You are on page 1of 18

Exam 312-50 Certified Ethical Hacker

Comparison of CEHv7 and CEHv6.1 Exam Objectives


CEH v7 Exam Objectives
Module 01: Introduction to Ethical Hacking               Understand the issues plaguing the information security world Gain knowledge on various hacking terminologies Learn the basic elements of information security Understand the security, functionality and ease of use triangle Know the 5 stages of ethical hacking Understand the different types and implications of hacker attacks Understand hactivism and understand the classification of hackers Understand who is an ethical hacker Gain Information on how to become an ethical hacker Learn the profile of a typical ethical hacker Understand scope and limitations of ethical hacking Understand vulnerability research and list the various vulnerability research tools Learn the different ways an ethical hacker tests a target network Understand penetration testing and the various methodologies used

CEH v6.1 Exam Objectives


Module 01: Introduction to Ethical Hacking              Understand the issues plaguing the information security world Understand various hacking terminologies Understand the basic elements of information security Understand the security, functionality and ease of use triangle List the 5 stages of ethical hacking Understand the different type of hacker attacks Define hactivism and understand the classification of hackers Understand who is an ethical hacker How do you become an ethical hacker List the profile of a typical ethical hacker Understand vulnerability research and list the various vulnerability research tools Describe the ways to conduct ethical hacking What are the different ways an ethical hacker tests a target network

Module 02: Hacking Laws The Hacking Laws module is removed from CEHv7 core modules and exam objectives  Understand the U.S Federal Laws related to Cyber Crime o o o o o
Page | 1

18 U.S.C. 1029 18 U.S.C. 1030 18 U.S.C. 1362 18 U.S.C. 1831 18 U.S.C. 2318

Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

o o o o o o o o o

18 U.S.C. 2320 18 U.S.C. 2510 et seq 18 U.S.C. 2701 et seq 47 U.S.C. 605 Understand the SPY ACT Washington: RCW 9A.52.110 Florida: 815.01 to 815.07 Indiana: IC 35-43 Federal Managers Financial Integrity Act of 1982 The Freedom of Information Act: 5 U.S.C. 552 Federal Information Security Management Act (FISMA) The Privacy Act Of 1974: 5 U.S.C. 552a USA Patriot Act of 2001 Government (GPEA) Paperwork Elimination Act

o o

o o o

Understand the Cyber Crime Law in Mexico o Section 30-45-5 Unauthorized computer use

Understand the Cyber Crime Laws in Brazil o Art. 313-A : Entry of false data into the information system Art. 313-B : Unauthorized modification or alteration of the information system

Understand the Cyber Crime Law in Canada o Canadian Criminal Code Section 342.1

Understand the Cyber Crime Laws in the United Kingdom o o Computer Misuse Act 1990 Police and Justice Act 2006

Understand the Cyber Crime Law in Europe o Section 1 - Substantive Criminal Law

Understand the Cyber Crime Law in Belgium o Computer Hacking Article 550(b)

Understand the Cyber Crime Law in Denmark o Penal Code Section 263

Page | 2

Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

Understand the Cyber Crime Laws in France o Chapter III: Attacks On Systems For Automated Data Processing

 
 o o 

Article 323-1 Article 323-2

Understand the Cyber Crime Laws in Germany Penal Code Section 202a. Data Espionage Penal Code Section 303a: Alteration of Data

Understand the Cyber Crime Law in Greece o Criminal Code Article 370C2

Understand the Cyber Crime Law in Italy o Penal Code Article 615 ter: Unauthorized access into a computer or telecommunication systems

Understand the Cyber Crime Law in Italy o Criminal Code Article 138a

Understand the Cyber Crime Laws in Norway o o o Penal Code 145 Penal Code 145b Penal Code 151 b

Understand the Cyber Crime Laws in Switzerland o o Article 143b Article 144b

Understand the Cyber Crime Law in Australia o The Cybercrime Act 2001

Understand the Cyber Crime Law in India o The Information Technology Act, 2000

Understand the Cyber Crime Law in Japan o Law No. 128 of 1999

Understand the Cyber Crime Law in Singapore o Chapter 50A: Computer misuse Act

Understand the Cyber Crime Laws in Korea o Chapter VI Stability of the Information and Communications Network: Article 48,Article 49 Chapter IX Penal Provisions: Article 61

o
Page | 3

Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

Understand the Cyber Crime Law in Malaysia o Computer Crimes Act 1997

 

Understand the Cyber Crime Law in Hong Kong Telecommunication Law

Module 02: Footprinting and Reconnaissance                Understand the term Footprinting Learn the areas and information that hackers seek Gain knowledge on information gathering tools and methodology Understand the role of financial websites in footprinting Understand competitive intelligence and its need Understand DNS enumeration Understand Whois Learn different types of DNS records Understand how traceroute is used in Footprinting Recognize the Role of search engines in footprinting Learn the website mirroring tools Understand how e-mail tracking works Understand Google hacking and its tools Learn the countermeasures to be taken in footprinting Understand pen testing               

Module 03: Footprinting Define the term Footprinting Understand the areas and information that hackers seek Describe information gathering methodology Understand passive information gathering Understand competitive intelligence and its need Role of financial websites in footprinting Role of job portals in footprinting Understand DNS enumeration Understand Whois, ARIN lookup , Nslookup Identify different types of DNS records Understand how traceroute is used in Footprinting Role of search engines in footprinting Understand how e-mail tracking works Understand how web spiders work List the steps to fake a website

Module 04: Google Hacking The Google Hacking concepts are covered in Module 02: Footprinting and Reconnaissanceof CEHv7     
Page | 4

Understand the term Google Hacking Understand the Google Hacking Database How can hackers take advantage of the Google Hacking Database Understand the basics of Google Hacking Being anonymous using Cache
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

        

How can Google be used as a proxy server Understand directory listings Understand server versioning Understand directory traversal Understand incremental substitution Understand the advanced Google operators How to locate exploits and find targets How to track down web servers, login portals and network hardware Understand the various Google Hacking Tools

Module 03: Scanning Networks  Understand the term port scanning, network scanning and vulnerability scanning Understand the objectives of scanning Learn the CEH scanning methodology Understand Ping Sweep techniques Understand the Firewalk tool Gain knowledge on Nmap command switches Understand the three way handshake Understand the following Scans: SYN, Stealth, XMAS, NULL, IDLE, FIN, ICMP Echo, List, TCP Connect, Full Open, FTP Bounce, UDP, Reverse Ident, RPC, Window    Learn TCP communication flag types Gain knowledge on War dialing techniques Understand banner grabbing using OS fingerprinting, Active Stack Fingerprinting, Passive Fingerprinting and other techniques and tools Learn vulnerability scanning using BidiBlah and other hacking tools Learn to draw network diagrams of vulnerable hosts using various tools Understand how proxy servers are used in launching an attack
Page | 5

Module 05: Scanning  Define the term port scanning, network scanning and vulnerability scanning Understand the objectives of scanning Understand the CEH scanning methodology Understand Ping Sweep techniques Understand the Firewalk tool Understand Nmap command switches Understand the three way handshake Understand the following Scans: SYN, Stealth, XMAS, NULL, IDLE, FIN, ICMP Echo, List, TCP Connect, Full Open, FTP Bounce, UDP, Reverse Ident, RPC, Window    Understand FloppyScan List TCP communication flag types Understand War dialing techniques

      

      

Understand banner grabbing using OS fingerprinting, Active Stack Fingerprinting, Passive Fingerprinting and other techniques and tools Understand vulnerability scanning using BidiBlah and other hacking tools Draw network diagrams of vulnerable hosts using various tools
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

 

 

Exam 312-50 Certified Ethical Hacker

   

Gain insights on working of anonymizers Identify HTTP tunneling techniques Identify IP spoofing techniques Understand various scanning countermeasures

    

Understand how proxy servers are used in launching an attack How does anonymizers work Understand HTTP tunneling techniques Understand IP spoofing techniques Understand various scanning countermeasures

Module 04: Enumeration      Learn the system hacking cycle Understand Enumeration and its techniques Understand null sessions and its countermeasures Understand SNMP enumeration and its countermeasures Describe the steps involved in performing enumeration

Module 06: Enumeration      Understand the system hacking cycle Understand Enumeration and its techniques Understand null sessions and its countermeasures Understand SNMP enumeration and its countermeasures Describe the enumeration steps involved in performing

Module 05: System Hacking             Understand the different types of passwords Identify the different types of password attacks Identify password cracking techniques Understand Microsoft Authentication mechanism Describe password sniffing Identifying various password cracking tools Identify various password cracking countermeasures Understand privilege escalation Gain insights on key loggers and other spyware technologies Learn how to defend against spyware Identify different ways to hide files Understanding rootkits

Module 07: System Hacking             Understand the different types of password Understand the different types of password attacks Understand password cracking techniques Understand Microsoft Authentication mechanism Describe password sniffing Identifying various password cracking tools What are the countermeasures various password cracking

Understand privilege escalation Understand keyloggers technologies and other spyware

Understand different ways to hide files Understanding rootkits How do you identify rootkits, list the steps for the same
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Page | 6

Exam 312-50 Certified Ethical Hacker

   

Learn how to identify rootkits and steps involved Understand Alternate Data Streams Understand Steganography technologies and tools used Understand covering tracks, tools used and erase evidences

 

Understand Alternate Data Streams Understand Steganography technologies

Understand how to covering your tracks and erase evidences

Module 06: Trojans and Backdoors                   Define a Trojan Identify overt and covert channels Understand working of Trojans Identify the different types of Trojans What do Trojan creators look for Identify the different ways a Trojan can infect a system How to indicate a Trojan attack Identify the ports used by Trojan Identify listening ports using netstat Understand wrapping Understand Reverse Shell Trojan Understand ICMP tunneling Identify various classic Trojans Learn windows start up monitoring tools Understand the Trojan horse constructing kit Learn Trojan detection techniques Learn Trojan evading techniques Learn how to avoid a Trojan infection

Module 08: Trojans and Backdoors                   What is a Trojan Understand overt and covert channels Understand working of Trojans List the different types of Trojans What do Trojan creators look for List the different ways a Trojan can infect a system What are the indications of a Trojan attack? Identify the ports used by Trojan Identify listening ports using netstat What is meant by wrapping Understand Reverse Shell Trojan Understand ICMP tunneling Understand various classic Trojans Understand how Netcat Trojan works Understand the Trojan horse constructing kit Understand Trojan detection techniques Understand Trojan evading techniques How to avoid a Trojan infection

Module 07: Viruses and Worms     Understand virus and its history Characteristics of a virus Learn the working of a virus Understand the motive behind writing a virus
Page | 7

Module 09: Viruses and Worms     Understand virus and its history Characteristics of a virus How does a virus work Understand the motive behind writing a virus

Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

             

Understand how does a computer get infected by viruses Gain insights on virus hoax Understand virus analysis Understand the difference between a virus and a worm Understand the life cycle of virus Identify the types of viruses Understand how a virus spreads and infects the system Understand the storage pattern of virus Identify various types of classic virus found in the wild Virus writing technique Virus construction kits Understand antivirus evasion techniques Understand Virus detection methods and countermeasures Understand worm analysis

           

Symptoms of virus attack What is a virus hoax Understand the difference between a virus and a worm Understand the life cycle of virus Understand the types of viruses How a virus spreads and infects the system Understand the storage pattern of virus Understand various types of classic virus found in the wild Virus writing technique Virus construction kits Understand antivirus evasion techniques Understand Virus detection methods

Module 08: Sniffers             Understand sniffing and protocols vulnerable to it Identify types of sniffing Understand Address Resolution Protocol (ARP) Understanding the process of ARP Spoofing Understand active and passive sniffing Understand ARP poisoning Understand MAC duplicating Learn ethereal capture and display filters Understand MAC flooding Understand DNS spoofing techniques Identify sniffing countermeasures Know various sniffing tools
Page | 8

Module 10: Sniffers        Understand sniffing and protocols vulnerable to it Discuss types of sniffing Understand Address Resolution Protocol (ARP) How does ARP Spoofing work Understand active and passive sniffing Understand ARP poisoning Understand MAC duplicating

Understand ethereal capture and display filters    


Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Understand MAC flooding Understand DNS spoofing techniques Describe sniffing countermeasures

Exam 312-50 Certified Ethical Hacker

Identify sniffing detection and defensive techniques

Module 09: Social Engineering Understand Social Engineering              Understand human weakness Identify the different types of social engineering Learn warning signs of an attack Understand Dumpster Diving Understand Human-based Social Engineering Understand Insider attacks and its countermeasures Gain insights on Social Engineering threats and defense Comprehend Identity Theft Understand Phishing Attacks Identify Online Scams Understand URL obfuscation Understand social engineering on social networking sites Identify Social Engineering countermeasures

Module 11: Social Engineering        What is Social Engineering Understand human weakness List the different types of social engineering Understand Dumpster Diving Understand Reverse Social Engineering Understand Insider countermeasures attacks and its

Understand Social Engineering threats and defense

Understand Identity Theft      Describe Phishing Attacks Understand Online Scams Understand URL obfuscation Understand social engineering on social networking sites Social Engineering countermeasures

Module 12: Phishing Phishing is covered in Module 09: Social Engineering of CEHv7      Understand phishing and reasons for its success Different types of phishing Explain the process of phishing List different types of phishing attacks List the anti-phishing tools and countermeasures

Module 13: Hacking Email Accounts The Hacking Email Accountsmodule is removed from CEHv7 core modules and exam objectives   List different ways to get information related to email accounts Understand various e-mail hacking tools
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Page | 9

Exam 312-50 Certified Ethical Hacker

 

How to create strong passwords for e-mail accounts Explain Sign-in Seal

Module 10: Denial of Service               Understand a Denial of Service Attack Gain insights on Distributed Denial of Service Attacks Examine the working of Distributed Denial of Service Attacks Analyze Symptoms of a DoS Attack Understand Internet Chat Query (ICQ) Understand Internet Relay Chat (IRC) Assess DoS Attack Techniques Understand Botnets Assess DoS/DDoS Attack Tools Describe Detection Techniques Identify DoS/DDoS Countermeasure Strategies Analyze Post-Attack Forensics Identify DoS/DDoS Protection Tools Understand DoS/DDoS Penetration Testing

Module 14: Denial of Service                Understand Denial of Service(DoS) attacks What is the goal of a DoS attack Impact and modes of DoS attack Types of attacks Classify different types of DoS attacks Understand various tools used to launch DoS attacks Understand botnets and their use List the types of bots and their mode of infection Understand how DDoS attack works Characteristics of a DDoS attack Explain the Agent-Handler Model and DDoS IRC Model Understand Reflective DNS attacks How to conduct a DDoS attack Understand Reflected DoS attack Describe the DoS/DDoS countermeasures

Module 11: Session Hijacking          Understand what is Session Hijacking Identify Key Session Hijacking Techniques Understand Brute Forcing Attack Understand HTTP Referrer Attack Spoofing vs. Hijacking Understand Session Hijacking Process Identify types of Session Hijacking Analyze Session Hijacking in OSI Model Understand Application Level Session Hijacking
Page | 10

Module 15: Session Hijacking        Understand session hijacking Understand spoofing vs. hijacking What are the steps to perform session hijacking List the types in session hijacking Understand session hijacking levels Understand sequence number prediction Describe countermeasure to session hijacking

Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

           

Discuss Session Sniffing Describe Man-in-the-Middle Attack Understand Man-in-the-Browser Attack Examine Steps to Perform Man-in-theBrowser Attack Understand Client-side Attacks Understand Cross-site Script Attack Understand Session Fixation Attack Describe Network Level Session Hijacking Understand TCP/IP Hijacking Identify Session Hijacking Tools Identify Countermeasures of Session Hijacking Understand Session Hijacking Pen Testing Module 16: Hacking Webservers               Understand the working of a webserver How are webservers compromised Understand web server defacement Understand the attacks against web servers List the types of web server vulnerabilities Understand IIS Unicode exploits Understand patch management techniques Understand Web Application Scanner What is Metasploit Framework Understand various webserver testing tools Understand patch management List best practices for patch management Describe Web Server hardening methods Webserver protection checklist

Module 12: Hacking Webservers                  Understand Open Source Webserver Architecture Examine IIS Webserver Architecture Understand Website Defacement Understand why Web Servers are compromised Analyze Impact of Webserver Attacks Examine Webserver Misconfiguration Understand Directory Traversal Attacks Learn regarding HTTP Response Splitting Attack Understand Web Cache Poisoning Attack Understand HTTP Response Hijacking Discuss SSH Bruteforce Attack Examine Man-in-the-Middle Attack Learn Webserver Password Cracking Techniques Identify Web Application Attacks Understand Webserver Attack Methodology Identify Webserver Attack Tools Identify Counter-measures against
Page | 11

Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

Webserver Attacks    Understand Patch Management Assess Webserver Security Tools Understand Webserver Pen Testing

Module 13: Hacking Web Applications                Understand Introduction to Web Applications Identify Web Application Components Understand working of Web Applications Examine Web Application Architecture Assess Parameter/Form Tampering Understand Injection Flaws Discuss Hidden Field Manipulation Attack Describe Cross-Site Scripting (XSS) Attacks Understand Web Services Attack Understand Web Application Hacking Methodology Identify Web Application Hacking Tools Understand how to Defend Against Web Application Attacks Identify Web Application Security Tools Understand Web Application Firewalls Gain insights on Web Application Pen Testing

Module 17: Web Application Vulnerabilities      Understand the working of a web application Objectives of web application hacking Anatomy of an attack Understand various web application threats and its countermeasures Understand various web application hacking tools

Module 18: Web Based Password Cracking Techniques Web Based Password Cracking Techniques are covered in Module 13: Hacking Web Applications of CEHv7        
Page | 12

Understand authentication and authentication mechanisms Rules to select a good password Things to avoid while selecting passwords How to protect passwords How hackers get hold of passwords What is a Password Cracker? How does a Password Cracker work Modus operandi of an attacker using password
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

cracker   Understand Password Attacks - Classification Understand Password Cracking Countermeasures

Module 14: SQL Injection                  Understand SQL Injection Examine SQL Injection Attacks Understand working of Web Applications Identify Server Side Technologies Understand SQL Injection Detection Discuss SQL Injection Black Box Pen Testing Types of SQL Injection Understand Blind SQL Injection Learn SQL Injection Methodology Understanding SQL Query Examine Advanced Enumeration Describe Password Grabbing Discuss Grabbing SQL Server Hashes Identify SQL Injection Tools Understand Evasion Techniques for SQL Injection Understand Defensive strategies Against SQL Injection Attacks Identify SQL Injection Detection Tools

Module 19: SQL Injection        What is SQL injection Understand the steps to conduct SQL injection Understand various SQL injection techniques Understand SQL Server vulnerabilities How to test for SQL injection vulnerabilities Understand various SQL injection tools Understand Blind countermeasures SQL injection and its

Module 15: Hacking Wireless Networks       Understand Wireless Networks Gain Insights on Wireless Networks Understand various types of Wireless Networks Understand Wi-Fi Authentication Modes Identify types of Wireless Encryption Understand WEP Encryption
Page | 13

Module 20: Hacking Wireless Networks       Understand wireless network architecture Differentiate between wireless and wired network What are the effects of wireless networks on business Understand the types of wireless networks List the advantage and disadvantage of wireless network Understand various wireless standards
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

        

Understand WPA/WPA2 Discuss Wireless Threats Understand Wireless Hacking Methodology Assess Wireless Hacking Tools Understand Bluetooth Hacking Understand how to Defend Against Bluetooth Hacking Understand how to Defend against Wireless Attacks Identify Wi-Fi Security Tools Examine Wireless Penetration Testing Framework

            

Understand various wireless concepts and devices Overview of WEP, WPA, WPA2 systems and cracking techniques authentication

Overview of wireless Sniffers and SSID, MAC Spoofing Understand Rogue Access Points Understand wireless hacking techniques Understand TKIP, LEAP Understand MAC Sniffing, AP Spoofing, MITM, DoS attacks Understand phone jammers How to detect a wireless network Understand various wireless hacking tools List the steps to hack a wireless network Understand WIDZ and RADIUS Describe the methods in securing wireless networks

Module 21: Physical Security The Physical Securitymodule is removed from CEHv7 core modules and exam objectives               
Page | 14

Physical security breach incidents Understanding physical security Need for physical security Who is accountable for physical security Factors affecting physical security Physical security checklist for organizations Authentication mechanisms How to fake fingerprints Understand wiretapping Understand lock picking Understanding wireless and laptop security Laptop security countermeasures Understand mantrap, TEMPEST List the challenges in ensuring physical security Understand spyware technology
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

Module 22: Linux Hacking The Linux Hackingmodule is removed from CEHv7 core modules and exam objectives                  What is the need for a Linux Operating System Linux distributors Understand the basic commands of Linux Understand the Linux file structure and networking commands List the directories in Linux Understand how to install, configure and compile a Linux Kernel Understand installing a Kernel patch Understand GCC compilation commands List vulnerabilities in Linux Why is Linux hacked How to apply patches to vulnerable programs Understand password cracking in Linux Understand IP Tables Basic Linux Operating System Defense Understand how to install LKM modules Understand AIDE Understand Linux hardening methods

Module 16: Evading IDS, Firewalls, and Honeypots          Understand Intrusion Detection Systems (IDS) Learn Ways to Detect an Intrusion Acquire knowledge on various types of Intrusion Detection Systems Understand what is a Firewall Types of Firewall Identify Firewall Identification Techniques Understand Honeypot Assess various types of Honeypot Understand how to Set up a Honeypot
Page | 15

Module 23: Evading IDS, Honeypots and Firewalls          Understand Intrusion Detection Systems (IDS) Where to place an IDS Ways to detect an intrusion Understand the types of IDS Understand System Integrity Verifiers Understand True/False, Positive/Negative Signature analysis in an IDS List the general indications of a possible intrusion Steps to perform after IDS detects attack
Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

      

Understand IDS, Firewall and Honeypot System Examine Evading IDS Understand Evading Firewall Learn detecting Honeypots Identify Firewall Evading tools Identify Countermeasures Analyze Firewall and IDS Penetration Testing

         

List the IDS evasion techniques Understand firewall and its working List the type of firewalls Understand firewalking, banner grabbing IDS and Firewall testing tool What is a honeypot List the types of honeypots, advantage and disadvantage Honeypot placement Differentiate honeypots between physical and virtual

Countermeasures to hack attacks

Module 17: Buffer Overflow               Understand Buffer Overflows (BoF) Understand Stack-Based Buffer Overflow Know Heap-Based Buffer Overflow Understand Stack Operations Identify Buffer Overflow Steps Analyze attacking a Real Program Examine Smashing the Stack Examples of Buffer Overflow Understand how to Mutate a Buffer Overflow Exploit Learn how to identify Buffer Overflows Testing for Heap Overflow Conditions: heap.exe Understand steps for Testing Stack Overflow in OllyDbg Debugger Identify Buffer Overflow Detection Tools Understand Defense Against Buffer
Page | 16

Module 24: Buffer Overflows           Why are programs/applications vulnerable to buffer overflow Understand buffer overflows and reasons for attacks List the knowledge required to program buffer overflow exploits Understand stacks, heaps, NOPS Identify the different types of buffer overflows and methods of detection Understand assembly language Overview of shellcode Overview of techniques buffer overflow mutation

Writing buffer overflow programs in C Buffer overflow code analysis

Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

Overflows   Identify Buffer Overflow Countermeasures Tools Understand Buffer Overflow Pen Testing

Module 18 Cryptography                  Understand Cryptography Learn various types of Cryptography Understand Ciphers Gain insights on Advanced Encryption Standard (AES) Understand RC4, RC5, RC6 Algorithms Examine RSA (Rivest Shamir Adleman) Explain Message Digest Function: MD5 Understand Secure Hashing Algorithm (SHA) Identify Cryptography Tools Understand Public Key Infrastructure (PKI) Understand Email Encryption Identify Digital Signature Describe SSL (Secure Sockets Layer) Examine Disk Encryption Identify Disk Encryption Tools Understand Cryptography Attacks Identify Cryptanalysis Tools

Module 25: Cryptography               Overview of cryptography and encryption techniques Understand cryptographic algorithms Describe how public and private keys are generated Overview of MD5, SHA, RC4, RC5, Blowfish algorithms Understand digital signature List the components of a digital signature Method of digital signature technology Application of digital signature Understand digital signature standard Digital signature algorithm Overview of digital certificates Understand code breaking methodologies Understand cryptanalysis List the cryptography attacks

Module 19: Penetration Testing     Understand Penetration Testing (PT) Identify Security Assessments Examine Risk Management Understand various types of
Page | 17

Module 26: Penetration Testing Methodologies     Overview of methodologies penetration testing

Understand security assessments Understand vulnerability assessment and its limitation Understand types of penetration testing

Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

Exam 312-50 Certified Ethical Hacker

Penetration Testing          Understand Automated Testing Understand Manual Testing Understand Penetration Testing Techniques Know the Penetration Testing Phases Understand Enumerating Devices Understand Penetration Testing Roadmap Understand Denial of Service Emulation Outsourcing Pen Testing Services Identify various Penetration testing tools         Understand risk management Outsourcing penetration testing service List the penetration testing steps Overview of the Pen-Test legal framework Overview of the Pen-Test deliverables List the automated penetration testing tools Best practices Phases of penetration testing

Page | 18

Ethical Hacking and Countermeasures Copyright by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.

You might also like