a u d i oc r a s hc o u r s e tm
F o l l o wA l o n gM a n u a l
CEH Certified Ethical Hacker
WWW.AudioLearn.com
TABLE OF CONTENTS Chapter 1. Introduction ............................................................................... 9 Objectives ........................................................................................................................ 11 Quiz ................................................................................................................................ 16 Key Takeaways ................................................................................................................17 Chapter 2. Phases of Ethical Hacking ........................................................ 18 Objectives ....................................................................................................................... 19 Reconnaissance .............................................................................................................. 21 Scanning ......................................................................................................................... 22 Gaining Access ............................................................................................................... 23 Maintaining Access ........................................................................................................ 24 Covering tracks .............................................................................................................. 25 Quiz ................................................................................................................................ 26 Key Takeaways ............................................................................................................... 26 Chapter 3. Foundational Knowledge: TCP/IP ............................................ 28 Objectives ....................................................................................................................... 28 Application Layer ........................................................................................................... 30 Transport Layer ............................................................................................................. 32 Internet Layer ................................................................................................................ 34 Numbering Systems ....................................................................................................... 35 Network Layer ................................................................................................................ 36 Quiz ................................................................................................................................ 38 Key Takeaways ............................................................................................................... 39
Chapter 4. Phase 1 – Reconnaissance ........................................................ 41 Objectives ....................................................................................................................... 41 Footprinting Tools ......................................................................................................... 43 Email addresses ............................................................................................................. 45 HTTP Basics ................................................................................................................... 45 Domain Name Zone Transfers....................................................................................... 46 Lab Scenario ................................................................................................................... 46 Quiz ................................................................................................................................ 48 Key Takeaways ............................................................................................................... 49 Chapter 5. Social Engineering ................................................................... 51 Objectives ....................................................................................................................... 51 Social Engineering Techniques...................................................................................... 52 Shoulder Surfing ............................................................................................................ 53 Dumpster Diving ............................................................................................................ 54 Piggybacking .................................................................................................................. 55 Phishing ......................................................................................................................... 55 Quiz ................................................................................................................................ 57 Key Takeaways ............................................................................................................... 58 Chapter 6. Scanning .................................................................................. 60 Objectives ....................................................................................................................... 60 What is Scanning?.......................................................................................................... 61 Types of Port Scans ........................................................................................................ 62 Port Scanning Tools ....................................................................................................... 63 Ping Sweep ..................................................................................................................... 65
Proxy .............................................................................................................................. 66 Lab Scenario ................................................................................................................... 67 Quiz ................................................................................................................................ 69 Key Takeaways ............................................................................................................... 70 Chapter 7. Gaining Access ..........................................................................71 Objectives ........................................................................................................................71 Password cracking ......................................................................................................... 72 Privilege Escalation ........................................................................................................ 74 Quiz ................................................................................................................................ 76 Key Takeaways ............................................................................................................... 77 Chapter 8. Maintaining Access .................................................................. 78 Objectives ....................................................................................................................... 78 Compromised Access ..................................................................................................... 79 Keyloggers ...................................................................................................................... 79 Bots and Zombies...........................................................................................................80 Rootkits .......................................................................................................................... 81 Steganography ............................................................................................................... 82 Lab Scenario ................................................................................................................... 82 Quiz ................................................................................................................................ 84 Key Takeaways ............................................................................................................... 85 Chapter 9. Covering Tracks ....................................................................... 87 Intrusion Detection and Prevention Systems ............................................................... 90 Honeypots ...................................................................................................................... 91 Deleting evidence ........................................................................................................... 92
Altering files ................................................................................................................... 92 Altering Logs .................................................................................................................. 93 Quiz ................................................................................................................................ 94 Key Takeaways ............................................................................................................... 95 Chapter 10. Hacking Operating Systems .................................................... 96 Objectives ....................................................................................................................... 96 Common Vulnerabilities ................................................................................................ 97 Change passwords regularly .......................................................................................... 98 Windows Operating System .......................................................................................... 99 Linux Operating System .............................................................................................. 100 Mobile Operating Systems ........................................................................................... 102 Android ........................................................................................................................ 102 IPhone operating system ............................................................................................. 103 Quiz .............................................................................................................................. 104 Key Takeaways ............................................................................................................. 105 Chapter 11. Hacking Wireless Networks .................................................. 107 Objectives ..................................................................................................................... 107 Wireless Technology .................................................................................................... 108 Wireless Standards ...................................................................................................... 109 Wireless Exploits........................................................................................................... 111 Lab scenario .................................................................................................................. 112 Quiz ............................................................................................................................... 114 Key Takeaways .............................................................................................................. 115 Chapter 12. Hacking the Web ................................................................... 117
Objectives ...................................................................................................................... 117 Web and the HTTP Protocol ......................................................................................... 118 Web servers ................................................................................................................... 119 Web Scripting Languages ............................................................................................ 120 Web Application Vulnerabilities................................................................................... 121 Web Server Attacks ...................................................................................................... 123 Quiz .............................................................................................................................. 125 Key Takeaway............................................................................................................... 126 Chapter 13. Hacking the Internet of Things and the Cloud ....................... 128 Objectives ..................................................................................................................... 128 Internet of Things ........................................................................................................ 129 IOT technologies .......................................................................................................... 129 IOT Challenges .............................................................................................................. 131 IOT attacks .................................................................................................................... 131 Cloud ............................................................................................................................ 132 Cloud Attacks ............................................................................................................... 133 Quiz .............................................................................................................................. 135 Key Takeaways ............................................................................................................. 136 Chapter 14. Hacking Databases: SQL Injection ........................................ 138 Objectives ..................................................................................................................... 138 Database ....................................................................................................................... 139 SQL Injection Tools ..................................................................................................... 142 Lab scenario ................................................................................................................. 143 Quiz .............................................................................................................................. 146
Key Takeaway............................................................................................................... 147 Chapter 15. Vulnerability Management ................................................... 148 Objectives ..................................................................................................................... 148 Vulnerability Assessment ............................................................................................ 150 Vulnerability Assessment Life Cycle............................................................................. 151 Tracking Results .......................................................................................................... 153 Confidentiality Measures ............................................................................................. 154 Vulnerability Assessment Tools....................................................................................155 Quiz ...............................................................................................................................157 Key Takeaway................................................................................................................157 Chapter 16. System Security .................................................................... 159 Objectives ..................................................................................................................... 159 Cyber Security .............................................................................................................. 160 Physical Security Checklist .......................................................................................... 160 Authentication and Authorization Systems ................................................................ 162 Firewall Architecture ................................................................................................... 165 Quiz .............................................................................................................................. 166 Key Takeaways ............................................................................................................. 167 Chapter 17. Cryptography ........................................................................ 169 Objectives ..................................................................................................................... 169 Cryptography ............................................................................................................... 170 Cryptographic Algorithms ............................................................................................ 171 Digital Signatures..........................................................................................................173 Public Key Infrastructure ............................................................................................ 174
Cryptography Attacks ................................................................................................... 175 Lab scenario ................................................................................................................. 176 Quiz .............................................................................................................................. 179 Key Takeaways ............................................................................................................. 180 Chapter 18. Summary, Final Exam and Final Exam Answer Explanation ............................................................................................ 182 Follow Along Manual .............................................................................. 186
CHAPTER 1. INTRODUCTION Welcome! I am excited that you have joined me in this Certified Ethical Hacker audio course. will be your guide throughout the course to prepare you for the certification exam. The certificate, also known by its popular name CEH, is one of the more important certification exams in the cyber security industry. I will be talking about many aspects of cyber security, ethics, hacking, and technologies that are used in the industry. The aim of this audio course is to provide you with information you'll need to pass the CEH certification exam. Before I do that, though, I want to discuss the structure of the course. There are many terms and tools you will hear about in this course. While there is nothing that can replace real world experience with these tools, I will give you scenario based topics and exercises. This may help you to better understand how to apply key terms and use the tools I discuss. These exercises will include step by step instructions that you can listen along to. One benefit of this audio course is that you can replay any section of the course so you can put what you hear into practice. In addition, our Follow along PDF Manual enhances your understanding of what you'll hear in this course. This manual is a companion study guide. They come with every AudioLearn test preparation course. In the manual, you will see a glossary of terms, acronyms, tools and services. You will also find tips for using security or hacking related tools. You can print out the manual and read along while listening to the course. If you want, take advantage of the digital version. Let me share with you the best approach for taking this CEH certificate course. First, keep in mind that understanding the foundational topics in networking is crucial to your success in the course. I will discuss these foundational topics in the early part of the course. I will also revisit them across different chapters to enhance your learning. In addition, I will provide you with examples that you can try on your own computer. If you'd like, learn them by following the steps you hear in the lectures or read about in the Follow along PDF Manual.
9
Second, I advise you to focus on one operating system when you try out the exercises. There are examples in the course that you can try on Windows, Unix, or mobile operating systems. If you have access to all of them, great! However, if you pick one operating system that you are already familiar with, stick with it. That will greatly enhance your learning experience. Finally, I suggest augmenting your learning beyond the scope of this audio course. In the Follow Along PDF Manual on page eight, I have included a list of resources; you will find useful websites that you can explore. The cyber security industry moves very quickly and it will be to your advantage to stay on top of the industry’s news. Let me take a few minutes to talk about how this audio course is structured. Every chapter begins with five to ten learning objectives, depending on how long the chapter is. These objectives will help define what I want to accomplish in the chapter. This sets the stage for the topics and lessons I'll discuss. You will also be able to set your expectations for the chapter. From there, I will proceed with the chapter audio lecture. In the lecture, the topics I mentioned in the objectives section will be discussed in greater detail. After the lecture section, I will present you with a chapter quiz. The ten question quiz gives you a chance to review the topics I discussed in the chapter. You can confirm your understanding of the chapter topics. Quizzes can be in the form of multiple choice or scenario based questions. Regardless of the format, you will be provided with the answers in the Follow-along PDF Manual along with a brief explanation of each answer. As an alternative, I will read the questions and answers with explanations. You can correct your quizzes that way if you'd like. Finally, a list of ten takeaways is included at the end of each chapter. Takeaways summarize the key points from the chapter and provide you with another opportunity to review and enhance your chapter understanding. So, let me officially welcome you the CEH certification audio course. I will now begin with your first lecture!
10
OBJECTIVES Here are the objectives for Chapter One: •
Objective One: Learn about the details of the Certified Ethical Hacker certification examination
•
Objective Two: Explore the many aspects of the cyber and information security industry
•
Objective Three: Learn about hacking, its history, and development
•
Objective Four: Understand Ethics and how it plays into Ethical Hacking
•
Objective Five: Learn about the certification exam, its logistics, and how you can best approach and pass the certificate exam.
If you are ready, let us begin your CEH learning journey! When you hear the word “hacking”, a lot of negative connotations probably run through your mind. You imagine some individual banging away at his keyboard and running some nefarious program. However, this is not always the case. Hackers were initially thought of as practical jokers, switching and misdirecting calls while working at telephone switch boards. As technology evolved, many of these pranks turned out to be clever solutions. They improved upon existing systems or facilitated incumbent processes. In the nineteen sixties and seventies, hackers were considered creative geniuses capable of providing inventive solutions. Hacking became more prominent through the UNIX operating system, as an improvement of mainframes existing at that time. Hackers also worked on a number of telephone systems back in the nineteen seventies. A group of individuals was able to mimic the audio tones that controlled the telephone network, allowing them to make free calls. These hackers were originally called phreakers. In the nineteen eighties, more personal computers were being used and these curious individuals had more to tinker with. People began to use computers to go online with
11
the advent of ARPA-NET, the predecessor of the modern internet. With the many tools available to them, hacker groups started forming, with both good and bad intentions. The most notorious of these groups were called LOD, or Legion of Doom, and MOD, or Masters of Deception. Both groups accelerated the hacker wars in the nineties, also involving the police and federal government. Technically, a hacker is someone intellectually curious who looks for solutions to a specific problem or process. Today, hackers are predominantly associated with activities that involve acquiring resources that are not theirs. This includes financial information, intellectual, or property resources. These intellectually curious usually have a strong background in computer systems, networking, and programming. Knowledge of computer systems allows an individual to study their vulnerabilities, while knowledge in networking and programming facilitates access to those systems. This knowledge can be used to further improve those systems or identify their weak points. A cracker is a term usually associated with a hacker who has ill intent when accessing computer systems. This individual could use that access and knowledge to gain monetary advantages. These days, hackers and crackers are classified into the following groups: A white hat hacker is sometimes known as the ethical hacker. True to the original definition of hacking, the white hat hacker learns more about systems to improve them. White hats are sometimes hired by companies to ensure that their infrastructure, code, and architecture can withstand external malicious attacks. White hat hackers are equally adept at exposing system flaws. However, they also help companies fix or patch them. Black hat hackers, on the other hand, access computer systems with specific illegal or nefarious intentions. They steal information and damage computers and networks. They typically gain unauthorized access, acquire sensitive data, and sell that information to the dark web. Dark web refers to the parts of the Internet not visible on typical search engines and requiring specific software to access. These black hat hackers are also known as cybercriminals as they access computer systems and networks without authorization. They break the law and can go to prison when caught. Most of them break into systems to steal or destroy data. 12
Commerce Consultants or EC Council and is based on seven domains and subject areas. These subject areas are as follows: •
First, background. This tests the individual’s knowledge on network and communication technologies. It also talks about threats and attack vectors and information security technologies.
•
Second, analysis and assessment. This section focuses on the mechanics of the types of analysis and assessments that an ethical hacker is expected to perform.
•
Third, security. This section covers security controls, attack detection, and attack prevention.
•
Fourth, tools, systems, and programs. This domain covers the many tools, programs, and systems that an ethical hacker would use in the real world. Simple knowledge of these tools is usually not sufficient; this is where hands on experience and know how will come in handy. I will guide you through some hands on exercises in this course.
•
Fifth, procedures and methodologies. This section is about understanding the procedures and methodologies in the underlying system architecture.
•
Sixth, regulation and policy. This section tests you on the understanding of current policies, laws, and acts while performing authorized hacking and assessments.
•
Seventh, ethics. This section covers how an ethical hacker should behave in accordance with the Ethics of Information Security.
Let me talk about the certification exam itself next. The CEH certification exam is a computer based examination composed of one hundred twenty five questions. You must meet certain eligibility requirements to take the exam. Once accepted, you have four hours to complete it. Test questions are multiple choice, and the passing grade range is between sixty to eighty five percent. If you pass the exam, you'll receive a certificate that is valid for three years, after which you must renew. At the time of this audio course recording, it costs a "non refundable" one hundred dollars to apply to take the test. After that, you must pay one thousand one hundred ninety nine dollars for the exam itself. 14
To download the audio version of this course, please visit our website www.AudioLearn.com