SlideShare a Scribd company logo

What's new in​ CEHv11?

Download as PPTX, PDF
EC-Council
EC-Council

CEH v11 will teach you the latest commercial-grade hacking tools. Highlights of what sets CEH v11 apart from others are given in this SlideShare. To learn more about CEH v11, click here: https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/

Education
1 of 10
What's new in CEHv11?
An Introduction to Ethical Hacking Incident Handling & Response Role of AI & ML Tactics, Techniques & Procedures (TTPs) Attacks Classification IoCs & Categories Cyber Kill Chain Concepts Build responsive strategies to keep organizations safe by staying updated on the latest risks. Acquire in-depth knowledge of types of attacks & countermeasures. Behavioral Identification Cyber Threat Intelligence Make organizations stronger by describing threat vectors & attacks. Create a strong TI program with threat modeling tools, a well- tested process, & the availability of technology. Prepare for the future & prevent similar attacks from happening by using IoCs. Focus more on social & behavioral patterns, as the majority of cyber incidents are human enabled. Learn how threat agents (attackers) orchestrate and manage attacks. Understand how to handle & respond to cyber incidents
8 Footprinting and Reconnaissance Techniques Web Services Social Media Websites Reverse DNS Lookup OSINT Framework Gathering Wordlist from Target Website Search Engines Conduct a location-specific search on popular social media websites Gather information from free tools & resources Website Footprinting Deep & Dark Web Footprinting Gather information using reverse image search, meta search engines, FTP & IoT Search engines Resolve anonymity issues on the net by erasing a user's surfing footprint. Create custom wordlists for password cracking using Mentalist Collect information about the target by monitoring the target's website Query the IP address to find the hostname Gather information using business profile sites & NNTP Usenet Newsgroups
4 Ways to Scan Networks Service Version Discovery Source Port Manipulation Host Discovery Secure solutions to these problems exist, often in the form of application-level proxies or protocol-parsing firewall modules Port & Service Discovery ARP Ping scan and UDP Ping scan, Ping sweep countermeasures, TCP Ping scan, IP Portal Ping scan TCP Maimon scan, SCTP Scanning, SCTP INIT Scanning, SCTP COOKIE ECHO Scanning Nmap Scan time Reduction Techniques, OS discovery using Nmap & Unicorn scan, Nmap script engine, IPv6 Fingerprinting
Enumeration DNSSEC Zone Walking Telnet Enumeration IPv6 Enumeration BGP Enumeration SMB Enumeration NFS Enumeration Telnet is a client-server protocol used for the link to port number 23 of Transmission Control Protocol BGP or Border Gateway Protocol is one of the most important protocols on the internet TFTP Enumeration DNS Cache Snooping NFS allows remote hosts to mount the systems/ directories over a network When someone queries a DNS server in order to find out (snoop) if the DNS server has a specific DNS record cached SMB enumeration is a very important skill for any pen tester. Before learning how to enumerate SMB , we must first learn what SMB is TFTP doesn't provide directory listings. This script tries to retrieve filenames from a list IPv6 is the latest iteration of Internet Protocol (IP), and odds are your devices are chatting with other devices using this protocol Technique that is used by attackers to enumerate the full content of DNSSEC-signed DNS zones
System Hacking Privilege Escalations Using Named Pipe Impersonation by exploiting misconfigured services Vulnerability Exploration Exploit sites, Buffer Overflow (types, Windows Exploitation & defending against Buffer Overflow) Types of Password Attacks Internal Monologue attack, Cracking Kerberos password, Pass the ticket attack & other active online attacks
Malware Threats Infect Systems Using Trojans Infecting System Using Virus Trojan Analysis Fileless Malware Concepts Fileless Malware Analysis APT Lifecycle Propagating & deploying a virus Taxonomy of fileless malware threats, launching fileless malware, Obfuscation techniques to bypass Antivirus Virus Analysis Trojan Concepts NFS allows remote hosts to mount the systems/ directories over a network. Point-of-sale trojans Astaroth Attack, Fileless malware countermeasures, Detection & Protection tools SamSam Ransomware attack phases Emotet attack malware phases Employing a dropper or downloader, deploying a trojan through USB/Flash drives
Hacking WebApplications Web API, Web Hooks & Web Shell Web API Hacking Methodology Webshells & API Web Application Security Exploiting Insecure Configurations Web Application Concepts Identifying the target, launching the attack, Web application security testing by manual & automated web app security assessment, SAST, DAST, and bug bounty programs Techniques to Hack an API Hacking Methodology Web services, web application threats, injection attacks, and other web application attacks Footprint web infrastructure, analyzing web applications, bypass client-side controls, attack authentication mechanism, attack shared environments SSL Configuration, Insecure Direct Object Reference (IDOR), Login/credential stuffing attacks, API DDoS Attacks Reverse engineering, user spoofing, man-in-the-middle attack, social engineering Gaining backdoor access via webshell, secure API architecture, API security risks & solutions OWASP Top 10 API Security Risks, API Vulnerabilities, Web Hooks Vs API
IoT & OT Hacking Hacking OT OT Attacks OT Hacking Methodologies IoT Attacks OT Vulnerabilities, threats & attacks, hacking industrial systems through RF remote controllers, OT Malware analysis IoT Hacking Methodology IoT Vulnerabilities, SDR-based attacks on IoT, Identifying & Accessing Local IoT Devices, Fault Injection Attacks Information gathering using FCC ID Search, Discovering IoT Devices with Default, Credentials using IoT Seeker, Sniffing using Wireshark Identifying ICS/SCADA Systems using shodan, gathering default passwords using CRITIFENCE, vulnerability scanning using Nessus & Skybox vulnerability control, & many more OT concepts, components of an ICS, OT Technologies & Protocols Countermeasures How to defend against OT hacking, OT Vulnerabilities & solutions, securing an IT/OT Environment, OT Security solutions
Cloud Computing Serverless ComputingCloud Computing Threats Cloud Hacking Cloud Computing Concepts OWASP Top 10 Cloud & Serverless security risks, Container & Kubernetes vulnerabilities, types of cloud attacks The growth of cloud computing has made hacking more rampant. Learn how to protect data on the cloud Cloud Security Container Technology Cloud storage architecture, role of AI in cloud computing, VR & augmented reality on cloud Container Technology architecture, What is Docker, Container Orchestration, What is Kubernetes?, Container Security Challenges Set of policies, technologies, applications, and controls utilized to protect virtualized IP, data, applications, services Serverless Vs Containers, Serverless computing frameworks

Recommended

Most Common Application Level Attacks
Most Common Application Level AttacksMost Common Application Level Attacks
Most Common Application Level AttacksEC-Council
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)EC-Council
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
Web server security challenges
Web server security challengesWeb server security challenges
Web server security challengesMartins Chibuike Onuoha
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threadssrivijaymanickam
 
8 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 20208 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 2020SecPod Technologies
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 

Recommended

Most Common Application Level Attacks
Most Common Application Level AttacksMost Common Application Level Attacks
Most Common Application Level AttacksEC-Council
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)EC-Council
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
Web server security challenges
Web server security challengesWeb server security challenges
Web server security challengesMartins Chibuike Onuoha
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threadssrivijaymanickam
 
8 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 20208 Types of Cyber Attacks That Can Bother CISOs in 2020
8 Types of Cyber Attacks That Can Bother CISOs in 2020SecPod Technologies
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerabilityA. Shamel
 
Attack lecture #2 ppt
Attack lecture #2 pptAttack lecture #2 ppt
Attack lecture #2 pptvasanthimuniasamy
 
Network attacks
Network attacksNetwork attacks
Network attacksManjushree Mashal
 
Malicion software
Malicion softwareMalicion software
Malicion softwareA. Shamel
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attackskrishh sivakrishna
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test ProfessionalsTechWell
 
Security threats
Security threatsSecurity threats
Security threatsQamar Farooq
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Ethical Hacking (CEH) - Industrial Training Report
Ethical Hacking (CEH) - Industrial Training ReportEthical Hacking (CEH) - Industrial Training Report
Ethical Hacking (CEH) - Industrial Training ReportRaghav Bisht
 
this is test for today
this is test for todaythis is test for today
this is test for todayDreamMalar
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmmandynova
 
Software Security Testing
Software Security TestingSoftware Security Testing
Software Security Testingsrivinayak
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacksSugirtha Jasmine M
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?ONE BCG
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingMazenetsolution
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Umesh Mahawar
 
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...BeyondTrust
 
External Attacks Against Pivileged Accounts
External Attacks Against Pivileged AccountsExternal Attacks Against Pivileged Accounts
External Attacks Against Pivileged AccountsLindsay Marsh
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hackingCmano Kar
 
Ceh certified ethical hacker
Ceh certified ethical hackerCeh certified ethical hacker
Ceh certified ethical hackerbestip
 
Cisel1 d
Cisel1 dCisel1 d
Cisel1 dchandu_sai
 

More Related Content

What's hot

Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerabilityA. Shamel
 
Malicion software
Malicion softwareMalicion software
Malicion softwareA. Shamel
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test ProfessionalsTechWell
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Ethical Hacking (CEH) - Industrial Training Report
Ethical Hacking (CEH) - Industrial Training ReportEthical Hacking (CEH) - Industrial Training Report
Ethical Hacking (CEH) - Industrial Training ReportRaghav Bisht
 
this is test for today
this is test for todaythis is test for today
this is test for todayDreamMalar
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmmandynova
 
Software Security Testing
Software Security TestingSoftware Security Testing
Software Security Testingsrivinayak
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacksSugirtha Jasmine M
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?ONE BCG
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Umesh Mahawar
 
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...BeyondTrust
 
External Attacks Against Pivileged Accounts
External Attacks Against Pivileged AccountsExternal Attacks Against Pivileged Accounts
External Attacks Against Pivileged AccountsLindsay Marsh
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hackingCmano Kar
 

What's hot (20)

Security vulnerability
Security vulnerabilitySecurity vulnerability
Security vulnerability
 
Attack lecture #2 ppt
Attack lecture #2 pptAttack lecture #2 ppt
Attack lecture #2 ppt
 
Network attacks
Network attacksNetwork attacks
Network attacks
 
Malicion software
Malicion softwareMalicion software
Malicion software
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
 
Security Testing for Test Professionals
Security Testing for Test ProfessionalsSecurity Testing for Test Professionals
Security Testing for Test Professionals
 
Security threats
Security threatsSecurity threats
Security threats
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Ethical Hacking (CEH) - Industrial Training Report
Ethical Hacking (CEH) - Industrial Training ReportEthical Hacking (CEH) - Industrial Training Report
Ethical Hacking (CEH) - Industrial Training Report
 
this is test for today
this is test for todaythis is test for today
this is test for today
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmm
 
Software Security Testing
Software Security TestingSoftware Security Testing
Software Security Testing
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacks
 
What is security testing and why it is so important?
What is security testing and why it is so important?What is security testing and why it is so important?
What is security testing and why it is so important?
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)
 
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
External Attacks Against Privileged Accounts - How Federal Agencies Can Build...
 
External Attacks Against Pivileged Accounts
External Attacks Against Pivileged AccountsExternal Attacks Against Pivileged Accounts
External Attacks Against Pivileged Accounts
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoS
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hacking
 

Similar to What's new in​ CEHv11?

Ceh certified ethical hacker
Ceh certified ethical hackerCeh certified ethical hacker
Ceh certified ethical hackerbestip
 
3 Hkcert Trend
3 Hkcert Trend3 Hkcert Trend
3 Hkcert TrendSC Leung
 
Stuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedStuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedYury Chemerkin
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHackingAve Nawsh
 
Bro Policy Assignment
Bro Policy AssignmentBro Policy Assignment
Bro Policy AssignmentTara Hardin
 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...ShivamSharma909
 
Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +infosec train
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & ArchitecturePriyanka Aash
 
MITRE_ATTACK_Enterprise_11x17.pdf
MITRE_ATTACK_Enterprise_11x17.pdfMITRE_ATTACK_Enterprise_11x17.pdf
MITRE_ATTACK_Enterprise_11x17.pdfAisyiFree
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingPriyanka Aash
 
Workshop content adams
Workshop content adamsWorkshop content adams
Workshop content adamsSiddharth
 
Ethical Hacking: Safeguarding Systems through Responsible Security Testing
Ethical Hacking: Safeguarding Systems through Responsible Security TestingEthical Hacking: Safeguarding Systems through Responsible Security Testing
Ethical Hacking: Safeguarding Systems through Responsible Security Testingchampubhaiya8
 
Intro2 malwareanalysisshort
Intro2 malwareanalysisshortIntro2 malwareanalysisshort
Intro2 malwareanalysisshortVincent Ohprecio
 
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On LabPHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On LabTeymur Kheirkhabarov
 
324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.pptssuserde23af
 
324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.pptssuserde23af
 

Similar to What's new in​ CEHv11? (20)

Ceh certified ethical hacker
Ceh certified ethical hackerCeh certified ethical hacker
Ceh certified ethical hacker
 
Cisel1 d
Cisel1 dCisel1 d
Cisel1 d
 
Chapter 2
Chapter 2Chapter 2
Chapter 2
 
3 Hkcert Trend
3 Hkcert Trend3 Hkcert Trend
3 Hkcert Trend
 
Stuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learnedStuxnet redux. malware attribution & lessons learned
Stuxnet redux. malware attribution & lessons learned
 
Information security & EthicalHacking
Information security & EthicalHackingInformation security & EthicalHacking
Information security & EthicalHacking
 
Bro Policy Assignment
Bro Policy AssignmentBro Policy Assignment
Bro Policy Assignment
 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
 
Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +Top Interview Questions for CompTIA Security +
Top Interview Questions for CompTIA Security +
 
CompTIA Security+
CompTIA Security+CompTIA Security+
CompTIA Security+
 
Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture
 
MITRE_ATTACK_Enterprise_11x17.pdf
MITRE_ATTACK_Enterprise_11x17.pdfMITRE_ATTACK_Enterprise_11x17.pdf
MITRE_ATTACK_Enterprise_11x17.pdf
 
Application Security Architecture and Threat Modelling
Application Security Architecture and Threat ModellingApplication Security Architecture and Threat Modelling
Application Security Architecture and Threat Modelling
 
Novinky F5
Novinky F5Novinky F5
Novinky F5
 
Workshop content adams
Workshop content adamsWorkshop content adams
Workshop content adams
 
Ethical Hacking: Safeguarding Systems through Responsible Security Testing
Ethical Hacking: Safeguarding Systems through Responsible Security TestingEthical Hacking: Safeguarding Systems through Responsible Security Testing
Ethical Hacking: Safeguarding Systems through Responsible Security Testing
 
Intro2 malwareanalysisshort
Intro2 malwareanalysisshortIntro2 malwareanalysisshort
Intro2 malwareanalysisshort
 
PHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On LabPHDays 2018 Threat Hunting Hands-On Lab
PHDays 2018 Threat Hunting Hands-On Lab
 
324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt
 
324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt324515851-Ethical-Hacking-Ppt-Download4575.ppt
324515851-Ethical-Hacking-Ppt-Download4575.ppt
 

More from EC-Council

Skills that make network security training easy
Skills that make network security training easySkills that make network security training easy
Skills that make network security training easyEC-Council
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityEC-Council
 
What makes blockchain secure: Key Characteristics & Security Architecture
What makes blockchain secure: Key Characteristics & Security ArchitectureWhat makes blockchain secure: Key Characteristics & Security Architecture
What makes blockchain secure: Key Characteristics & Security ArchitectureEC-Council
 
6 Most Popular Threat Modeling Methodologies
6 Most Popular Threat Modeling Methodologies 6 Most Popular Threat Modeling Methodologies
6 Most Popular Threat Modeling MethodologiesEC-Council
 
Journey from CCNA to Certified Network Defender v2
Journey from CCNA to Certified Network Defender v2Journey from CCNA to Certified Network Defender v2
Journey from CCNA to Certified Network Defender v2EC-Council
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?EC-Council
 
Red Team vs. Blue Team
Red Team vs. Blue TeamRed Team vs. Blue Team
Red Team vs. Blue TeamEC-Council
 
Why Threat Intelligence Is a Must for Every Organization?
Why Threat Intelligence Is a Must for Every Organization?Why Threat Intelligence Is a Must for Every Organization?
Why Threat Intelligence Is a Must for Every Organization?EC-Council
 
Why Digital Forensics as a Career?
Why Digital Forensics as a Career? Why Digital Forensics as a Career?
Why Digital Forensics as a Career? EC-Council
 
Cryptography in Blockchain
Cryptography in BlockchainCryptography in Blockchain
Cryptography in BlockchainEC-Council
 
A Brief Introduction to Penetration Testing
A Brief Introduction to Penetration TestingA Brief Introduction to Penetration Testing
A Brief Introduction to Penetration TestingEC-Council
 
Computer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIComputer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIEC-Council
 
Pasta Threat Modeling
Pasta Threat ModelingPasta Threat Modeling
Pasta Threat ModelingEC-Council
 
Blockchain: Fundamentals & Opportunities​
Blockchain: Fundamentals & Opportunities​Blockchain: Fundamentals & Opportunities​
Blockchain: Fundamentals & Opportunities​EC-Council
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity AuditEC-Council
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk ManagementEC-Council
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threatsEC-Council
 
Business Continuity & Disaster Recovery
Business Continuity & Disaster RecoveryBusiness Continuity & Disaster Recovery
Business Continuity & Disaster RecoveryEC-Council
 
Threat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & AcquisitionThreat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & AcquisitionEC-Council
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security ManagementEC-Council
 

More from EC-Council (20)

Skills that make network security training easy
Skills that make network security training easySkills that make network security training easy
Skills that make network security training easy
 
Can Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network SecurityCan Cloud Solutions Transform Network Security
Can Cloud Solutions Transform Network Security
 
What makes blockchain secure: Key Characteristics & Security Architecture
What makes blockchain secure: Key Characteristics & Security ArchitectureWhat makes blockchain secure: Key Characteristics & Security Architecture
What makes blockchain secure: Key Characteristics & Security Architecture
 
6 Most Popular Threat Modeling Methodologies
6 Most Popular Threat Modeling Methodologies 6 Most Popular Threat Modeling Methodologies
6 Most Popular Threat Modeling Methodologies
 
Journey from CCNA to Certified Network Defender v2
Journey from CCNA to Certified Network Defender v2Journey from CCNA to Certified Network Defender v2
Journey from CCNA to Certified Network Defender v2
 
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
HOW TO TROUBLESHOOT SECURITY INCIDENTS IN A CLOUD ENVIRONMENT?
 
Red Team vs. Blue Team
Red Team vs. Blue TeamRed Team vs. Blue Team
Red Team vs. Blue Team
 
Why Threat Intelligence Is a Must for Every Organization?
Why Threat Intelligence Is a Must for Every Organization?Why Threat Intelligence Is a Must for Every Organization?
Why Threat Intelligence Is a Must for Every Organization?
 
Why Digital Forensics as a Career?
Why Digital Forensics as a Career? Why Digital Forensics as a Career?
Why Digital Forensics as a Career?
 
Cryptography in Blockchain
Cryptography in BlockchainCryptography in Blockchain
Cryptography in Blockchain
 
A Brief Introduction to Penetration Testing
A Brief Introduction to Penetration TestingA Brief Introduction to Penetration Testing
A Brief Introduction to Penetration Testing
 
Computer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIComputer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFI
 
Pasta Threat Modeling
Pasta Threat ModelingPasta Threat Modeling
Pasta Threat Modeling
 
Blockchain: Fundamentals & Opportunities​
Blockchain: Fundamentals & Opportunities​Blockchain: Fundamentals & Opportunities​
Blockchain: Fundamentals & Opportunities​
 
Cybersecurity Audit
Cybersecurity AuditCybersecurity Audit
Cybersecurity Audit
 
Third Party Risk Management
Third Party Risk ManagementThird Party Risk Management
Third Party Risk Management
 
Types of malware threats
Types of malware threatsTypes of malware threats
Types of malware threats
 
Business Continuity & Disaster Recovery
Business Continuity & Disaster RecoveryBusiness Continuity & Disaster Recovery
Business Continuity & Disaster Recovery
 
Threat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & AcquisitionThreat Intelligence Data Collection & Acquisition
Threat Intelligence Data Collection & Acquisition
 
Information Security Management
Information Security ManagementInformation Security Management
Information Security Management
 

Recently uploaded

Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupJonathanParaisoCruz
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Celine George
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfUjwalaBharambe
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxRaymartEstabillo3
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfMr Bounab Samir
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentInMediaRes1
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 

Recently uploaded (20)

9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
MARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized GroupMARGINALIZATION (Different learners in Marginalized Group
MARGINALIZATION (Different learners in Marginalized Group
 
Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17Computed Fields and api Depends in the Odoo 17
Computed Fields and api Depends in the Odoo 17
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdfFraming an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
Framing an Appropriate Research Question 6b9b26d93da94caf993c038d9efcdedb.pdf
 
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptxEPANDING THE CONTENT OF AN OUTLINE using notes.pptx
EPANDING THE CONTENT OF AN OUTLINE using notes.pptx
 
What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdfLike-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
Like-prefer-love -hate+verb+ing & silent letters & citizenship text.pdf
 
Meghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media ComponentMeghan Sutherland In Media Res Media Component
Meghan Sutherland In Media Res Media Component
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 

What's new in​ CEHv11?

  • 2. An Introduction to Ethical Hacking Incident Handling & Response Role of AI & ML Tactics, Techniques & Procedures (TTPs) Attacks Classification IoCs & Categories Cyber Kill Chain Concepts Build responsive strategies to keep organizations safe by staying updated on the latest risks. Acquire in-depth knowledge of types of attacks & countermeasures. Behavioral Identification Cyber Threat Intelligence Make organizations stronger by describing threat vectors & attacks. Create a strong TI program with threat modeling tools, a well- tested process, & the availability of technology. Prepare for the future & prevent similar attacks from happening by using IoCs. Focus more on social & behavioral patterns, as the majority of cyber incidents are human enabled. Learn how threat agents (attackers) orchestrate and manage attacks. Understand how to handle & respond to cyber incidents
  • 3. 8 Footprinting and Reconnaissance Techniques Web Services Social Media Websites Reverse DNS Lookup OSINT Framework Gathering Wordlist from Target Website Search Engines Conduct a location-specific search on popular social media websites Gather information from free tools & resources Website Footprinting Deep & Dark Web Footprinting Gather information using reverse image search, meta search engines, FTP & IoT Search engines Resolve anonymity issues on the net by erasing a user's surfing footprint. Create custom wordlists for password cracking using Mentalist Collect information about the target by monitoring the target's website Query the IP address to find the hostname Gather information using business profile sites & NNTP Usenet Newsgroups
  • 4. 4 Ways to Scan Networks Service Version Discovery Source Port Manipulation Host Discovery Secure solutions to these problems exist, often in the form of application-level proxies or protocol-parsing firewall modules Port & Service Discovery ARP Ping scan and UDP Ping scan, Ping sweep countermeasures, TCP Ping scan, IP Portal Ping scan TCP Maimon scan, SCTP Scanning, SCTP INIT Scanning, SCTP COOKIE ECHO Scanning Nmap Scan time Reduction Techniques, OS discovery using Nmap & Unicorn scan, Nmap script engine, IPv6 Fingerprinting
  • 5. Enumeration DNSSEC Zone Walking Telnet Enumeration IPv6 Enumeration BGP Enumeration SMB Enumeration NFS Enumeration Telnet is a client-server protocol used for the link to port number 23 of Transmission Control Protocol BGP or Border Gateway Protocol is one of the most important protocols on the internet TFTP Enumeration DNS Cache Snooping NFS allows remote hosts to mount the systems/ directories over a network When someone queries a DNS server in order to find out (snoop) if the DNS server has a specific DNS record cached SMB enumeration is a very important skill for any pen tester. Before learning how to enumerate SMB , we must first learn what SMB is TFTP doesn't provide directory listings. This script tries to retrieve filenames from a list IPv6 is the latest iteration of Internet Protocol (IP), and odds are your devices are chatting with other devices using this protocol Technique that is used by attackers to enumerate the full content of DNSSEC-signed DNS zones
  • 6. System Hacking Privilege Escalations Using Named Pipe Impersonation by exploiting misconfigured services Vulnerability Exploration Exploit sites, Buffer Overflow (types, Windows Exploitation & defending against Buffer Overflow) Types of Password Attacks Internal Monologue attack, Cracking Kerberos password, Pass the ticket attack & other active online attacks
  • 7. Malware Threats Infect Systems Using Trojans Infecting System Using Virus Trojan Analysis Fileless Malware Concepts Fileless Malware Analysis APT Lifecycle Propagating & deploying a virus Taxonomy of fileless malware threats, launching fileless malware, Obfuscation techniques to bypass Antivirus Virus Analysis Trojan Concepts NFS allows remote hosts to mount the systems/ directories over a network. Point-of-sale trojans Astaroth Attack, Fileless malware countermeasures, Detection & Protection tools SamSam Ransomware attack phases Emotet attack malware phases Employing a dropper or downloader, deploying a trojan through USB/Flash drives
  • 8. Hacking WebApplications Web API, Web Hooks & Web Shell Web API Hacking Methodology Webshells & API Web Application Security Exploiting Insecure Configurations Web Application Concepts Identifying the target, launching the attack, Web application security testing by manual & automated web app security assessment, SAST, DAST, and bug bounty programs Techniques to Hack an API Hacking Methodology Web services, web application threats, injection attacks, and other web application attacks Footprint web infrastructure, analyzing web applications, bypass client-side controls, attack authentication mechanism, attack shared environments SSL Configuration, Insecure Direct Object Reference (IDOR), Login/credential stuffing attacks, API DDoS Attacks Reverse engineering, user spoofing, man-in-the-middle attack, social engineering Gaining backdoor access via webshell, secure API architecture, API security risks & solutions OWASP Top 10 API Security Risks, API Vulnerabilities, Web Hooks Vs API
  • 9. IoT & OT Hacking Hacking OT OT Attacks OT Hacking Methodologies IoT Attacks OT Vulnerabilities, threats & attacks, hacking industrial systems through RF remote controllers, OT Malware analysis IoT Hacking Methodology IoT Vulnerabilities, SDR-based attacks on IoT, Identifying & Accessing Local IoT Devices, Fault Injection Attacks Information gathering using FCC ID Search, Discovering IoT Devices with Default, Credentials using IoT Seeker, Sniffing using Wireshark Identifying ICS/SCADA Systems using shodan, gathering default passwords using CRITIFENCE, vulnerability scanning using Nessus & Skybox vulnerability control, & many more OT concepts, components of an ICS, OT Technologies & Protocols Countermeasures How to defend against OT hacking, OT Vulnerabilities & solutions, securing an IT/OT Environment, OT Security solutions
  • 10. Cloud Computing Serverless ComputingCloud Computing Threats Cloud Hacking Cloud Computing Concepts OWASP Top 10 Cloud & Serverless security risks, Container & Kubernetes vulnerabilities, types of cloud attacks The growth of cloud computing has made hacking more rampant. Learn how to protect data on the cloud Cloud Security Container Technology Cloud storage architecture, role of AI in cloud computing, VR & augmented reality on cloud Container Technology architecture, What is Docker, Container Orchestration, What is Kubernetes?, Container Security Challenges Set of policies, technologies, applications, and controls utilized to protect virtualized IP, data, applications, services Serverless Vs Containers, Serverless computing frameworks