PDF Archive

Easily share your PDF documents with your contacts, on the Web and Social Networks.

Share a file Manage my documents Convert Recover PDF Search Help Contact



Ethical Hacker Exam Path .pdf



Original filename: Ethical Hacker Exam Path.pdf

This PDF 1.7 document has been generated by Microsoft® Word 2016, and has been sent on pdf-archive.com on 04/04/2018 at 09:24, from IP address 103.211.x.x. The current document download page has been viewed 271 times.
File size: 130 KB (6 pages).
Privacy: public file




Download original PDF file









Document preview


Ethical Hacker Exam Path | Ethical
Hacking Certification Learning
Path - Mindmajix
Introduction to Ethical Hacker
Certification Exam
Looking at this article, the very first question that pops into one’s mind is the right
definition of an Ethical Hacker. The term Hacker had a different meaning until late
90’s and then there was a shift towards the ethical ways of hacking or to counter
hack the hackers who intend to such events for bad reasons. It is an apt phrase to
mention here that “the most effective and efficient way to prevent a hack is to think
like a hacker”.
To give you a better introduction into how to become an ethical hacker, you need to
know more about the Ethical hacking v9 Certification (Ethical Hacker) which is
administered by the EC Council (that is the International Council of Electronic
Commerce Consultants). This program aims at providing the IT professionals the
tools and techniques when applied enables them to think/act like hackers.

Ethical Hacking Certification Path
Businesses have started investing on their IT front to upgrade their IT security
personnel at the top most priority ensuring that they are protected from Hackers by
employing Ethical hackers to identify and cover up the security flaws in their
Organizations. The biggest and most trusted certification that adds values to an
individual’s resume is Ethical hacker certification. It is most suitable with a CCNA
certification prior to achieving the Ethical hacker certification, as it helps you
understand the network topology better and earlier.

Certification Examination Details

Ethical hacker certification preparation generally involves two processes, one is to
take up a 40-hour online training (which introduces the rightful candidates to the
hacking tools and techniques that enables individuals to attain the “hacking mindset”)
and then to attempt on the examination itself. The exam, in general, will try to test
more than 18 subjects or domains of knowledge, which are listed as below:

Background into Ethical Hacking
Foot-printing and Reconnaissance
Scanning Networks
Enumeration
System Hacking
Malware Threats
Sniffing
Social Engineering
Denial of Service (DoS) / Distributed Denial of Service (DDoS)
Session Hijacking
Hacking Webservers
Hacking Web Applications
SQL Injection
Hacking Wireless Networks
Hacking Mobile Platforms
Evading IDS, Firewalls, and Honeypots
Cloud Computing
Cryptography

The computer-based and the closed book exam for certifications consists of 125
multiple choice questions out of which a passing score of 70% is to be attained to
successfully complete the certification (70% of 125 questions turns out to 88
questions to be answered right, in order to complete the certification exam with a
success). The exam can be taken in any examination center or a Pearson VUE
testing center. With the details on the exam known, let us take a look at the actual
content areas and also look at the scoring areas.

The domains of knowledge are further structured into only 7 content areas and each
of these content areas are weighted differently with different weightages. Let us
know individually look into all of these seven categories and try to understand the
practical usage of it and also on concentrating on the scoring areas.

1. Background (4%): This section of the exam has only 5 questions to it and
basically aims at testing the individual’s knowledge on various kinds of
software, hardware and systems that are vulnerable to hackers.
2. Analysis / Assessment (13%): The second section of the exam concentrates
on the data/system analysis and risk / technical assessments. This section
constitutes to about 16 questions focusing on the points discussed above (on
the factors that do contribute towards systems vulnerability and the
techniques that could be put to use in identifying these factors.)
3. Security (25%): The second largest section of the Ethical hacking
certification exam focuses mainly on the security areas and this section
constitutes of 31 questions. This section will definitely test the knowledge of
individuals attempting the Ethical hacking certification examination and it
mainly tests the knowledge on the following subjects:

Systems security controls
Application server
Cryptography
Firewalls
Physical security
Threat modeling
Network security
False positive/negative Validation Processes
Vulnerability scanners
Social engineering
Security policy implications
Privacy/dentiality
Biometrics
Wireless access technology (as like RFID, Bluetooth)
Trusted networks
Vulnerabilities

4. Tools / Systems / Programs (32%): The top most section of the Ethical
hacking exam and the most scoring of the sub-sections of the examination
where there are about 40 questions. This section of the exam is going to test
the expertise on the tools, systems and the programs used by the hackers.
This part of the examination will be at benefit if you have prior knowledge on
Programming languages such as C++ or Java, Scripting languages like PHP
and knowledge on different operating systems, network architectures. The
following are the subjects that one can expect during the examination and
particularly under this sub-section.

Network/host based intrusion
Network/wireless sniffers (e.g., WireShark, Airsnort)
Cryptography techniques (e.g., IPsec, SSL, PGP)
Access control mechanisms
Programming languages (e.g. C++, Java, C#, C)
Scripting languages (e.g., PHP, JavaScript)
Network topologies
Boundary protection appliances
Subnetting
Port scanning (e.g., NMAP)
Domain name system (DNS)
Routers/modems/switches
Vulnerability scanner (e.g., Nessus, Retina)
Vulnerability management and protection systems (e.g., Foundstone,
Ecora)
Operating environments (e.g., Linux, Windows, Mac)
Antivirus systems and programs
Log analysis tools
Security models
Exploitation tools
Database structures

5. Procedures / Methodology (20%): This section of the exam comprises of 15
questions and is basically focused on Procedures and methodologies. To
clear questions that fall into this category, it is very much needed to have
knowledge on information architectures and also on security testing methods.

6. Regulation / Policy (4%): This section of the examination concentrates or
focuses on the regulations and the policy issues and comprises of 5
questions. The sample questions can be focused on Payment Card Industry
compliance related security policies or compliance regulations or any other
area as specific.
7. Ethics (2%): The final section of the exam constitutes questions on ethics,
which is around 3 questions for the whole examination. This is more on the
theory as like the professional code of conduct, it's code of ethics and the
appropriateness of hacking activities as such in various other contexts.

How to Prepare for Ethical Hacker Certification?
Until now you have understood the examination, the concentration of topics to go
through for clearing your examination. If you are willing to go the extra mile by not
just clearing the examination but also to make a mark for yourself in this line of
business, then you have to take a look at the following points to ensure that you
imbibe these in your preparation time.

1. Getting familiar with the exam: It is always a better choice to get yourself
acquainted on what to expect from the examination point of view and what
better a place than the official website itself. It provides you detailed
information about the exam, the format, the duration and FAQ’s related to the
examination itself. Always ensure you know which version of you’re studying
for, it has recently updated the curriculum to version 9 but the Version 8 is still
around.
2. Follow a study-guide: Best series of documentation to follow for the exams
is from the itself. It is the most trusted documentation that one can follow and
if you are in need of another resource to follow than the official
documentation, then you can rely on this book from Amazon anyway.
3. Testing yourself with practice questions: One of the best options to test
your confidence levels before you take up the actual certification is to take up
mock-up tests on Skillset or on website or MeasureUp. Please make it a point
that you come to this leg of your preparation only when you complete the
studies or else the moral will be down low without necessary preparation.

Ethical Hacker exam Preparation Material
A quick Google Search will provide you millions of results showing necessary
content that one could use for the necessary preparation of the Ethical
Hacker examination. With all those listings, it might get difficult for one to start and
end it properly. Hence we have done some research to provide you the best of the
articles and eBooks that one should go through before they attempt the Ethical
Hacker examination. Following are the resources that we are talking about:


Ethical Hacker Handbook



Ethical Hacker v9 Study Guide

Conclusion:
In this article we have seen what takes it to be an ethical hacker, what needs to be
gone through to be an ethical hacker. There are detailed steps on how to become an
ethical hacker, how to prepare for it and also how to successfully complete the
Certification examination.
All these discussed, it takes a lot of determination and hard-work into the preparation
for you to become a very capable ethical hacker. Hope this article provides all the
information that you seek for becoming a successful ethical hacker.

Related Articles:
Introduction to Ethical Hacker Certifications
Ethical Hacker Pre-Requisites


Related documents


ethical hacker exam path
cloudnet ethical hacker
ecsa course flyer
cyber security
ceh
ceh ppt


Related keywords