CEH Certified Ethical Hacker Cert Guide, 4th edition
BRAND: PEARSON
eBook edition. Monthly Subscription. Dành cho Cá nhân | Trường ĐH, Nhóm, Thư Viện: Gọi 0915920514 để báo giá Pearson, Vital Source eBook hoặc mua Sách In
Tổng quan sách
Mọi tính năng của cuốn sách này đều hỗ trợ cả việc luyện thi hiệu quả và khả năng nắm vững lâu dài:Danh sách chủ đề mở đầu xác định các chủ đề sinh viên cần học trong mỗi chương và liệt kê các mục tiêu kỳ thi chính thức của EC-CouncilCác số liệu, bảng và danh sách của Chủ đề chính thu hút sự chú ý đến thông tin quan trọng nhất để thành công trong kỳ thi Nhiệm vụ luyện thi cho phép học sinh ôn tập các chủ đề chính, xác định các thuật ngữ chính, giải quyết các tình huống và trả lời các câu hỏi ôn tập…vượt xa các kiến thức đơn thuần để nắm vững các khái niệm quan trọng để vượt qua kỳ thi và nâng cao năng lực nghề nghiệpCác thuật ngữ chính được liệt kê trong mỗi chương và được định nghĩa trong một bảng chú giải thuật ngữ hoàn chỉnh, giải thích các thuật ngữ cần thiết trong lĩnh vực nàyTài liệu hướng dẫn ôn tập này giúp học viên nắm vững tất cả các chủ đề trong kỳ thi CEH mới nhất, bao gồm:Khái niệm cơ bản về hack đạo đứcCơ sở kỹ thuật của hackDấu chân và quétBảng liệt kê và hack hệ thốngKỹ thuật xã hội, mối đe dọa phần mềm độc hại và phân tích lỗ hổngKẻ đánh hơi, chiếm quyền điều khiển phiên và từ chối dịch vụHack máy chủ web, ứng dụng web và tấn công cơ sở dữ liệuCông nghệ không dây, bảo mật di động và các cuộc tấn công di độngIDS, tường lửa và honeypotCác cuộc tấn công và phòng thủ bằng mật mãĐiện toán đám mây, IoT và botnet
- Introduction xxvii
- Chapter 1An Introduction to Ethical Hacking 3"Do I Know This Already?" Quiz 3Foundation Topics 7Security Fundamentals 7Goals of Security 8Risk, Assets, Threats, and Vulnerabilities 9Backing Up Data to Reduce Risk 11Defining an Exploit 12Risk Assessment 13Security Testing 14No-Knowledge Tests (Black Box) 14Full-Knowledge Testing (White Box) 15Partial-Knowledge Testing (Gray Box) 15Types of Security Tests 15Incident Response 17Cyber Kill Chain 18Hacker and Cracker Descriptions 19Who Attackers Are 20Ethical Hackers 21Required Skills of an Ethical Hacker 22Modes of Ethical Hacking 23Test Plans--Keeping It Legal 25Test Phases 27Establishing Goals 28Getting Approval 29Ethical Hacking Report 29Vulnerability Research and Bug Bounties--Keeping Up with Changes 30Ethics and Legality 31Overview of U.S. Federal Laws 32Compliance Regulations 34Payment Card Industry Data Security Standard (PCI-DSS) 36Summary 36Exam Preparation Tasks 37Review All Key Topics 37Define Key Terms 38Exercises 381-1 Searching for Exposed Passwords 381-2 Examining Security Policies 39Review Questions 39Suggested Reading and Resources 44
- Chapter 2The Technical Foundations of Hacking 47"Do I Know This Already?" Quiz 47Foundation Topics 50The Hacking Process 50Performing Reconnaissance and Footprinting 50Scanning and Enumeration 51Gaining Access 52Escalating Privilege 53Maintaining Access 53Covering Tracks and Planting Backdoors 54The Ethical Hacker's Process 54NIST SP 800-115 56Operationally Critical Threat, Asset, and Vulnerability Evaluation 56Open Source Security Testing Methodology Manual 56Information Security Systems and the Stack 57The OSI Model 57Anatomy of TCP/IP Protocols 60The Application Layer 62The Transport Layer 66Transmission Control Protocol 66User Datagram Protocol 68The Internet Layer 69Traceroute 74The Network Access Layer 77Summary 78Exam Preparation Tasks 79Review All Key Topics 79Define Key Terms 79Exercises 802-1 Install a Sniffer and Perform Packet Captures 802-2 Using Traceroute for Network Troubleshooting 81Review Questions 81Suggested Reading and Resources 85
- Chapter 3Footprinting, Reconnaissance, and Scanning 89"Do I Know This Already?" Quiz 89Foundation Topics 93Footprinting 93Footprinting Methodology 93Documentation 95Footprinting Through Search Engines 96Footprinting Through Social Networking Sites 101Footprinting Through Web Services and Websites 103Email Footprinting 106Whois Footprinting 108DNS Footprinting 112Network Footprinting 118Subnetting's Role in Mapping Networks 119Traceroute 120Footprinting Through Social Engineering 121Footprinting Countermeasures 122Scanning 122Host Discovery 123Port and Service Discovery 124Nmap 131SuperScan 139THC-Amap 139Hping 140Port Knocking 140OS Discovery (Banner Grabbing/OS Fingerprinting) and ScanningBeyond IDS and Firewall 141Active Fingerprinting Tools 143Fingerprinting Services 145Default Ports and Services 145Finding Open Services 145Draw Network Diagrams 148Summary 151Exam Preparation Tasks 152Review All Key Topics 152Define Key Terms 152Exercises 1533-1 Performing Passive Reconnaissance 1533-2 Performing Active Reconnaissance 154Review Questions 155Suggested Reading and Resources 159
- Chapter 4Enumeration and System Hacking 161"Do I Know This Already?" Quiz 161Foundation Topics 164Enumeration 164Windows Enumeration 164Windows Security 166NetBIOS and LDAP Enumeration 167NetBIOS Enumeration Tools 169SNMP Enumeration 177Linux/UNIX Enumeration 183NTP Enumeration 185SMTP Enumeration 186Additional Enumeration Techniques 191DNS Enumeration 191Enumeration Countermeasures 192System Hacking 193Nontechnical Password Attacks 193Technical Password Attacks 194Password Guessing 195Automated Password Guessing 197Password Sniffing 197Keylogging 198Escalating Privilege and Exploiting Vulnerabilities 199Exploiting an Application 200Exploiting a Buffer Overflow 201Owning the Box 203Windows Authentication Types 203Cracking Windows Passwords 205Linux Authentication and Passwords 209Cracking Linux Passwords 212Hiding Files and Covering Tracks 213Rootkits 214File Hiding 217Summary 219Exam Preparation Tasks 220Review All Key Topics 220Define Key Terms 220Exercise 2204-1 NTFS File Streaming 220Review Questions 221Suggested Reading and Resources 226
- Chapter 5Social Engineering, Malware Threats, and Vulnerability Analysis 229"Do I Know This Already?" Quiz 229Foundation Topics 234Social Engineering 234Phishing 235Pharming 235Malvertising 236Spear Phishing 237SMS Phishing 245Voice Phishing 245Whaling 245Elicitation, Interrogation, and Impersonation (Pretexting) 246Social Engineering Motivation Techniques 247Shoulder Surfing and USB Baiting 248Malware Threats 248Viruses and Worms 248Types and Transmission Methods of Viruses and Malware 249Virus Payloads 251History of Viruses 252Well-Known Viruses and Worms 253Virus Creation Tools 255Trojans 255Trojan Types 256Trojan Ports and Communication Methods 257Trojan Goals 258Trojan Infection Mechanisms 259Effects of Trojans 260Trojan Tools 261Distributing Trojans 263Wrappers 264Packers 265Droppers 265Crypters 265Ransomware 267Covert Communications 268Tunneling via the Internet Layer 269Tunneling via the Transport Layer 272Tunneling via the Application Layer 273Port Redirection 274Keystroke Logging and Spyware 276Hardware Keyloggers 277Software Keyloggers 277Spyware 278Malware Countermeasures 279Detecting Malware 280Antivirus 283Analyzing Malware 286Static Analysis 286Dynamic Analysis 288Vulnerability Analysis 290Passive vs. Active Assessments 290External vs. Internal Assessments 290Vulnerability Assessment Solutions 291Tree-Based vs. Inference-Based Assessments 291Vulnerability Scoring Systems 292Vulnerability Scanning Tools 296Summary 297Exam Preparation Tasks 298Review All Key Topics 299Define Key Terms 300Command Reference to Check Your Memory 300Exercises 3005-1 Finding Malicious Programs 3005-2 Using Process Explorer 301Review Questions 303Suggested Reading and Resources 307
- Chapter 6Sniffers, Session Hijacking, and Denial of Service 311"Do I Know This Already?" Quiz 311Foundation Topics 314Sniffers 314Passive Sniffing 315Active Sniffing 316Address Resolution Protocol 316ARP Poisoning and MAC Flooding 318Tools for Sniffing and Packet Capturing 324Wireshark 324Other Sniffing Tools 328Sniffing and Spoofing Countermeasures 328Session Hijacking 330Transport Layer Hijacking 330Identify and Find an Active Session 331Predict the Sequence Number 332Take One of the Parties Offline 333Take Control of the Session 333Application Layer Hijacking 334Session Sniffing 334Predictable Session Token ID 334On-Path Attacks 335Client-Side Attacks 335Browser-Based On-Path Attacks 337Session Replay Attacks 338Session Fixation Attacks 338Session Hijacking Tools 338Preventing Session Hijacking 341Denial of Service and Distributed Denial of Service 341DoS Attack Techniques 343Volumetric Attacks 343SYN Flood Attacks 344ICMP Attacks 344Peer-to-Peer Attacks 345Application-Level Attacks 345Permanent DoS Attacks 346Distributed Denial of Service 347DDoS Tools 348DoS and DDoS Countermeasures 350Summary 353Exam Preparation Tasks 354Review All Key Topics 354Define Key Terms 354Exercises 3556-1 Scanning for DDoS Programs 3556-2 Spoofing Your MAC Address in Linux 3556-3 Using the KnowBe4 SMAC to Spoof Your MAC Address 356Review Questions 356Suggested Reading and Resources 360
- Chapter 7Web Server Hacking, Web Applications, and Database Attacks 363"Do I Know This Already?" Quiz 363Foundation Topics 366Web Server Hacking 366The HTTP Protocol 366Scanning Web Servers 374Banner Grabbing and Enumeration 374Web Server Vulnerability Identification 379Attacking the Web Server 380DoS/DDoS Attacks 380DNS Server Hijacking and DNS Amplification Attacks 380Directory Traversal 382On-Path Attacks 384Website Defacement 384Web Server Misconfiguration 384HTTP Response Splitting 385Understanding Cookie Manipulation Attacks 385Web Server Password Cracking 386Web Server-Specific Vulnerabilities 386Comments in Source Code 388Lack of Error Handling and Overly Verbose Error Handling 389Hard-Coded Credentials 389Race Conditions 389Unprotected APIs 390Hidden Elements 393Lack of Code Signing 393Automated Exploit Tools 393Securing Web Servers 395Harden Before Deploying 395Patch Management 395Disable Unneeded Services 396Lock Down the File System 396Log and Audit 396Provide Ongoing Vulnerability Scans 397Web Application Hacking 398Unvalidated Input 398Parameter/Form Tampering 399Injection Flaws 399Cross-Site Scripting (XSS) Vulnerabilities 400Reflected XSS Attacks 401Stored XSS Attacks 402DOM-Based XSS Attacks 404XSS Evasion Techniques 405XSS Mitigations 406Understanding Cross-Site Request Forgery Vulnerabilities and Related Attacks 408Understanding Clickjacking 409Other Web Application Attacks 410Exploiting Web-Based Cryptographic Vulnerabilities and Insecure Configurations 411Web-Based Password Cracking and Authentication Attacks 412Understanding What Cookies Are and Their Use 414URL Obfuscation 415Intercepting Web Traffic 417Securing Web Applications 419Lack of Code Signing 421Database Hacking 421A Brief Introduction to SQL and SQL Injection 422SQL Injection Categories 427Fingerprinting the Database 429Surveying the UNION Exploitation Technique 430Using Boolean in SQL Injection Attacks 431Understanding Out-of-Band Exploitation 432Exploring the Time-Delay SQL Injection Technique 433Surveying Stored Procedure SQL Injection 434Understanding SQL Injection Mitigations 434SQL Injection Hacking Tools 435Summary 436Exam Preparation Tasks 437Review All Key Topics 437Exercise 4387-1 Complete the Exercises in WebGoat 438Review Questions 438Suggested Reading and Resources 443
- Chapter 8Wireless Technologies, Mobile Security, and Attacks 445"Do I Know This Already?" Quiz 445Foundation Topics 449Wireless and Mobile Device Technologies 449Mobile Device Concerns 451Mobile Device Platforms 452Android 453iOS 455Windows Mobile Operating System 456BlackBerry 457Mobile Device Management and Protection 457Bluetooth 458Radio Frequency Identification (RFID) Attacks 461Wi-Fi 461Wireless LAN Basics 462Wireless LAN Frequencies and Signaling 463Wireless LAN Security 464Installing Rogue Access Points 467Evil Twin Attacks 468Deauthentication Attacks 468Attacking the Preferred Network Lists 472Jamming Wireless Signals and Causing Interference 472War Driving 472Attacking WEP 472Attacking WPA 474Wireless Networks Configured with Open Authentication 478KRACK Attacks 479Attacks Against WPA3 479Attacking Wi-Fi Protected Setup (WPS) 480KARMA Attack 481Fragmentation Attacks 481Additional Wireless Hacking Tools 482Performing GPS Mapping 483Wireless Traffic Analysis 483Launch Wireless Attacks 483Crack and Compromise the Wi-Fi Network 484Securing Wireless Networks 485Site Survey 485Robust Wireless Authentication 485Misuse Detection 486Summary 487Exam Preparation Tasks 488Review All Key Topics 488Define Key Terms 488Review Questions 488Suggested Reading and Resources 489
- Chapter 9Evading IDS, Firewalls, and Honeypots 491"Do I Know This Already?" Quiz 491Foundation Topics 495Intrusion Detection and Prevention Systems 495IDS Types and Components 495Pattern Matching 497Protocol Analysis 500Heuristic-Based Analysis 500Anomaly-Based Analysis 500Global Threat Correlation Capabilities 502Snort 502IDS Evasion 506Flooding 507Insertion and Evasion 507Session Splicing 508Shellcode Attacks 508Other IDS Evasion Techniques 509IDS Evasion Tools 510Firewalls 511Firewall Types 512Network Address Translation 512Packet Filters 513Application and Circuit-Level Gateways 515Stateful Inspection 515Identifying Firewalls 516Bypassing Firewalls 520Honeypots 526Types of Honeypots 528Detecting Honeypots 529Summary 530Exam Preparation Tasks 530Review All Key Topics 530Define Key Terms 531Review Questions 531Suggested Reading and Resources 536
- Chapter 10Cryptographic Attacks and Defenses 539"Do I Know This Already?" Quiz 539Foundation Topics 543Cryptography History and Concepts 543Encryption Algorithms 545Symmetric Encryption 546Data Encryption Standard (DES) 548Advanced Encryption Standard (AES) 550Rivest Cipher 551Asymmetric Encryption (Public Key Encryption) 551RSA 552Diffie-Hellman 552ElGamal 553Elliptic-Curve Cryptography (ECC) 553Digital Certificates 553Public Key Infrastructure 554Trust Models 555Single-Authority Trust 556Hierarchical Trust 556Web of Trust 557Email and Disk Encryption 557Cryptoanalysis and Attacks 558Weak Encryption 561Encryption-Cracking Tools 563Security Protocols and Countermeasures 563Steganography 566Steganography Operation 567Steganographic Tools 568Digital Watermark 571Hashing 571Digital Signature 573Summary 574Exam Preparation Tasks 574Review All Key Topics 574Define Key Terms 575Exercises 57510-1 Examining an SSL Certificate 57510-2 Using PGP 57610-3 Using a Steganographic Tool to Hide a Message 577Review Questions 577Suggested Reading and Resources 582
- Chapter 11Cloud Computing, IoT, and Botnets 585"Do I Know This Already?" Quiz 585Foundation Topics 588Cloud Computing 588Cloud Computing Issues and Concerns 590Cloud Computing Attacks 592Cloud Computing Security 593DevOps, Continuous Integration (CI), Continuous Delivery (CD), and DevSecOps 593CI/CD Pipelines 596Serverless Computing 598Containers and Container Orchestration 598How to Scan Containers to Find Security Vulnerabilities 600IoT 601IoT Protocols 604IoT Implementation Hacking 606Botnets 606Botnet Countermeasures 609Summary 612Exam Preparation Tasks 612Review All Key Topics 612Define Key Terms 613Review Questions 613Suggested Reading and Resources 615
- Chapter 12Final Preparation 619Hands-on Activities 619Suggested Plan for Final Review and Study 620Summary 621Glossary of Key Terms623Appendix AAnswers to the "Do I Know This Already?" Quizzes and Review Questions 649Appendix BCEH Certified Ethical Hacker Cert GuideExam Updates 685Index 687Online Elements:Appendix CStudy PlannerGlossary of Key Terms9780137489985 TOC 12/15/2021
.svg)