Samenvatting
CEH EC-council volledige samenvatting benodigd voor het tentamen
- Instelling
- Certified Ethical Hacking
deze samenvatting bevat de belangrijkste informatie voor alle 20 hoofdstukken die behandeld worden in het tentamen.
[Meer zien]Voorbeeld 4 van de 148 pagina's
Voorbeeld 4 van de 148 pagina's
In winkelwagengesponsord bericht van onze partner
Gekoppeld boek
Titel boek:
Auteur(s):
- Uitgave:
- ISBN:
- Druk:
Voorbeeld van de inhoud
snmpInhoud
Module 2: Footprinting and Reconnaissance .......................................................................................... 4
Information obtained in footprinting .............................................................................................. 4
Footprinting objectives & threats ................................................................................................... 5
Footprinting methodology .............................................................................................................. 6
Module 3: Scanning networks ............................................................................................................... 10
Network scanning concepts .............................................................................................................. 10
Scanning tools ................................................................................................................................... 11
Host discovery ................................................................................................................................... 12
Port and service discovery................................................................................................................. 16
OS discovery ...................................................................................................................................... 20
Scanning beyond IDS and Firewall..................................................................................................... 21
Draw network diagrams .................................................................................................................... 21
Module 04: Enumeration ...................................................................................................................... 22
Enumeration concepts ...................................................................................................................... 22
NetBIOS enumeration ....................................................................................................................... 23
Sami El Farj &
CEH SAMENVATTING
SNMP enumeration ........................................................................................................................... 24
Stan van der veen
LDAP enumeration ............................................................................................................................ 25
NTP and NFS enumeration ................................................................................................................ 26
SMTP and DNS enumeration ............................................................................................................. 27
Other enumeration techniques ......................................................................................................... 29
Enumeration countermeasures......................................................................................................... 31
Module 5: vulnerability analysis............................................................................................................ 32
Module 6: System hacking .................................................................................................................... 33
CEH Hacking Methodology (CHM)..................................................................................................... 33
System Hacking Goals........................................................................................................................ 34
Gaining Access ................................................................................................................................... 34
Password Cracking............................................................................................................................. 35
Password Recovery Tools .................................................................................................................. 37
Buffer Overflow ................................................................................................................................. 37
Escalating Privileges .......................................................................................................................... 37
Maintaining Access ............................................................................................................................ 38
Module 7: Malware threats................................................................................................................... 39
Malware concepts ............................................................................................................................. 39
, APT Concepts ..................................................................................................................................... 40
Trojan Concepts................................................................................................................................. 41
Virus and Worm Concepts................................................................................................................. 45
Filless Malware Concepts .................................................................................................................. 52
Malware analysis ............................................................................................................................... 55
Module 8: Sniffing ................................................................................................................................. 58
Sniffing Concepts ............................................................................................................................... 58
Network Sniffing ............................................................................................................................ 58
Types of Sniffing ............................................................................................................................ 58
SPAN Port ...................................................................................................................................... 60
Wiretapping ................................................................................................................................... 61
Sniffing Technique: MAC Attacks ...................................................................................................... 61
MAC Address ................................................................................................................................. 62
CAM Table ..................................................................................................................................... 62
How CAM Works ............................................................................................................................... 62
What Happens when a CAM Table is Full? ........................................................................................ 62
MAC Flooding ................................................................................................................................ 63
Switch Port Stealing........................................................................................................................... 63
Sniffing Technique: DHCP Attacks ..................................................................................................... 64
DHCP Starvation Attack ................................................................................................................. 64
Rogue DHCP Server Attack ............................................................................................................ 64
Sniffing Technique: ARP Poisoning .................................................................................................... 64
What Is Address Resolution Protocol (ARP)? ................................................................................ 65
ARP Spoofing Attack ...................................................................................................................... 65
Sniffing Technique: Spoofing Attacks ................................................................................................ 66
MAC Spoofing/Duplicating ............................................................................................................ 66
IRDP Spoofing ................................................................................................................................ 66
VLAN Hopping................................................................................................................................ 67
STP Attack .......................................................................................................................................... 67
Sniffing Technique: DNS Poisoning ................................................................................................... 68
DNS Poisoning Techniques ............................................................................................................ 68
Sniffing Tools ..................................................................................................................................... 69
Module 9: Social engineering ................................................................................................................ 70
Social engineering concepts .............................................................................................................. 70
Social engineering techniques ........................................................................................................... 71
Insider threats/attacks ...................................................................................................................... 74
, Impersonation on social networking sites ........................................................................................ 74
Identify theft...................................................................................................................................... 74
Countermeasures .............................................................................................................................. 75
Module 10: denial of service ................................................................................................................. 77
DoS/DDoS Concepts .......................................................................................................................... 77
What is a DoS Attack? ................................................................................................................... 77
What is a DDoS Attack? ................................................................................................................. 77
How do DDoS Attacks Work? ........................................................................................................ 77
DoS/DDoS Attack Techniques ........................................................................................................... 78
Basic Categories of DoS/DDoS ....................................................................................................... 78
UDP Flood Attack........................................................................................................................... 78
Ping of Death Attack ...................................................................................................................... 79
Smurf Attack .................................................................................................................................. 79
Pulse Wave .................................................................................................................................... 79
Zero-Day DDoS Attack ................................................................................................................... 79
SYN Flood Attack ........................................................................................................................... 79
Fragmentation Attack .................................................................................................................... 80
Spoofed Session Flood Attack ....................................................................................................... 81
HTTP GET/POST Attack ...................................................................................................................... 81
Slowloris Attack ............................................................................................................................. 81
UDP Application Layer Flood Attack.............................................................................................. 82
Multi-Vector Attack ....................................................................................................................... 82
Peer-to-Peer Attack ....................................................................................................................... 82
Permanent Denial-of-Service Attack ............................................................................................. 83
Distributed Reflection Denial-of-Service (DRDoS) Attack ............................................................. 83
Botnets .............................................................................................................................................. 84
Botnets .......................................................................................................................................... 84
How Does Malicious Code Propagate? ......................................................................................... 85
DoS/DDoS Attack Tools ..................................................................................................................... 86
Module 11: Session Hijacking ................................................................................................................ 87
Session hijacking concepts ................................................................................................................ 87
Application-level session Hijacking ................................................................................................... 89
Network level session hijacking......................................................................................................... 94
Countermeasures .............................................................................................................................. 96
Module 12: evading IDS, firewalls & honeypots ................................................................................. 100
Module 13: hacking web servers......................................................................................................... 112
, Module 14: hacking web applications ................................................................................................. 113
Module 15: SQL Injection .................................................................................................................... 114
SQL injection concepts .................................................................................................................... 114
Types of SQL Injection ..................................................................................................................... 117
SQL Injection Methodology ............................................................................................................. 121
SQL injection tools ........................................................................................................................... 126
Evasion techniques .......................................................................................................................... 126
Module 16: Hacking Wireless Networks ............................................................................................. 128
Wireless concepts............................................................................................................................ 128
Wireless encryption......................................................................................................................... 129
Wireless threats............................................................................................................................... 129
Wireless hacking methodology ....................................................................................................... 129
Wireless hacking tools ..................................................................................................................... 129
Bluetooth hacking ........................................................................................................................... 129
Countermeasures ............................................................................................................................ 129
Wireless security tools .................................................................................................................... 129
Module 17: hacking mobile platforms ................................................................................................ 130
Module 18: IoT hacking ....................................................................................................................... 131
Module 20: Cryptograhpy ................................................................................................................... 132
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper stanvanderveen1998. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €15,49. Je zit daarna nergens aan vast.
Is Stuvia te vertrouwen?
4,6 sterren op Google & Trustpilot (+1000 reviews)
Afgelopen 30 dagen zijn er 73918 samenvattingen verkocht
Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen