312-50 V8 : CEH v8 - Certified Ethical Hacker

CEH v8 - Certified Ethical Hacker
ISBN : 978-1-61691-207-9
Gain hands-on expertise in EC-Council CEH by 312-50 V8: CEH V8 - Certified Ethical Hacker course. EC-Council CEH exam is designed to certify the competency of IT professionals to establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures; and reinforce ethical hacking. It also demonstrates competency in Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows, and Virus Creation.

Here's what you will get

The EC-Council Certified Ethical Hacker 8 certification exam is a standalone certification from EC-Council with the exam code 312-50-v8.

The certification is targeted at security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. The exam covers networking technologies, technical assessment methods, cryptography, network topologies, and security policies, etc.

Glossary of terms
Pre-assessment Questions
Full Length Tests
Post-Assessment Questions

Videos and How To..

uCertify course includes videos to help understand concepts. It also includes How Tos that help learners with how to accomplish certain tasks.

Video Lessons
Exam FAQs
What is the exam registration fee? USD 500
Where do I take the exam?

The EC-Council 312-50-v8 exam is administered by Prometric and Pearson.

  • For Prometric: Click here to find a testing center near you.
  • For Pearson: Click here to find a testing center near you.
What is the format of the exam? The exam consists of multiple choice questions.
What are the pre-requisites of the exam? While there are no official pre-requisites for the CEH v8 certification, both EC-Council and uCertify strongly recommend that the candidate have attended the CEH class before enrolling into CEH Program and learn how to conduct ethical hacking. If you are not taking the CEH training, you have to fill exam eligibility form before taking the exam.
How many questions are asked in the exam? The exam contains 125 questions.
What is the duration of the exam? 240 minutes
What is the passing score? 70%

(on a scale of 0-1000)

What is the exam's retake policy?

In the event that you fail your first attempt at passing the EC-Council 312-50-v8 Exam, EC-Council's retake policy is:

  • The candidates who failed their exams in first attempt, cannot retake it more than five times in a 12 month (1 year) period. They need to wait for 12 months before attempting the 5th retake exam.
  • There is no waiting period between the first and second attempt to pass this examination. If you are not able to pass the exam in second, third, or fourth attempt, you shall be required to wait for a period of 14 calendar days from the date of your last attempt before you can retake the exam.
  • If you have already passed the exam, it cannot be taken again.
What is the validity of the certification? The candidates are required to earn EC-Council Continuing Education Credits (ECE) to maintain the certification. Click here for more information.
Where can I find more information about this exam? To know more about the 312-50-v8, click here.
Which certification covers this exam?
What are the career opportunities after passing this exam?

An EC-Council CEH 8 Certified Professional has several career opportunities open up to them, including:

  • Security Consultant
  • Security Professional
  • Systems Administrator
  • Legal Professional

Here's what you will learn

  • Gain knowledge on various hacking terminologies
  • Understand the different types and implications of hacker attacks
  • Understand the term footprinting
  • Understand how traceroute is used in footprinting
  • Google hacking, Website mirroring, and email tracking
  • Understand the term port scanning, network scanning, and vulnerability scanning
  • Understand ping sweeping, firewalk tool, and nmap command switches
  • Understand scans
  • Learn TCP communication flag types, and gain knowledge on War dialing techniques
  • Understand banner grabbing using fingerprinting and other techniques and tools
  • Learn vulnerability scanning using BidiBlah and other hacking tools
  • Understand proxy servers, anonymizers, HTTP tunneling techniques, and IP spoofing techniques
  • Learn the system hacking cycle, and understand enumeration and its techniques
  • Understand null sessions and their countermeasures
  • Understand SNMP enumeration and its countermeasures
  • Understand the different types of passwords, password attacks, and password cracking techniques
  • Authentication mechanism, password sniffing, various password cracking tools, and countermeasures
  • Understand privilege escalation, key loggers, and other spyware technologies
  • Identify different ways to hide files, understand rootkits, and understand alternate data streams
  • Understand steganography technologies and tools used
  • Understand covering tracks, tools used and erase evidences
  • Define a Trojan
  • Identify the ports used by a Trojan
  • Identify listening ports using netstat
  • Understand wrapping , reverse shell Trojan, and ICMP tunneling
  • Understand Windows start up monitoring tools, and the Trojan horse constructing kit
  • Learn Trojan detection and evading techniques
  • Virus, characteristics of a virus, working of a virus, and virus hoaxes
  • Understand the difference between a virus and a worm, and understand the life cycle of virus
  • Virus writing technique and virus construction kits
  • Understand antivirus evasion techniques, and understand virus detection methods and countermeasures
  • Understand worm analysis
  • Sniffers, identify types of sniffing, and understand active and passive sniffing
  • Understand Address Resolution Protocol (ARP), and the process of ARP spoofing
  • Understand MAC duplicating
  • Learn ethereal capture and display filters
  • Understand MAC flooding, understand DNS spoofing techniques, and DNS spoofing countermeasures
  • Know various sniffing tools, identify sniffing detection and defensive techniques
  • Understand social engineering
  • Identify the different types of social engineering
  • Understand dumpster diving, human-based social engineering, and insider attack
  • Understand phishing attacks, identify online scams, and understand URL obfuscation
  • Identify social engineering countermeasures
  • Understand a Denial of Service attack, and analyze symptoms of a DoS Attack
  • Understand Internet Chat Query (ICQ), Internet Relay Chat (IRC), and botnets
  • Assess DoS/DDoS attack tools
  • Identify DoS/DDoS countermeasure, post-attack forensics, and Penetration Testing
  • Understand session hijacking and session hijacking techniques
  • Understand session hijacking process and session hijacking in the OSI Model
  • Understand the brute forcing attack, and HTTP referrer attack
  • Understand application level session hijacking, and discuss session sniffing
  • Describe man-in-the-middle, man-in-the-browser, Client-side, and cross-site script attacks
  • Understand session fixation attack, and describe network level session hijacking
  • Understand TCP/IP hijacking, session hijacking tools, and countermeasures of session hijacking
  • Web server attacks
  • Examine webserver misconfiguration, and understand directory traversal attacks
  • Learn regarding HTTP response splitting attack, and understand Web cache poisoning attack
  • Understand HTTP response hijacking, and discuss SSH bruteforce attack
  • Examine man-in-the-middle attack, and learn webserver password cracking techniques
  • Understand webserver attack methodology
  • Identify webserver attack tools, and identify countermeasures against webserver attacks
  • Understand patch management, assess webserver security tools
  • Understand Web applications, Web application components, and working of Web applications
  • Understand Web application architecture, parameter/form tampering, and injection flaws
  • Discuss hidden field manipulation, cross-site scripting (XSS), and Web services attacks
  • Identify Web application hacking and Web application security tools
  • Understand Web application firewalls, and gain insights on Web application pen testing
  • Understand SQL injection and SQL injection black box penetration testing
  • Understand types of SQL injection and blind SQL injection
  • Learn SQL injection methodology
  • Examine advanced enumeration, describe password grabbing, and discuss grabbing SQL Server hashes
  • SQL injection tools
  • Understand defensive strategies against SQL injection attacks
  • Understand wireless networks, various types of wireless networks, and Wi-Fi authentication modes
  • Identify types of wireless encryption, and understand WEP encryption and WPA/WPA2
  • Understand wireless hacking methodology, and assess wireless hacking tools
  • Understand Bluetooth hacking, and understand how to defend against Bluetooth hacking
  • Understand how to defend against wireless attacks, and identify Wi-Fi security tools
  • Examine Wireless Penetration Testing Framework
  • Mobile Platform Attack Vectors
  • Hacking Android OS
  • Hacking iOS
  • Hacking Windows Phone OS
  • Hacking BlackBerry
  • Mobile Device Management (MDM)
  • Mobile Security Guidelines and Tools
  • Mobile Pen Testing
  • Understand Intrusion Detection Systems (IDS)
  • Understand what is a firewall, types of firewalls, and identify firewall identification techniques
  • Understand honeypot
  • Examine evading IDS, understand evading firewalls, and learn detecting honeypots
  • Identify firewall evading tools
  • Understand buffer overflows (BoF)
  • Reasons for buffer overflow attacks, and skills required to program buffer overflow exploits
  • Testing for heap overflow conditions: heap.exe, and understand OllyDbg debugger
  • Understand buffer overflow countermeasures tools and buffer overflow pen testing
  • Understand cryptography, learn various types of cryptography, and understand ciphers
  • Understand AES, RC4, RC5, RC6 algorithms, RSA, Message Digest Function: MD5, and SHA
  • Identify cryptography tools, and understand Public Key Infrastructure (PKI), and digital signature
  • Understand SSL, disk encryption, and cryptography attacks
  • Understand penetration testing (PT)
  • Understand automated testing, manual testing, and penetration testing techniques
  • Understand enumerating devices
  • Introduction
  • Introduction to Ethical Hacking
  • Footprinting and Reconnaissance
  • Scanning Networks
  • Enumeration
  • System Hacking
  • Trojans and Backdoors
  • Viruses and Worms
  • Denial of Service
  • Social Engineering
  • Sniffers
  • Session Hijacking
  • Hacking Web Servers
  • Web Application Vulnerabilities
  • SQL Injection
  • Hacking Wireless Networks
  • Evading IDS Firewalls and Honeypots
  • Buffer Overflows
  • Cryptography and Steganography
  • Metasploit for Penetration Testing
  • Business Process
  • Lab Suggestions