CEH

Orientation slides
Introduction

• Ethical hacking is the process of testing the security of a system or

network by simulating an attack with the permission of the owner12.
• Ethical hackers help organizations identify and fix vulnerabilities,
prevent data breaches, and comply with regulations12.
• To become a certified ethical hacker (CEH), you need to have a basic
knowledge of networking, operating systems, and security concepts,
and pass the CEH exam and the CEH practical exam31.
• The CEH course will teach you how to think and act like a hacker, and
how to use various tools and techniques to perform ethical hacking in
different scenarios31.
Course Overview

• The CEH course covers 20 modules and 5 phases of ethical hacking:

reconnaissance, scanning, gaining access, maintaining access, and covering your
tracks31.
• The course will teach you how to use over 3,500 hacking tools, such as Nmap,
Metasploit, Burp Suite, Wireshark, etc., to perform various types of attacks on
different systems and platforms31.
• The course will prepare you for the CEH certification exam, which is a multiple-
choice test that assesses your knowledge of ethical hacking domains and
methodologies31.
• The course will also prepare you for the CEH practical exam, which is a hands-on
test that assesses your skills and abilities to perform ethical hacking tasks in a
simulated environment31.
Course Highlights

• The course provides a hands-on learning experience with over 220 challenge-based labs and the CyberQ platform,
which is a cloud-based cyber range that simulates real-world scenarios 31.
• The course also engages you with real-world ethical hacking assignments and global challenges with C|EH Engage,
which is a program that allows you to hack a real organization with their consent and get feedback from experts 31.
• The course will show you some examples of how to perform common attacks such as:
• Footprinting: gathering information about a target using passive or active methods31.
• Scanning: discovering open ports, services, and vulnerabilities on a target using tools like Nmap or Nessus31.
• Enumeration: extracting more information about a target’s network resources, users, groups, etc., using tools like SNMP or
NetBIOS31.
• Vulnerability analysis: identifying and prioritizing the weaknesses and risks on a target using tools like OpenVAS or Nikto31.
• System hacking: exploiting the vulnerabilities on a target to gain access, escalate privileges, execute commands, etc., using tools li
ke Metasploit or Hydra
31
.
• Malware threats: creating and deploying malicious software such as viruses, worms, trojans, ransomware, etc., using tools like Vei
l-Evasion or Shellter
31.

• Sniffing: capturing and analyzing network traffic using tools like Wireshark or Ettercap31.
• Social engineering: manipulating human behavior to obtain information or access using techniques like phishing, baiting,
pretexting, etc., using tools like SET or Gophish