SlideShare a Scribd company logo

CEH Domain 4.pdf

โ€ข
โ€ข
infosec train
infosec train

Networks are composed of two or more computers that share resources (such as printers and CDs), exchange files, and allow electronic communications. https://www.infosectrain.com/courses/ceh-v11-certification-training/

Education
1 of 11
Download to read offline
CEH v11 Network & Perimeter Hacking DOMAIN 4 www.infosectrain.com
www.infosectrain.com | sales@infosectrain.com 01 Domains of CEH DOMAIN 1 Information Security & Ethical Hacking Overview DOMAIN 2 Reconnaissance Techniques DOMAIN 3 System hacking phases & Attack Techniques DOMAIN 4 Network and perimeter hacking DOMAIN 5 Web application hacking DOMAIN 6 Wireless network hacking DOMAIN 7 Mobile platform, IoT, & OT hacking DOMAIN 8 Cloud Computing DOMAIN 9 Cryptography CEH v11 DOMAINS 6% 21% 17% 14% 16% 6% 8% 6% 6%
Network Networks are composed of two or more computers that share resources (such as printers and CDs), exchange ๏ฌles, and allow electronic communications. A network of computers may be connected by cables, telephone lines, radio waves, satellites, or infrared beams. In simple terms, a network is a cluster of devices connected to each other by a physical communication medium. As I have mentioned above, a network is a collection of devices. Hence, network hacking is nothing but gaining access to the information present on all network devices over the internet. DOMAIN 4 Network and Perimeter Hacking www.infosectrain.com | sales@infosectrain.com 02 What is Network Hacking ? In this blog, we will discuss the 4th domain of CEH, which is โ€˜Network and Perimeter Hackingโ€™
DOMAIN 4 Network and Perimeter Hacking How are networks compromised? www.infosectrain.com | sales@infosectrain.com 03 As every big plan starts with a simple step, likewise, large-scale cyber attacks also start by attacking or infecting a lower-end device and increasing the level of privileges required to go forward inside the same network. While attacking the networks, ethical hackers will have to think exactly like malicious hackers. Only then the organizations can have a clear idea of their security vulnerabilities. Attackers ๏ฌrst start with the traditional methods. One of the most common traditional methods is sending a false email. An attacker usually creates an incorrect email by replicating it like an original one. For example, an attacker can create an Amazon Big Billion day email asking you to click the links to get the 50% offer. Once you click on the link, youโ€™ll be redirected to a malicious webpage from where an attacker can install the viruses on your networkโ€™s device. Once the attacker enters your network, he will start escalating his privileges to the administrator level because they are the ones who maintain the whole network. In simple terms, privilege escalation can be described as exploiting a bug or vulnerability in an application or operating system to gain access to resoures that would otherwise be protected from an average user.
www.infosectrain.com | sales@infosectrain.com 04 Tools used for Network Perimeter Hacking ARP Scan: ARP-Scan is used to scan internal networks. Compared to netdiscover arp-scanning, it is much faster. With the assistance of the ARP Scan tool, you can collect data about the internal networks in a noisy way. By noisy, I mean that the tool will be caught by the IDS and IPS sensors and leave traces behind. The four general ARP Scan usage scenarios are: > We can identify all the IPv4 network devices. > We can identify the false IP addresses. > We can easily identify and map IP addresses to MAC addresses. > We can locate and isolate malicious devices. DOMAIN 4 Network and Perimeter Hacking
PivotSuite: With PivotSuite, penetration testers and red teams can move around inside a network by using compromised systems. It is portable, platform-independent, and powerful. It is a stand-alone application that can be used as a client or a server. www.infosectrain.com | sales@infosectrain.com 05 DOMAIN 4 Network and Perimeter Hacking
Nmap: Nmap is a port scanner. Port scanning is a phase where hackers scan the target system for data like live systems, open ports, and different services running over the host. In addition to port scanning, Nmap can identify various operating systems, version numbers of services running, ๏ฌrewall con๏ฌguration, and many more features. www.infosectrain.com | sales@infosectrain.com 06 DOMAIN 4 Network and Perimeter Hacking
DOMAIN 4 Network and Perimeter Hacking www.infosectrain.com | sales@infosectrain.com 07 Spoo๏ฌng In network security, a spoo๏ฌng attack is a scenario in which an individual successfully pretends as another data source, thereby gaining an illegitimate advantage. For example, an attacker can buy advertising space on any site and can post some exciting advertisements that attract users to click on them. And if the user clicks on that advertisement, he will be redirected to a malicious page from where an attacker can install the viruses into the userโ€™s system. Network Attack Techniques
DOMAIN 4 Network and Perimeter Hacking www.infosectrain.com | sales@infosectrain.com 08 Snif๏ฌng An attacker can capture data while it is cycling across an inscure network by using packet snif๏ฌng. Data on travel is generally captured by snifer software running on any network layer. Putting the sniffer at an aggregtion point would allow it to observe the entire traf๏ฌc.
www.infosectrain.com | sales@infosectrain.com 09 Phishing While the spelling is Phishing, we utter it as ๏ฌshing. They are not just phonetic but also somewhat comparable, since we use a worm to capture a ๏ฌsh known as ๏ฌshing. On the contrary, an attacker can email, send a message, a web link, or a voice call to seek our private data called โ€œphishing.โ€ The main aim of phishing attackers is to steal your sensitive and personal data like login credentials, credit card information, etc. They may also try to install malware on your system. DOMAIN 4 Network and Perimeter Hacking
www.infosectrain.com | sales@infosectrain.com

Recommended

Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptxDomain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Infosectrain3
ย 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
ย 
Chapter 4.ppt
Chapter 4.pptChapter 4.ppt
Chapter 4.ppt
girmawodajo
ย 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
Sripati Mahapatra
ย 
Lecture 5
Lecture 5Lecture 5
Lecture 5
Education
ย 
Top 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdfTop 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdf
infosec train
ย 
Network security
Network securityNetwork security
Network security
fatimasaham
ย 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
belsis
ย 

Recommended

Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptxDomain 4 of CEH V11 Network and Perimeter Hacking.pptx
Domain 4 of CEH V11 Network and Perimeter Hacking.pptx
Infosectrain3
ย 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
ย 
Chapter 4.ppt
Chapter 4.pptChapter 4.ppt
Chapter 4.ppt
girmawodajo
ย 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
Sripati Mahapatra
ย 
Lecture 5
Lecture 5Lecture 5
Lecture 5
Education
ย 
Top 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdfTop 25 SOC Analyst interview questions.pdf
Top 25 SOC Analyst interview questions.pdf
infosec train
ย 
Network security
Network securityNetwork security
Network security
fatimasaham
ย 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
belsis
ย 
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Infosectrain3
ย 
Final project.ppt
Final project.pptFinal project.ppt
Final project.ppt
shreyng
ย 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
ShivamSharma909
ย 
Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +
infosec train
ย 
CompTIA Security+
CompTIA Security+CompTIA Security+
CompTIA Security+
Infosec Train
ย 
System and web security
System and web securitySystem and web security
System and web security
chirag patil
ย 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
Lokesh Sharma
ย 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
Lancope, Inc.
ย 
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
MohamedOmerMusa
ย 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdf
ahmed53254
ย 
Introduction to Cyber security module - III
Introduction to Cyber security module - IIIIntroduction to Cyber security module - III
Introduction to Cyber security module - III
TAMBEMAHENDRA1
ย 
Top 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptxTop 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptx
Infosectrain3
ย 
Computing safety
Computing safetyComputing safety
Computing safety
Brulius
ย 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
21CT Inc.
ย 
Securing E-commerce networks in MIS and E-Commerce
Securing E-commerce networks in MIS and E-CommerceSecuring E-commerce networks in MIS and E-Commerce
Securing E-commerce networks in MIS and E-Commerce
hidivin652
ย 
Cyber security
Cyber securityCyber security
Cyber security
vishakha bhagwat
ย 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
Tenet Systems Pvt Ltd
ย 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
dpd
ย 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
Rick Wanner
ย 
Domain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance TechniquesDomain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance Techniques
ShivamSharma909
ย 
SOC Specailist Training.pdf InfosecTrain
SOC Specailist Training.pdf InfosecTrainSOC Specailist Training.pdf InfosecTrain
SOC Specailist Training.pdf InfosecTrain
infosec train
ย 
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdfCISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
infosec train
ย 

More Related Content

Similar to CEH Domain 4.pdf

UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
Lokesh Sharma
ย 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
Lancope, Inc.
ย 
Introduction to Cyber security module - III
Introduction to Cyber security module - IIIIntroduction to Cyber security module - III
Introduction to Cyber security module - III
TAMBEMAHENDRA1
ย 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
dpd
ย 

Similar to CEH Domain 4.pdf (20)

Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
ย 
Final project.ppt
Final project.pptFinal project.ppt
Final project.ppt
ย 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
ย 
Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +
ย 
CompTIA Security+
CompTIA Security+CompTIA Security+
CompTIA Security+
ย 
System and web security
System and web securitySystem and web security
System and web security
ย 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat Management
ย 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
ย 
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
Trial Course - CertMaster Learn and CertMaster Labs for Security+ (Exam SY0-6...
ย 
network_security.docx_2.pdf
network_security.docx_2.pdfnetwork_security.docx_2.pdf
network_security.docx_2.pdf
ย 
Introduction to Cyber security module - III
Introduction to Cyber security module - IIIIntroduction to Cyber security module - III
Introduction to Cyber security module - III
ย 
Top 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptxTop 25 SOC Analyst interview questions that You Should Know.pptx
Top 25 SOC Analyst interview questions that You Should Know.pptx
ย 
Computing safety
Computing safetyComputing safety
Computing safety
ย 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
ย 
Securing E-commerce networks in MIS and E-Commerce
Securing E-commerce networks in MIS and E-CommerceSecuring E-commerce networks in MIS and E-Commerce
Securing E-commerce networks in MIS and E-Commerce
ย 
Cyber security
Cyber securityCyber security
Cyber security
ย 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
ย 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
ย 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
ย 
Domain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance TechniquesDomain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance Techniques
ย 

More from infosec train

CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdfCISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
infosec train
ย 
Everything about APT29. pdf InfosecTrain
Everything about APT29. pdf InfosecTrainEverything about APT29. pdf InfosecTrain
Everything about APT29. pdf InfosecTrain
infosec train
ย 
AXIS Bank Credit Card Fraud.pdf infosectrain
AXIS Bank Credit Card Fraud.pdf infosectrainAXIS Bank Credit Card Fraud.pdf infosectrain
AXIS Bank Credit Card Fraud.pdf infosectrain
infosec train
ย 
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
infosec train
ย 

More from infosec train (20)

SOC Specailist Training.pdf InfosecTrain
SOC Specailist Training.pdf InfosecTrainSOC Specailist Training.pdf InfosecTrain
SOC Specailist Training.pdf InfosecTrain
ย 
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdfCISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
CISSP Domain 1: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ.pdf
ย 
CRISC Domains Mind Map InfosecTrain .pdf
CRISC Domains Mind Map InfosecTrain .pdfCRISC Domains Mind Map InfosecTrain .pdf
CRISC Domains Mind Map InfosecTrain .pdf
ย 
Everything about APT29. pdf InfosecTrain
Everything about APT29. pdf InfosecTrainEverything about APT29. pdf InfosecTrain
Everything about APT29. pdf InfosecTrain
ย 
Top 10 Cyber Attacks 2024.pdf InfosecTrain
Top 10 Cyber Attacks 2024.pdf InfosecTrainTop 10 Cyber Attacks 2024.pdf InfosecTrain
Top 10 Cyber Attacks 2024.pdf InfosecTrain
ย 
Cloud Storage vs. Local Storage.pdf InfosecTrain
Cloud Storage vs. Local Storage.pdf InfosecTrainCloud Storage vs. Local Storage.pdf InfosecTrain
Cloud Storage vs. Local Storage.pdf InfosecTrain
ย 
Threat- Hunting-Tips .pdf InfosecTrain
Threat- Hunting-Tips .pdf InfosecTrainThreat- Hunting-Tips .pdf InfosecTrain
Threat- Hunting-Tips .pdf InfosecTrain
ย 
AXIS Bank Credit Card Fraud.pdf infosectrain
AXIS Bank Credit Card Fraud.pdf infosectrainAXIS Bank Credit Card Fraud.pdf infosectrain
AXIS Bank Credit Card Fraud.pdf infosectrain
ย 
Interpreting the Malicious Mind Motive Behind Cyberattacks.pdf
Interpreting the Malicious Mind Motive Behind Cyberattacks.pdfInterpreting the Malicious Mind Motive Behind Cyberattacks.pdf
Interpreting the Malicious Mind Motive Behind Cyberattacks.pdf
ย 
Cybersecurity Expert Training InfosecTrain.pdf
Cybersecurity Expert Training InfosecTrain.pdfCybersecurity Expert Training InfosecTrain.pdf
Cybersecurity Expert Training InfosecTrain.pdf
ย 
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
๐ƒ๐š๐ญ๐š ๐๐ซ๐ข๐ฏ๐š๐œ๐ฒ ๐‚๐ก๐š๐ฅ๐ฅ๐ž๐ง๐ ๐ž๐ฌ & ๐’๐จ๐ฅ๐ฎ๐ญ๐ข๐จ๐ง๐ฌ!.pdf
ย 
CEH v12 Certification Training Guide.pdf
CEH v12 Certification Training Guide.pdfCEH v12 Certification Training Guide.pdf
CEH v12 Certification Training Guide.pdf
ย 
GRC Online Training by InfosecTrain.pdf
GRC Online Training by InfosecTrain.pdfGRC Online Training by InfosecTrain.pdf
GRC Online Training by InfosecTrain.pdf
ย 
PMP Certification Training Course.pdf
PMP Certification Training Course.pdfPMP Certification Training Course.pdf
PMP Certification Training Course.pdf
ย 
upcoming batches of InfosecTrain .pdf 01
upcoming batches of InfosecTrain .pdf 01upcoming batches of InfosecTrain .pdf 01
upcoming batches of InfosecTrain .pdf 01
ย 
Best SOC Career Guide InfosecTrain .pdf
Best SOC Career Guide InfosecTrain .pdfBest SOC Career Guide InfosecTrain .pdf
Best SOC Career Guide InfosecTrain .pdf
ย 
NIST CHECKLIST by InfosecTrain.pdf InfosecTrain
NIST CHECKLIST by InfosecTrain.pdf InfosecTrainNIST CHECKLIST by InfosecTrain.pdf InfosecTrain
NIST CHECKLIST by InfosecTrain.pdf InfosecTrain
ย 
PCI-DSS(Payment Card Industry Data Security Standard) Training .pdf
PCI-DSS(Payment Card Industry Data Security Standard) Training .pdfPCI-DSS(Payment Card Industry Data Security Standard) Training .pdf
PCI-DSS(Payment Card Industry Data Security Standard) Training .pdf
ย 
Types of Data Privacy by InfosecTrain.pdf
Types of Data Privacy by InfosecTrain.pdfTypes of Data Privacy by InfosecTrain.pdf
Types of Data Privacy by InfosecTrain.pdf
ย 
CEH v12 Online Certification Training.pdf
CEH v12 Online Certification Training.pdfCEH v12 Online Certification Training.pdf
CEH v12 Online Certification Training.pdf
ย 

Recently uploaded

Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
ย 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
ย 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
heathfieldcps1
ย 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
PECB
ย 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
ย 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
ย 

Recently uploaded (20)

psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
ย 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
ย 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
ย 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
ย 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ย 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
ย 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
ย 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
ย 
ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
ย 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
ย 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
ย 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
ย 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
ย 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
ย 
The basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptxThe basics of sentences session 3pptx.pptx
The basics of sentences session 3pptx.pptx
ย 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
ย 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
ย 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
ย 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
ย 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
ย 

CEH Domain 4.pdf

  • 1. CEH v11 Network & Perimeter Hacking DOMAIN 4 www.infosectrain.com
  • 2. www.infosectrain.com | sales@infosectrain.com 01 Domains of CEH DOMAIN 1 Information Security & Ethical Hacking Overview DOMAIN 2 Reconnaissance Techniques DOMAIN 3 System hacking phases & Attack Techniques DOMAIN 4 Network and perimeter hacking DOMAIN 5 Web application hacking DOMAIN 6 Wireless network hacking DOMAIN 7 Mobile platform, IoT, & OT hacking DOMAIN 8 Cloud Computing DOMAIN 9 Cryptography CEH v11 DOMAINS 6% 21% 17% 14% 16% 6% 8% 6% 6%
  • 3. Network Networks are composed of two or more computers that share resources (such as printers and CDs), exchange ๏ฌles, and allow electronic communications. A network of computers may be connected by cables, telephone lines, radio waves, satellites, or infrared beams. In simple terms, a network is a cluster of devices connected to each other by a physical communication medium. As I have mentioned above, a network is a collection of devices. Hence, network hacking is nothing but gaining access to the information present on all network devices over the internet. DOMAIN 4 Network and Perimeter Hacking www.infosectrain.com | sales@infosectrain.com 02 What is Network Hacking ? In this blog, we will discuss the 4th domain of CEH, which is โ€˜Network and Perimeter Hackingโ€™
  • 4. DOMAIN 4 Network and Perimeter Hacking How are networks compromised? www.infosectrain.com | sales@infosectrain.com 03 As every big plan starts with a simple step, likewise, large-scale cyber attacks also start by attacking or infecting a lower-end device and increasing the level of privileges required to go forward inside the same network. While attacking the networks, ethical hackers will have to think exactly like malicious hackers. Only then the organizations can have a clear idea of their security vulnerabilities. Attackers ๏ฌrst start with the traditional methods. One of the most common traditional methods is sending a false email. An attacker usually creates an incorrect email by replicating it like an original one. For example, an attacker can create an Amazon Big Billion day email asking you to click the links to get the 50% offer. Once you click on the link, youโ€™ll be redirected to a malicious webpage from where an attacker can install the viruses on your networkโ€™s device. Once the attacker enters your network, he will start escalating his privileges to the administrator level because they are the ones who maintain the whole network. In simple terms, privilege escalation can be described as exploiting a bug or vulnerability in an application or operating system to gain access to resoures that would otherwise be protected from an average user.
  • 5. www.infosectrain.com | sales@infosectrain.com 04 Tools used for Network Perimeter Hacking ARP Scan: ARP-Scan is used to scan internal networks. Compared to netdiscover arp-scanning, it is much faster. With the assistance of the ARP Scan tool, you can collect data about the internal networks in a noisy way. By noisy, I mean that the tool will be caught by the IDS and IPS sensors and leave traces behind. The four general ARP Scan usage scenarios are: > We can identify all the IPv4 network devices. > We can identify the false IP addresses. > We can easily identify and map IP addresses to MAC addresses. > We can locate and isolate malicious devices. DOMAIN 4 Network and Perimeter Hacking
  • 6. PivotSuite: With PivotSuite, penetration testers and red teams can move around inside a network by using compromised systems. It is portable, platform-independent, and powerful. It is a stand-alone application that can be used as a client or a server. www.infosectrain.com | sales@infosectrain.com 05 DOMAIN 4 Network and Perimeter Hacking
  • 7. Nmap: Nmap is a port scanner. Port scanning is a phase where hackers scan the target system for data like live systems, open ports, and different services running over the host. In addition to port scanning, Nmap can identify various operating systems, version numbers of services running, ๏ฌrewall con๏ฌguration, and many more features. www.infosectrain.com | sales@infosectrain.com 06 DOMAIN 4 Network and Perimeter Hacking
  • 8. DOMAIN 4 Network and Perimeter Hacking www.infosectrain.com | sales@infosectrain.com 07 Spoo๏ฌng In network security, a spoo๏ฌng attack is a scenario in which an individual successfully pretends as another data source, thereby gaining an illegitimate advantage. For example, an attacker can buy advertising space on any site and can post some exciting advertisements that attract users to click on them. And if the user clicks on that advertisement, he will be redirected to a malicious page from where an attacker can install the viruses into the userโ€™s system. Network Attack Techniques
  • 9. DOMAIN 4 Network and Perimeter Hacking www.infosectrain.com | sales@infosectrain.com 08 Snif๏ฌng An attacker can capture data while it is cycling across an inscure network by using packet snif๏ฌng. Data on travel is generally captured by snifer software running on any network layer. Putting the sniffer at an aggregtion point would allow it to observe the entire traf๏ฌc.
  • 10. www.infosectrain.com | sales@infosectrain.com 09 Phishing While the spelling is Phishing, we utter it as ๏ฌshing. They are not just phonetic but also somewhat comparable, since we use a worm to capture a ๏ฌsh known as ๏ฌshing. On the contrary, an attacker can email, send a message, a web link, or a voice call to seek our private data called โ€œphishing.โ€ The main aim of phishing attackers is to steal your sensitive and personal data like login credentials, credit card information, etc. They may also try to install malware on your system. DOMAIN 4 Network and Perimeter Hacking