Domain 4 of CEH V11 Network and Perimeter Hacking

Domain 4 of CEH V11: Network and
Perimeter Hacking
www.infosectrain.com | sales@infosectrain.com
Domains of CEH
1.Information Security and Ethical Hacking Overview-6%
2.Reconnaissance Techniques-21%
3.System hacking phases and Attack Techniques-17%
4.Network and perimeter hacking-14%
5.Web application hacking-16%
6.Wireless network hacking-6%
7.Mobile platform, IoT, and OT hacking-8%
8.Cloud Computing-6%
9.Cryptography-6%
We will discuss the fourth domain of CEH, which is ‘Network and perimeter
hacking’.
Network
Networks are composed of two or more computers that share resources
(such as printers and CDs), exchange files, and allow electronic
communications. A network of computers may be connected by cables,
telephone lines, radio waves, satellites, or infrared beams.
In simple terms, a network is a cluster of devices connected to each other by

a physical communication medium.
What is network hacking?

As I have mentioned above, a network is a collection of devices. Hence,
network hacking is nothing but gaining access to the information present on
all network devices over the internet.
How are networks compromised?
As every big plan starts with a simple step, likewise, large-scale cyber attacks also start
by attacking or infecting a lower-end device and increasing the level of privileges
required to go forward inside the same network. While attacking the networks, ethical
hackers will have to think exactly like malicious hackers. Only then the organizations can
have a clear idea of their security vulnerabilities.
Attackers first start with the traditional methods. One of the most common traditional
methods is sending a false email. An attacker usually creates an incorrect email by
replicating it like an original one. For example, an attacker can create an Amazon Big
Billion day email asking you to click the links to get the 50% offer. Once you click on the
link, you’ll be redirected to a malicious webpage from where an attacker can install the
viruses on your network’s device.
Once the attacker enters your network, he will start escalating his privileges to the
administrator level because they are the ones who maintain the whole network.
In simple terms, privilege escalation can be described as exploiting a bug or

vulnerability in an application or operating system to gain access to resources that
would otherwise be protected from an average user.
Tools used for network perimeter hacking
ARP Scan: ARP-Scan is used to scan internal networks. Compared to

netdiscover arp-scanning, it is much faster. With the assistance of the
ARP Scan tool, you can collect data about the internal networks in a
noisy way. By noisy, I mean that the tool will be caught by the IDS and
IPS sensors and leave traces behind.
The four general ARP Scan usage scenarios are:
1.We can identify all the IPv4 network devices.

2.We can identify the false IP addresses.
3.We can easily identify and map IP addresses to MAC addresses.
4.We can locate and isolate malicious devices.
PivotSuite: With PivotSuite, penetration testers and red teams can move
around inside a network by using compromised systems. It is portable,
platform-independent, and powerful. It is a stand-alone application that
can be used as a client or a server.
Nmap: Nmap is a port scanner. Port scanning is a phase where hackers scan

the target system for data like live systems, open ports, and different
services running over the host.
In addition to port scanning, Nmap can identify various operating systems,

version numbers of services running, firewall configuration, and many more
features.
Network attack techniques
Spoofing: In network security, a spoofing attack is a scenario in which an

individual successfully pretends as another data source, thereby gaining an
illegitimate advantage.
For example, an attacker can buy advertising space on any site and can post
some exciting advertisements that attract users to click on them. And if the
user clicks on that advertisement, he will be redirected to a malicious page
from where an attacker can install the viruses into the user’s system.
Sniffing: An attacker can capture data while it is cycling across an insecure

network by using packet sniffing. Data on travel is generally captured by
sniffer software running on any network layer. Putting the sniffer at an
aggregation point would allow it to observe the entire traffic.
Phishing: While the spelling is Phishing, we utter it as fishing. They
are not just phonetic but also somewhat comparable, since we use
a worm to capture a fish known as fishing. On the contrary, an
attacker can email, send a message, a web link, or a voice call to
seek our private data called “phishing.”
The main aim of phishing attackers is to steal your sensitive and

personal data like login credentials, credit card information, etc.
They may also try to install malware on your system.
CEH with InfosecTrain
InfosecTrain is one of the leading training providers with a pocket-friendly budget.

We invite you to join us for an unforgettable journey with industry experts to gain
a better understanding of the Certified Ethical Hacker course. Courses can be
taken as live instructor-led sessions or as self-paced courses, allowing you to
complete your training journey at your convenience.
About InfosecTrain
• Established in 2016, we are one of the finest Security
and Technology Training and Consulting company
• Wide range of professional training programs,

certifications & consulting services in the IT and Cyber
Security domain
• High-quality technical services, certifications or

customized training programs curated with professionals
of over 15 years of combined experience in the domain
Our Endorsements
Why InfosecTrain Global Learning Partners
Certified and Experienced Flexible modes of Access to the

Instructors Training recorded sessions
Post training Tailor Made

completion Training
Our Trusted Clients
Contact us
Get your workforce reskilled by
our certified and experienced
instructors!
IND: 1800-843-7890 (Toll Free) / US: +1 657-221-1127 / UK :

+44 7451 208413
sales@infosectrain.com
www.infosectrain.com

Domain 4 of CEH V11 Network and Perimeter Hacking

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Domain 4 of CEH V11 Network and Perimeter Hacking

Uploaded by

Copyright:

Available Formats

Domain 4 of CEH V11: Network and

1.Information Security and Ethical Hacking Overview-6%

3.System hacking phases and Attack Techniques-17%

4.Network and perimeter hacking-14%

5.Web application hacking-16%

6.Wireless network hacking-6%

7.Mobile platform, IoT, and OT hacking-8%

In simple terms, a network is a cluster of devices connected to each other by

What is network hacking?

In simple terms, privilege escalation can be described as exploiting a bug or

ARP Scan: ARP-Scan is used to scan internal networks. Compared to

The four general ARP Scan usage scenarios are:

1.We can identify all the IPv4 network devices.

Nmap: Nmap is a port scanner. Port scanning is a phase where hackers scan

In addition to port scanning, Nmap can identify various operating systems,

Spoofing: In network security, a spoofing attack is a scenario in which an

Sniffing: An attacker can capture data while it is cycling across an insecure

The main aim of phishing attackers is to steal your sensitive and

InfosecTrain is one of the leading training providers with a pocket-friendly budget.

• Wide range of professional training programs,

• High-quality technical services, certifications or

Certified and Experienced Flexible modes of Access to the

Post training Tailor Made

IND: 1800-843-7890 (Toll Free) / US: +1 657-221-1127 / UK :

You might also like