Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

You're reading from   Certified Ethical Hacker (CEH) v12 312-50 Exam Guide Keep up to date with ethical hacking trends and hone your skills with hands-on activities

Arrow left icon
Product type Paperback
Published in Jul 2022
Publisher Packt
ISBN-13 9781801813099
Length 664 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Dale Meredith Dale Meredith
Author Profile Icon Dale Meredith
Dale Meredith
Arrow right icon
View More author details
Toc

Table of Contents (23) Chapters Close

Preface 1. Section 1: Where Every Hacker Starts
2. Chapter 1: Understanding Ethical Hacking FREE CHAPTER 3. Chapter 2: Introduction to Reconnaissance 4. Chapter 3: Reconnaissance – A Deeper Dive 5. Chapter 4: Scanning Networks 6. Chapter 5: Enumeration 7. Chapter 6: Vulnerability Analysis 8. Chapter 7: System Hacking 9. Chapter 8: Social Engineering 10. Section 2: A Plethora of Attack Vectors
11. Chapter 9: Malware and Other Digital Attacks 12. Chapter 10: Sniffing and Evading IDS, Firewalls, and Honeypots 13. Chapter 11: Hacking Wireless Networks 14. Chapter 12: Hacking Mobile Platforms 15. Section 3: Cloud, Apps, and IoT Attacks
16. Chapter 13: Hacking Web Servers and Web Apps 17. Chapter 14: Hacking IoT and OT 18. Chapter 15: Cloud Computing 19. Chapter 16: Using Cryptography 20. Chapter 17: CEH Exam Practice Questions 21. Assessments 22. Other Books You May Enjoy

Ethical hacking

Ethical hacking is a proactive cybersecurity approach that involves the use of hacking methods, concepts, and tools to uncover weaknesses in a system before a potential attacker exploits them.

An ethical hacker thinks like an attacker or a criminal profiler. They know how to steal passwords and usernames, and how to find and exploit vulnerabilities and get away with it. Ethical hackers use the same tactics that the bad guys use. The only difference is that they have permission to do it. Also, ethical hackers bring more to the table. Here are some of the most important skills, ideal behaviors, and principles ethical hackers use:

  • Expertise in architectures, programs, and networks – You need to know the ins and outs of how Transmission Control Protocol/Internet Protocol (TCP/IP) works. You need to understand networking structures and functions. You don't necessarily need to be an expert in all programs, but you do need to know how programs are installed, the modifications they make, and the possible security threats they pose.
  • Proficiency in vulnerability research – Ethical hackers need to keep up with the bad guys. So, find out as much as you can about new vulnerabilities. Additionally, ensure that you are good at the hacking techniques that attackers use because you might need to try them out on a particular target.
  • A good understanding of the hacking techniques attackers use – Ethical hackers are not vendor-specific; they understand the techniques attackers use across the board – the hacks that can be used against routers, Intrusion Detection Systems (IDSes), and so on.
  • Follow the code of conduct – Ethical hackers adhere to a strict code of conduct as required by the EC-Council.
  • Disclose to the appropriate people – Ethical hackers owe it to their employers and clients to disclose what they ought to. They have a duty to disclose to authorities what they uncover if it is illegal. Ethical hackers also come across vulnerabilities in their clients' systems or infrastructures when evaluating them. The code bars them from exposing such information. They know what is off limits.
  • They are good at the tactics and strategies attackers use – They know the tactics and the strategies. They don't just make stuff up or take shortcuts.
  • They understand no means no – If a client or employer gives specific guidelines of what's allowed and what's not, an ethical hacker will draw a line between the two and respect that decision. They will not try to cross it, and if there is a change of scope, they ensure it is done in writing.
  • They never target a system or network they don't own or are not allowed into – It's not a skill per se, but if during the test a good ethical hacker is told to stop, they do so. Failure to do so has turned the lives of some ethical hackers upside down.
  • They note and report results – They report all results, even if it might hurt someone whose good books they want to be in, such as the manager who recommended them for that penetration testing job.
  • They report their findings to legal authorities – They know they have a duty to report illegal activities or plans to the authorities and, as such, they ensure that the contract allows that. However, some jurisdictions place a legal responsibility on ethical hackers, even if the contract forbids such disclosures. Failure to report to legal authorities makes the ethical hacker an accessory to the crime. There are other ways out of such situations, including laws such as the Whistleblower Protection Act, which safeguards ethical hackers in specific types of disclosures.
  • Confidentiality – When an ethical hacker encounters information that is deemed confidential, they know who to share their findings with, unless it goes against the laws of the land.

Honing important skills, embracing the principles of ethical hacking, and knowing the ways of attackers are key. I wrote this chapter to give you the information you need to pass your CEH exam and know what you need to navigate the cybersecurity world. We've also covered different types of attacks and how attackers exploit vulnerabilities. Our next step is information security controls – our weapon against attackers.

You have been reading a chapter from
Certified Ethical Hacker (CEH) v12 312-50 Exam Guide
Published in: Jul 2022
Publisher: Packt
ISBN-13: 9781801813099
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime