EC-Council

Certified Ethical Hacker (CEH v11)

(CEH-v11.AE1)/ISBN:978-1-64459-321-9

This course includes
Lessons
TestPrep
LiveLab
Mentoring (Add-on)
Certified Ethical Hacker (CEH v11)

Get hands-on experience in Ethical hacking basics with the Certified Ethical Hacker course and lab. The course provides a vivid introduction to the technical foundations of hacking, social engineering, malware threats, and vulnerability analysis with clear and approachable lesson flowcharts, and other tools. It illustrates how to look after web server hacking, web applications, and database attacks. The Certified Ethical Hacker course will assist you in dealing with Cryptographic attacks and defense concepts.

Here's what you will get

The Certified Ethical Hacker (CEH) exam determines the knowledge of the candidate as an effective ethical hacker. It recognizes the importance of identifying security issues to get them resolved. It will teach you the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to lawfully hack an organization.

Lessons

16+ Lessons | 332+ Exercises | 225+ Quizzes | 299+ Flashcards | 150+ Glossary of terms

TestPrep

125+ Pre Assessment Questions | 2+ Full Length Tests | 125+ Post Assessment Questions | 250+ Practice Test Questions

Hand on lab

48+ LiveLab | 48+ Video tutorials | 01:36+ Hours

Need guidance and support? Click here to check our Instructor Led Course.

Here's what you will learn

Download Course Outline

Lessons 1: Introduction

  • What Is a CEH?
  • About EC-Council
  • Using This Course
  • Objective Map
  • Let's Get Started!

Lessons 2: Ethical Hacking

  • Overview of Ethics
  • Overview of Ethical Hacking
  • Methodologies
  • Methodology of Ethical Hacking
  • Summary

Lessons 3: Networking Foundations

  • Communications Models
  • Topologies
  • Physical Networking
  • IP
  • TCP
  • UDP
  • Internet Control Message Protocol
  • Network Architectures
  • Cloud Computing
  • Summary

Lessons 4: Security Foundations

  • The Triad
  • Risk
  • Policies, Standards, and Procedures
  • Organizing Your Protections
  • Security Technology
  • Being Prepared
  • Summary

Lessons 5: Footprinting and Reconnaissance

  • Open Source Intelligence
  • Domain Name System
  • Passive Reconnaissance
  • Website Intelligence
  • Technology Intelligence
  • Summary

Lessons 6: Scanning Networks

  • Ping Sweeps
  • Port Scanning
  • Vulnerability Scanning
  • Packet Crafting and Manipulation
  • Evasion Techniques
  • Protecting and Detecting
  • Summary

Lessons 7: Enumeration

  • Service Enumeration
  • Remote Procedure Calls
  • Server Message Block
  • Simple Network Management Protocol
  • Simple Mail Transfer Protocol
  • Web-Based Enumeration
  • Summary

Lessons 8: System Hacking

  • Searching for Exploits
  • System Compromise
  • Gathering Passwords
  • Password Cracking
  • Client-Side Vulnerabilities
  • Living Off the Land
  • Fuzzing
  • Post Exploitation
  • Summary

Lessons 9: Malware

  • Malware Types
  • Malware Analysis
  • Creating Malware
  • Malware Infrastructure
  • Antivirus Solutions
  • Persistence
  • Summary

Lessons 10: Sniffing

  • Packet Capture
  • Packet Analysis
  • Spoofing Attacks
  • Summary

Lessons 11: Social Engineering

  • Social Engineering
  • Physical Social Engineering
  • Phishing Attacks
  • Website Attacks
  • Wireless Social Engineering
  • Automating Social Engineering
  • Summary

Lessons 12: Wireless Security

  • Wi-Fi
  • Bluetooth
  • Mobile Devices
  • Summary

Lessons 13: Attack and Defense

  • Web Application Attacks
  • Denial-of-Service Attacks
  • Application Exploitation
  • Lateral Movement
  • Defense in Depth/Defense in Breadth
  • Defensible Network Architecture
  • Summary

Lessons 14: Cryptography

  • Basic Encryption
  • Symmetric Key Cryptography
  • Asymmetric Key Cryptography
  • Certificate Authorities and Key Management
  • Cryptographic Hashing
  • PGP and S/MIME
  • Disk and File Encryption
  • Summary

Lessons 15: Security Architecture and Design

  • Data Classification
  • Security Models
  • Application Architecture
  • Security Architecture
  • Summary

Lessons 16: Cloud Computing and the Internet of Things

  • Cloud Computing Overview
  • Cloud Architectures and Deployment
  • Common Cloud Threats
  • Internet of Things
  • Operational Technology
  • Summary

Hands-on LAB Activities

Security Foundations

  • Creating a Personal Linux Firewall Using iptables
  • Viewing Syslog
  • Configuring Audit Policies in Windows
  • Using Event Viewer

Footprinting and Reconnaissance

  • Using the whois Program
  • Using the theHarvester Tool
  • Using Maltego
  • Using Recon-ng
  • Using ipconfig to Perform Reconnaissance
  • Using dnsrecon
  • Performing Zone Transfer Using dig
  • Using nslookup for Passive Reconnaissance
  • Using the host Program
  • Mirroring Sites with HTTrack

Scanning Networks

  • Using the fping Command
  • Using Zenmap
  • Scanning a Port Using nmap
  • Using the masscan Command
  • Performing Vulnerability Scanning Using OpenVAS
  • Conducting Vulnerability Scanning Using Nessus
  • Using the hping Program

Enumeration

  • Using the Metasploit SunRPC Scanner
  • Using nmap Scripts for Enumerating Users
  • Enumerating Data Using enum4linux

System Hacking

  • Using searchsploit
  • Grabbing a Screenshot of a Target Machine Using Metasploit
  • Using Rainbow Tables
  • Cracking Windows Passwords
  • Cracking a Linux Password Using John the Ripper
  • Exploiting Windows 7 Using Metasploit

Malware

  • Observing an MD5-Generated Hash Value
  • Using the msfvenom Program
  • Scanning Malware Using Antivirus

Sniffing

  • Capturing Network Packets Using tcpdump
  • Using Wireshark
  • Performing ARP Spoofing
  • Performing ARP Spoofing

Social Engineering

  • Detecting a Phishing Site Using Netcraft
  • Using the SET Tool

Attack and Defense

  • Exploiting a Website Using SQL Injection
  • Attacking a Website Using XSS Injection
  • Simulating a DoS Attack
  • Defending Against a Buffer Overflow Attack

Cryptography

  • Performing Symmetric Encryption
  • Examining Asymmetric Encryption
  • Using OpenSSL to Create a Public/Private Key Pair
  • Observing an SHA-Generated Hash Value
  • Creating PGP Certification

Exam FAQs

Hold a CEH certification of version 1 to 7. Or have a minimum of 2 years work experience in InfoSec domain. Or have attended an official EC-Council training.

USD 1414.82

ECC Exam and Pearson VUE

Multiple choice questions

The exam contains 125 questions.

240 minutes

This depends on the exam.

Here is the retake policy: If a candidate is not able to pass the exam on the first attempt, no cooling or waiting period is required to attempt the exam for the second time (1st retake). If a candidate is not able to pass the second attempt (1st retake), a waiting period of 14 days is required prior to attempting the exam for the third time (2nd retake). If a candidate is not able to pass the third attempt (2nd retake), a waiting period of 14 days is required prior to attempting the exam for the fourth time (3rd retake). If a candidate is not able to pass the fourth attempt (3rd retake), a waiting period of 14 days is required prior to attempting the exam for the fifth time (4th retake). A candidate is not allowed to take a given exam more than five times in 12-months (1 year) period and a waiting period of 12-months will be imposed before being allowed to attempt the exam for the sixth time (5th retake). Candidates who pass the exam are not allowed to attempt the same version of the exam for the second time.

Three years