Scribd
Upload
90 views3 pages

CEH Exam Guide

The document is a comprehensive guide for the Certified Ethical Hacker (CEH) exam, covering fundamental security concepts, types of hackers, and various attack vectors. It outlines the phases of ethical hacking, risk management, security policies, and incident management processes. Additionally, it discusses identity and access management, data loss prevention, and relevant laws and standards in cybersecurity.

Uploaded by

elyas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
90 views3 pages

CEH Exam Guide

The document is a comprehensive guide for the Certified Ethical Hacker (CEH) exam, covering fundamental security concepts, types of hackers, and various attack vectors. It outlines the phases of ethical hacking, risk management, security policies, and incident management processes. Additionally, it discusses identity and access management, data loss prevention, and relevant laws and standards in cybersecurity.

Uploaded by

elyas
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

CEH Summarized --

Simple Exam Guide 2021

MANK
Contents
0. Introduction .................................................................................................................................. 14
Fundamental Security Concepts ............................................................................................... 14
Security, Functionality and Usability balance .................................................................... 15
Types of Hackers........................................................................................................................... 15
Hacking Vocabulary ..................................................................................................................... 16
Threat Categories ......................................................................................................................... 17
Attack Vectors ............................................................................................................................... 18
Attack Types .................................................................................................................................. 19
1. Operating System ................................................................................................................ 19
2. Application Level.................................................................................................................. 19
3. Misconfiguration .................................................................................................................. 19
4. Shrink-Wrap Code................................................................................................................ 19
Vulnerabilities ............................................................................................................................... 20
Vulnerability Categories ......................................................................................................... 21
Pen Test Phases (CEH) ................................................................................................................. 21
The Five Stages of Ethical Hacking .......................................................................................... 22
1. Reconnaissance..................................................................................................................... 22
2. Scanning & Enumeration ................................................................................................... 22
3. Gaining Access ...................................................................................................................... 22
4. Maintaining Access .............................................................................................................. 23
5. Covering Tracks .................................................................................................................... 23
Three Types of Active Defense .................................................................................................. 23
Information Assurance (IA) ........................................................................................................ 23
Information Security Management Program ........................................................................ 24
EISA - Enterprise Information Security Architecture ........................................................... 24
Physical Security Controls .......................................................................................................... 25
Types of Security Controls ..................................................................................................... 26
Managing the Risk ....................................................................................................................... 26
Risk matrix ................................................................................................................................. 26
Risk Management ..................................................................................................................... 27
Phases of Risk Management .................................................................................................. 27
Threat Modeling ....................................................................................................................... 29
Security Policies ............................................................................................................................ 29
Security Policy - Examples.......................................................................................................... 30
Security Policiy - Types ............................................................................................................... 31
Security Policy - Creation Steps ................................................................................................ 31
Incident Management Process .................................................................................................. 31
Incident Response Team Duties ............................................................................................ 32
SIEM - Security Information and Event Management ..................................................... 32
Identity and Access Management ............................................................................................ 36
1. Identification ......................................................................................................................... 36
2. Authentication ...................................................................................................................... 37
3. Authorization concepts ...................................................................................................... 37
4. Accouting ............................................................................................................................... 37
Access Controls Models .......................................................................................................... 37
Data Loss Prevention (DLP)........................................................................................................ 39
Data Backup ................................................................................................................................... 39
Backup Strategies ..................................................................................................................... 40
3 Backup methods .................................................................................................................... 40
Penetration Test - Basics............................................................................................................. 42
Law Categories .............................................................................................................................. 42
Laws and Standards: .................................................................................................................... 42
OSSTM Compliance .................................................................................................................. 42
PCI-DSS ....................................................................................................................................... 43
ISO 27001 ................................................................................................................................... 43
ISO 27002 AND 17799 ............................................................................................................. 44
HIPAA .......................................................................................................................................... 44
SOX............................................................................................................................................... 44
DMCA .......................................................................................................................................... 44
FISMA .......................................................................................................................................... 44
NIST-800-53 ............................................................................................................................... 44
FITARA......................................................................................................................................... 44
COBIT ........................................................................................................................................... 44
GLBA ............................................................................................................................................ 45
CSIRT............................................................................................................................................ 45

You might also like