Muutke küpsiste eelistusi

Certified Ethical Hacker (CEH) Exam Cram [Multiple-component retail product]

  • Formaat: Multiple-component retail product, 448 pages, kõrgus x laius x paksus: 100x100x100 mm, kaal: 100 g, Contains 1 Digital product license key and 1 Paperback / softback
  • Sari: Exam Cram
  • Ilmumisaeg: 04-Mar-2022
  • Kirjastus: Pearson IT Certification
  • ISBN-10: 0137513445
  • ISBN-13: 9780137513444
Teised raamatud teemal:
Certified Ethical Hacker (CEH) Exam CramSuurem pilt
  • Formaat: Multiple-component retail product, 448 pages, kõrgus x laius x paksus: 100x100x100 mm, kaal: 100 g, Contains 1 Digital product license key and 1 Paperback / softback
  • Sari: Exam Cram
  • Ilmumisaeg: 04-Mar-2022
  • Kirjastus: Pearson IT Certification
  • ISBN-10: 0137513445
  • ISBN-13: 9780137513444
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9780137513444.html
Märksõnad:
CEH v11 Certified Ethical Hacker Exam Cram is the perfect study guide to help you score higher on the updated EC-Council CEH v11 exam. Using the proven Exam Cram method of study, it offers comprehensive foundational learning for all facets of ethical hacking and penetration testing. 


Chuck Easttom’s expert real-world approach reflects both his expertise as one of the leading cybersecurity practitioners and instructors in the world, as well as test-taking insights he has gained from teaching CEH preparation courses worldwide, including courses taught directly for EC-Council. Easttom assumes no prior knowledge: readers will little or no experience in ethical hacking and penetration testing can obtain the knowledge they need to take and pass the exam. He thoroughly covers every CEH v11 topic, including: 

  • Reconnaissance and scanning 
  • Enumeration and vulnerability scanning 
  • System and session hacking 
  • Malware, sniffing, social engineering, and DOS attacks 
  • Evading security measures 
  • Hacking web servers, applications, wireless, mobile, IoT, and OT 
  • Cloud computing, cryptography, and more 

Extensive preparation tools include topic overviews, exam alerts, CramSavers, CramQuizzes, chapter-ending review questions, author notes and tips, and an extensive glossary. The handy Cram Sheet tear-out brings together tips, acronyms, and memory joggers not available anywhere else -- perfect for last-minute study. 


Powerful Pearson Test Prep practice test software offers an extensive collection of exam-realistic practice questions, with many customization and reporting features: test yourself in study mode, practice exam mode, or flash card mode. The companion website also provides access to several digital assets including the Glossary and Cram Sheet. 
Introduction xx
Chapter 1 Reconnaissance and Scanning 1(32)
Reconnaissance Types
1(21)
Passive Reconnaissance Techniques
3(19)
Active Reconnaissance Techniques
22(10)
SSDP Scan
25(1)
Nmap
26(2)
hping
28(1)
Banner Grabbing
29(1)
TTL and TCP Scanning
29(1)
Evading IDS/Firewall
30(2)
What Next?
32(1)
Chapter 2 Enumeration and Vulnerability Scanning 33(32)
Scanning
33(10)
TCP Scanning
34(3)
ICMP Scanning
37(6)
Scanning Process
43(9)
Network Mapping
45(7)
Network Packet Capture
52(5)
tcpdump
52(1)
tcpdump eth0
53(1)
tcpdump -c 500 -i eth0
53(1)
tcpdump -D
53(1)
Wireshark
54(3)
Vulnerability Scanning
57(6)
Scoring Vulnerabilities
59(1)
Nessus
60(1)
Nexpose
61(1)
SAINT
61(1)
Additional Vulnerability Assessment Tools
62(1)
What Next?
63(2)
Chapter 3 System Hacking 65(28)
CEH Methodology
65(8)
Password Cracking
67(3)
pwdump
70(1)
RainbowCrack
70(1)
Other Password Cracking Tools
71(2)
Pass the Hash
73(6)
LLMNR/NBT-NS Poisoning
74(1)
DLL Hijacking and Injection
74(1)
Alternate Data Streams
75(1)
macOS Attacks
76(1)
Malware
76(1)
Rootkits
77(2)
Spyware
79(13)
Steganography
80(3)
Covering Tracks
83(1)
Metasploit
84(5)
Session Hijacking
89(3)
What Next?
92(1)
Chapter 4 Malware 93(30)
Malware Types
94(14)
Trojan Horses
94(5)
Backdoor
99(1)
Spyware
99(1)
Ransomware
100(1)
Rootkits
101(1)
Fileless Malware
102(1)
Botnet
103(1)
Advanced Persistent Threats
103(1)
Exploit Kits
104(1)
How Malware Spreads
104(1)
Malware Components
105(1)
Malware Evasion Techniques
106(2)
Viruses
108(7)
Types of Viruses
109(2)
Creating a Virus
111(3)
Logic Bombs
114(1)
Protecting Against Malware
115(7)
Indicators of Malware
116(1)
Sheep Dipping
116(1)
Backups
117(1)
Malware Analysis
117(3)
Antivirus
120(2)
What Next?
122(1)
Chapter 5 Packet Sniffing and Social Engineering 123(28)
Social Engineering
123(15)
Human-Based Social Engineering
128(1)
Computer-Based Social Engineering
129(3)
Mobile-Based Social Engineering
132(1)
Insider Threats
132(1)
More on Social Engineering
133(1)
Social Engineering Countermeasures
134(4)
Packet Sniffing
138(12)
Passive Versus Active Sniffing
139(1)
Hardware Protocol Analyzers
139(1)
Network Information
140(2)
Active Attack Techniques
142(6)
Protocol Scanning
148(2)
What Next?
150(1)
Chapter 6 Denial of Service and Session Hijacking 151(22)
Denial of Service
151(14)
Protocol Attacks
152(2)
Application Layer Attacks
154(1)
Volumetric Attacks
155(1)
Other DoS Attacks
156(3)
Common Tools Used for DoS Attacks
159(3)
Countermeasures to DoS and DDoS Attacks
162(2)
DoS in the Real World
164(1)
Session Hijacking
165(7)
The Session Hijacking Process
167(1)
Specific Session Hijacking Methods
167(3)
Countermeasures for Session Hijacking
170(2)
What Next?
172(1)
Chapter 7 Evading Security Measures 173(32)
Intrusion Detection Systems
173(10)
Types of IDSs
174(6)
Intrusions
180(3)
Firewalls and Honeypots
183(6)
Packet Filtering
185(1)
Stateful Packet Inspection Firewalls
185(1)
Application Gateways
185(1)
Next-Generation Firewalls (NGFWs)
186(1)
Honeypots
187(2)
Virtual Private Networks
189(3)
IDS Evasion Techniques
192(6)
Obfuscation
193(1)
Insertion Attacks
194(1)
Denial of Service (DoS) Attacks
194(1)
Session Splicing
194(1)
Fragment Attacks
195(1)
Time to Live Attacks
195(1)
Invalid RST Packet Attacks
196(1)
Urgency Flag
196(1)
Polymorphism
196(1)
Desynchronization
197(1)
Evasion Countermeasures
197(1)
Firewall Evasion Techniques
198(6)
Firewall Identification
200(1)
Obfuscation
200(1)
Source Routing
201(1)
Tunneling
201(1)
WAF Bypass
202(1)
Firewall Evasion Tools
202(1)
Firewall Evasion Countermeasures
203(1)
What Next?
204(1)
Chapter 8 Hacking Web Servers and Web Applications 205(28)
Web Servers
205(9)
Web Server Architecture
207(1)
Web Server Issues
208(1)
Attacks on Web Servers
209(2)
Web Shells
211(1)
Securing the Web Server
211(3)
Web Applications
214(18)
SQL Script Injection
216(4)
XSS
220(1)
Remote File Inclusion
221(1)
CSRF
221(1)
Forceful Browsing
222(1)
Parameter Tampering
222(1)
Cookie Poisoning
223(1)
LDAP Injection
223(1)
Command Injection
224(1)
Web API
224(1)
Webhook
224(1)
OWASP Top 10
225(2)
Web Footprinting
227(2)
Metasploit
229(3)
What Next?
232(1)
Chapter 9 Hacking Wireless 233(26)
Wireless Technology
233(12)
Wireless Terminology
234(1)
IEEE 802.11 Standard
235(4)
Wi-Fi Security
239(4)
Bluetooth
243(1)
Zigbee
243(2)
Hacking Wireless
245(13)
General Attacks
246(1)
Wi-Fi Discovery and Scanning
246(1)
Rogue Access Attacks
247(1)
MAC Spoofing
248(1)
Key Reinstallation (KRACK) Attacks
248(1)
Jamming Attacks
249(1)
Geo Mapping Wi-Fi
250(1)
Aircrack-ng
250(1)
Wireless ARP Poisoning
251(1)
Wireless Security
252(1)
Bluetooth Attacks
252(3)
Creating a Wireless Hot Spot
255(3)
What Next?
258(1)
Chapter 10 Hacking Mobile 259(24)
Mobile Technologies
259(15)
Cellular Networks
260(3)
Cell System Components
263(2)
Mobile Operating Systems
265(9)
Mobile Threats
274(8)
Mobile Attack Vectors
275(1)
SSL Stripping
276(1)
Mobile Spam
276(1)
Open Access Points
276(1)
Vulnerable Sandboxing
276(1)
Smishing
277(1)
Malicious Apps
277(3)
Attack Software
280(1)
Pen Testing Methodology
281(1)
What Next?
282(1)
Chapter 11 IOT and OT Hacking 283(26)
IoT Fundamentals
283(13)
V2 X
287(1)
Protocols
287(2)
MQTT
289(1)
Wired
290(1)
NFC
290(1)
Operating Systems
290(1)
IoT Architectures
291(2)
SCADA/ICS
293(1)
Operational Technology (0T)
294(1)
Healthcare IoT
294(1)
IoT Platforms
294(2)
IoT Security and Hacking
296(12)
IoT Security Layers
297(1)
HVAC Exploitation
297(1)
BlueBorne Attack
298(1)
Mirai
298(1)
Sybil Attacks
299(1)
Black Hole Attacks
299(1)
Rushing Attacks
299(1)
Rolling Code Attacks
299(1)
Jamming Attacks
300(1)
Hello Flood
300(1)
Mozi Botnet
300(1)
Attify Zigbee
300(1)
OWASP TOP 10
300(2)
Ethical Hacking Process
302(2)
Scanning
304(3)
Attacking
307(1)
What Next?
308(1)
Chapter 12 Cloud Computing and Hacking 309(24)
Cloud Fundamentals
309(14)
Basic Cloud Concepts
310(7)
Cloud Security Issues
317(4)
Serverless Computing
321(1)
Containers
321(2)
Cloud Computing Attacks
323(8)
General Threats
324(1)
Service Hijacking
325(1)
Cross-Site Scripting
326(1)
SOAP Attacks
326(1)
Man-in-the-Cloud Attacks
327(1)
DNS Attacks
327(1)
Side-Channel Attacks
328(1)
Authentication Attacks
328(1)
Specific Vulnerabilities
329(1)
Cloud Penetration Testing
329(2)
What Next?
331(2)
Chapter 13 Cryptography 333(34)
Cryptography Concepts
333(16)
Symmetric Ciphers
335(2)
Asymmetric Ciphers
337(5)
Hashes
342(4)
Cryptographic Tools
346(3)
PKI
349(8)
Digital Certificates
351(1)
Digital Signatures
352(1)
SSL/TLS
352(5)
Cryptographic Attacks
357(8)
Cryptanalysis
358(2)
Rainbow Tables
360(2)
The Birthday Paradox
362(1)
DUNK
363(1)
Poodle
363(1)
DROWN
363(1)
CRIME
364(1)
What Next?
365(2)
Glossary 367(24)
Index 391
Dr. Chuck Easttom is the author of 34 books, including several on computer security, forensics, and cryptography. He holds a doctor of science degree in cybersecurity, a Ph.D. in nanotechnology, a Ph.D. in computer science, and three master's degrees (one in applied computer science, one in education, and one in systems engineering). He is also an inventor with 23 patents. He is a senior member of both the IEEE and the ACM. He is also a Distinguished Speaker of the ACM and a Distinguished Visitor of the IEEE. Dr. Easttom is currently an adjunct professor for Georgetown University and for University of Dallas.