CEH v6.1 Exam (312-50)
Credit towards Certification
Exam Code
The exam code varies when taken at different testing centers.
Exam 312-50: Web based ‘Prometric Prime’ at Accredited Training Centers (ATC).
Exam EC0-350: Proctored test at Authorized Prometric Testing Centers (APTC) globally.
Exam 312-50: VUE Testing centers
Skills Measured
The exam 312-50 tests CEH candidates on the following 26 domains.
Introduction to Ethical Hacking
Hacking Laws
Footprinting
Google Hacking
Scanning
Enumeration
System Hacking
Trojans and Backdoors
Viruses and Worms
Sniffers
Social Engineering
Phishing
Hacking Email Accounts
Denial of Service
Session Hijacking
Hacking Webservers
Web Application Vulnerabilities
Web Based Password Cracking Techniques
SQL Injection
Hacking Wireless Networks
Physical Security
Linux Hacking
Evading IDS, Honeypots and Firewalls
Buffer Overflows
Cryptography
Penetration Testing Methodologies
Module 01: Introduction to Ethical Hacking
Understand the issues plaguing the information security world
Understand various hacking terminologies
Understand the basic elements of information security
Understand the security, functionality and ease of use triangle
List the 5 stages of ethical hacking
Understand the different type of hacker attacks
Define hactivism and understand the classification of hackers
Understand who is an ethical hacker
How do you become an ethical hacker
List the profile of a typical ethical hacker
Understand vulnerability research and list the various vulnerability research tools
Describe the ways to conduct ethical hacking
What are the different ways an ethical hacker tests a target network
Module 02: Hacking Laws
- Understand the U.S Federal Laws related to Cyber Crime
- 18 U.S.C. § 1029
- 18 U.S.C. § 1030
- 18 U.S.C. § 1362
- 18 U.S.C. § 1831
- 18 U.S.C. § 2318
- 18 U.S.C. § 2320
- 18 U.S.C. § 2510 et seq
- 18 U.S.C. § 2701 et seq
- 47 U.S.C. § 605
- Understand the SPY ACT
- Washington: RCW 9A.52.110
- Florida: § 815.01 to 815.07
- Indiana: IC 35-43
- Federal Managers Financial Integrity Act of 1982
- The Freedom of Information Act: 5 U.S.C. § 552
- Federal Information Security Management Act (FISMA)
- The Privacy Act Of 1974: 5 U.S.C. § 552a
- USA Patriot Act of 2001
- Government Paperwork Elimination Act (GPEA)
- Understand the Cyber Crime Law in Mexico
- Section 30-45-5 — Unauthorized computer use
- Understand the Cyber Crime Laws in Brazil
- Art. 313-A : Entry of false data into the information system
- Art. 313-B : Unauthorized modification or alteration of the information system
- Understand the Cyber Crime Law in Canada
- Canadian Criminal Code Section 342.1
- Understand the Cyber Crime Laws in the United Kingdom
- Computer Misuse Act 1990
- Police and Justice Act 2006
- Understand the Cyber Crime Law in Europe
- Section 1 - Substantive Criminal Law
- Understand the Cyber Crime Law in Belgium
- Computer Hacking Article 550(b)
- Understand the Cyber Crime Law in Denmark
- Understand the Cyber Crime Laws in France
- Chapter III: Attacks On Systems For Automated Data Processing
- Article 323-1
- Article 323-2
- Understand the Cyber Crime Laws in Germany
- Penal Code Section 202a. Data Espionage
- Penal Code Section 303a: Alteration of Data
- Understand the Cyber Crime Law in Greece
- Criminal Code Article 370C§2
- Understand the Cyber Crime Law in Italy
- Penal Code Article 615 ter: Unauthorized access into a computer or telecommunication systems
- Understand the Cyber Crime Law in Italy
- Criminal Code Article 138a
- Understand the Cyber Crime Laws in Norway
- Penal Code § 145
- Penal Code §145b
- Penal Code § 151 b
- Understand the Cyber Crime Laws in Switzerland
- Understand the Cyber Crime Law in Australia
- Understand the Cyber Crime Law in India
- The Information Technology Act, 2000
- Understand the Cyber Crime Law in Japan
- Understand the Cyber Crime Law in Singapore
- Chapter 50A: Computer misuse Act
- Understand the Cyber Crime Laws in Korea
- Chapter VI Stability of the Information and Communications Network: Article 48, Article 49
- Chapter IX Penal Provisions: Article 61
- Understand the Cyber Crime Law in Malaysia
- Understand the Cyber Crime Law in Hong Kong
Module 03: Footprinting- Define the term Footprinting
- Understand the areas and information that hackers seek
- Describe information gathering methodology
- Understand passive information gathering
- Understand competitive intelligence and its need
- Role of financial websites in footprinting
- Role of job portals in footprinting
- Understand DNS enumeration
- Understand Whois, ARIN lookup , Nslookup
- Identify different types of DNS records
- Understand how traceroute is used in Footprinting
- Role of search engines in footprinting
- Understand how e-mail tracking works
- Understand how web spiders work
- List the steps to fake a website
Module 04: Google Hacking- Understand the term Google Hacking
- Understand the Google Hacking Database
- How can hackers take advantage of the Google Hacking Database
- Understand the basics of Google Hacking
- Being anonymous using Cache
- How can Google be used as a proxy server
- Understand directory listings
- Understand server versioning
- Understand directory traversal
- Understand incremental substitution
- Understand the advanced Google operators
- How to locate exploits and find targets
- How to track down web servers, login portals and network hardware
- Understand the various Google Hacking Tools
Module 05: Scanning- Define the term port scanning, network scanning and vulnerability scanning
- Understand the objectives of scanning
- Understand the CEH scanning methodology
- Understand Ping Sweep techniques
- Understand the Firewalk tool
- Understand Nmap command switches
- Understand the three way handshake
- Understand the following Scans:
- SYN, Stealth, XMAS, NULL, IDLE, FIN, ICMP Echo, List, TCP Connect, Full Open, FTP Bounce, UDP, Reverse Ident, RPC, Window
- Understand FloppyScan
- List TCP communication flag types
- Understand War dialing techniques
- Understand banner grabbing using OS fingerprinting, Active Stack Fingerprinting, Passive Fingerprinting and other techniques and tools
- Understand vulnerability scanning using BidiBlah and other hacking tools
- Draw network diagrams of vulnerable hosts using various tools
- Understand how proxy servers are used in launching an attack
- How does anonymizers work
- Understand HTTP tunneling techniques
- Understand IP spoofing techniques
- Understand various scanning countermeasures
Module 06: Enumeration- Understand the system hacking cycle
- Understand Enumeration and its techniques
- Understand null sessions and its countermeasures
- Understand SNMP enumeration and its countermeasures
- Describe the steps involved in performing enumeration
Module 07: System Hacking- Understand the different types of password
- Understand the different types of password attacks
- Understand password cracking techniques
- Understand Microsoft Authentication mechanism
- Describe password sniffing
- Identifying various password cracking tools
- What are the various password cracking countermeasures
- Understand privilege escalation
- Understand keyloggers and other spyware technologies
- Understand different ways to hide files
- Understanding rootkits
- How do you identify rootkits, list the steps for the same
- Understand Alternate Data Streams
- Understand Steganography technologies
- Understand how to covering your tracks and erase evidences
Module 08: Trojans and Backdoors- What is a Trojan
- Understand overt and covert channels
- Understand working of Trojans
- List the different types of Trojans
- What do Trojan creators look for
- List the different ways a Trojan can infect a system
- What are the indications of a Trojan attack?
- Identify the ports used by Trojan
- Identify listening ports using netstat
- What is meant by “wrapping”
- Understand Reverse Shell Trojan
- Understand ICMP tunneling
- Understand various classic Trojans
- Understand how “Netcat” Trojan works
- Understand the Trojan horse constructing kit
- Understand Trojan detection techniques
- Understand Trojan evading techniques
- How to avoid a Trojan infection
Module 09: Viruses and Worms- Understand virus and its history
- Characteristics of a virus
- How does a virus work
- Understand the motive behind writing a virus
- Symptoms of virus attack
- What is a virus hoax
- Understand the difference between a virus and a worm
- Understand the life cycle of virus
- Understand the types of viruses
- How a virus spreads and infects the system
- Understand the storage pattern of virus
- Understand various types of classic virus found in the wild
- Virus writing technique
- Virus construction kits
- Understand antivirus evasion techniques
- Understand Virus detection methods
Module 10: Sniffers- Understand sniffing and protocols vulnerable to it
- Discuss types of sniffing
- Understand Address Resolution Protocol (ARP)
- How does ARP Spoofing work
- Understand active and passive sniffing
- Understand ARP poisoning
- Understand MAC duplicating
- Understand ethereal capture and display filters
- Understand MAC flooding
- Understand DNS spoofing techniques
- Describe sniffing countermeasures
Module 11: Social Engineering- What is Social Engineering
- Understand human weakness
- List the different types of social engineering
- Understand Dumpster Diving
- Understand Reverse Social Engineering
- Understand Insider attacks and its countermeasures
- Understand Social Engineering threats and defense
- Understand Identity Theft
- Describe Phishing Attacks
- Understand Online Scams
- Understand URL obfuscation
- Understand social engineering on social networking sites
- Social Engineering countermeasures
Module 12: Phishing- Understand phishing and reasons for its success
- Different types of phishing
- Explain the process of phishing
- List different types of phishing attacks
- List the anti-phishing tools and countermeasures
Module 13: Hacking Email Accounts- List different ways to get information related to e-mail accounts
- Understand various e-mail hacking tools
- How to create strong passwords for e-mail accounts
- Explain Sign-in Seal
Module 14: Denial of Service- Understand Denial of Service(DoS) attacks
- What is the goal of a DoS attack
- Impact and modes of DoS attack
- Types of attacks
- Classify different types of DoS attacks
- Understand various tools used to launch DoS attacks
- Understand botnets and their use
- List the types of bots and their mode of infection
- Understand how DDoS attack works
- Characteristics of a DDoS attack
- Explain the Agent-Handler Model and DDoS IRC Model
- Understand Reflective DNS attacks
- How to conduct a DDoS attack
- Understand Reflected DoS attack
- Describe the DoS/DDoS countermeasures
Module 15: Session Hijacking- Understand session hijacking
- Understand spoofing vs. hijacking
- What are the steps to perform session hijacking
- List the types in session hijacking
- Understand session hijacking levels
- Understand sequence number prediction
- Describe countermeasure to session hijacking
Module 16: Hacking Webservers- Understand the working of a webserver
- How are webservers compromised
- Understand web server defacement
- Understand the attacks against web servers
- List the types of web server vulnerabilities
- Understand IIS Unicode exploits
- Understand patch management techniques
- Understand Web Application Scanner
- What is Metasploit Framework
- Understand various webserver testing tools
- Understand patch management
- List best practices for patch management
- Describe Web Server hardening methods
- Webserver protection checklist
Module 17: Web Application Vulnerabilities- Understand the working of a web application
- Objectives of web application hacking
- Anatomy of an attack
- Understand various web application threats and its countermeasures
- Understand various web application hacking tools
Module 18: Web Based Password Cracking Techniques- Understand authentication and authentication mechanisms
- Rules to select a good password
- Things to avoid while selecting passwords
- How to protect passwords
- How hackers get hold of passwords
- What is a Password Cracker?
- How does a Password Cracker work
- Modus operandi of an attacker using password cracker
- Understand Password Attacks - Classification
- Understand Password Cracking Countermeasures
Module 19: SQL Injection
- What is SQL injection
- Understand the steps to conduct SQL injection
- Understand various SQL injection techniques
- Understand SQL Server vulnerabilities
- How to test for SQL injection vulnerabilities
- Understand various SQL injection tools
- Understand Blind SQL injection and its countermeasures
- Understand SQL Injection countermeasures
- How to protect web sites from SQL injection attacks
Module 20: Hacking Wireless Networks
- Understand wireless network architecture
- Differentiate between wireless and wired network
- What are the effects of wireless networks on business
- Understand the types of wireless networks
- List the advantage and disadvantage of wireless network
- Understand various wireless standards
- Understand various wireless concepts and devices
- Overview of WEP, WPA, WPA2 authentication systems and cracking techniques
- Overview of wireless Sniffers and SSID, MAC Spoofing
- Understand Rogue Access Points
- Understand wireless hacking techniques
- Understand TKIP, LEAP
- Understand MAC Sniffing, AP Spoofing, MITM, DoS attacks
- Understand phone jammers
- How to detect a wireless network
- Understand various wireless hacking tools
- List the steps to hack a wireless network
- Understand WIDZ and RADIUS
- Describe the methods in securing wireless networks
Module 21: Physical Security
- Physical security breach incidents
- Understanding physical security
- Need for physical security
- Who is accountable for physical security
- Factors affecting physical security
- Physical security checklist for organizations
- Authentication mechanisms
- How to fake fingerprints
- Understand wiretapping
- Understand lock picking
- Understanding wireless and laptop security
- Laptop security countermeasures
- Understand mantrap, TEMPEST
- List the challenges in ensuring physical security
- Understand spyware technology
Module 22: Linux Hacking- What is the need for a Linux Operating System
- Linux distributors
- Understand the basic commands of Linux
- Understand the Linux file structure and networking commands
- List the directories in Linux
- Understand how to install, configure and compile a Linux Kernel
- Understand installing a Kernel patch
- Understand GCC compilation commands
- List vulnerabilities in Linux
- Why is Linux hacked
- How to apply patches to vulnerable programs
- Understand password cracking in Linux
- Understand IP Tables
- Basic Linux Operating System Defense
- Understand how to install LKM modules
- Understand AIDE
- Understand Linux hardening methods
Module 23: Evading IDS, Honeypots and Firewalls
- Understand Intrusion Detection Systems (IDS)
- Where to place an IDS
- Ways to detect an intrusion
- Understand the types of IDS
- Understand System Integrity Verifiers
- Understand True/False, Positive/Negative
- Signature analysis in an IDS
- List the general indications of a possible intrusion
- Steps to perform after IDS detects attack
- List the IDS evasion techniques
- Understand firewall and its working
- List the type of firewalls
- Understand firewalking, banner grabbing
- IDS and Firewall testing tool
- What is a honeypot
- List the types of honeypots, advantage and disadvantage
- Honeypot placement
- Differentiate between physical and virtual honeypots
- Countermeasures to hack attacks
Module 24: Buffer Overflows
- Why are programs/applications vulnerable to buffer overflow
- Understand buffer overflows and reasons for attacks
- List the knowledge required to program buffer overflow exploits
- Understand stacks, heaps, NOPS
- Identify the different types of buffer overflows and methods of detection
- Understand assembly language
- Overview of shellcode
- Overview of buffer overflow mutation techniques
- Writing buffer overflow programs in C
- Buffer overflow code analysis
Module 25: Cryptography- Overview of cryptography and encryption techniques
- Understand cryptographic algorithms
- Describe how public and private keys are generated
- Overview of MD5, SHA, RC4, RC5, Blowfish algorithms
- Understand digital signature
- List the components of a digital signature
- Method of digital signature technology
- Application of digital signature
- Understand digital signature standard
- Digital signature algorithm
- Overview of digital certificates
- Understand code breaking methodologies
- Understand cryptanalysis
- List the cryptography attacks
Module 26: Penetration Testing Methodologies- Overview of penetration testing methodologies
- Understand security assessments
- Understand vulnerability assessment and its limitation
- Understand types of penetration testing
- Understand risk management
- Outsourcing penetration testing service
- List the penetration testing steps
- Overview of the Pen-Test legal framework
- Overview of the Pen-Test deliverables
- List the automated penetration testing tools
- Best practices
- Phases of penetration testing