
Container vulnerabilities
Tools and techniques of the attackers
The tools
Best practices for securing the cloud
Summary
Questions
Chapter 16: Using Cryptography
Understanding cryptography
Why use cryptology?
Types of cryptography
Learning about ciphers
Using other algorithms
Standards and protocols
DSA
RSA
Hashes
Message digest
Ciphers designed for messages
PKI made simple
SSL and TLS
Countermeasures for cryptography
Summary
Questions
Chapter 17: CEH Exam Practice Questions
Exam questions
Answer key
Assessments
Chapter 1 – Understanding Ethical Hacking
Chapter 2 – Introduction to Reconnaissance
Chapter 3 – Reconnaissance – a Deeper Dive
Chapter 4 – Scanning Networks
Chapter 5 – Enumeration
Chapter 6 – Vulnerability Analysis
Chapter 7 – System Hacking
Chapter 8 – Social Engineering
Chapter 9 – Malware and Other Digital Attacks
Chapter 10 – Sniffing and Evading IDS, Firewalls, and Honeypots
Chapter 11 – Hacking Wireless Networks
Chapter 12 – Hacking Mobile Platforms
Chapter 13 – Hacking Web Servers and Web Apps
Chapter 14 – Hacking IoT and OT
Chapter 15 – Cloud Computing
Chapter 16 – Using Cryptography
Index
About Packt
Other Books You May Enjoy