Note:-"CEH" /"Certified Ethical Hacker" is a registered trademark of EC-Council and this Practice course is not endorsed, or affiliated in any way to EC-Council

The Practice exam focuses on testing one’s knowledge of core security concepts and validating the capability of assessing an organization’s infrastructure to identify threats, analyze them, and provide remediation for protection against cyber-attacks.

Topics in certified ethical hacker v11:

• Introduction to Ethical Hacking

• Footprinting and Reconnaissance

• Scanning Networks

• Enumeration

• Vulnerability Analysis

• System Hacking

• Malware Threats

• Sniffing

• Social Engineering

• Denial-of-Service

• Session Hijacking

• Evading IDS, Firewalls, and Honeypots

• Hacking Web Servers

• Hacking Web Applications

• SQL Injection

• Hacking Wireless Networks

• Hacking Mobile Platforms

• IoT Hacking

• Cloud Computing

• Modern Cryptography

Number of Questions: 125
Test Duration: 4 Hours
Test Format: Multiple Choice
Exam Prefix: 312-50

Job roles offered in CEH:

• Securtiy administrator

• Cyber security Auditor

• Information Security Analyst

• Networ security ENgineer

• SOC security Anayst

• Jr Pentester

• Cybersecurity Consultant

Successful completion of CEHv11 certification provides you with a deep understanding of:

• Ethical hacking concepts, cyber kill chain concepts, an overview of information security, security controls, and various laws and regulations related to information security.

• Footprinting concepts and methodologies and utilizing footprinting tools along with the countermeasures

• Performing network scans, host and port discovery by utilizing different scanning tools

• Enumeration techniques that now includes NFS enumeration and related tools, DNS cache snooping, and DNSSEC Zone walking along with the countermeasures

• Concepts of vulnerability assessment, its types, and solutions along with a hands-on experience of industrial tools used

• Phases of system hacking, attacking techniques to obtain, escalate, and maintain access on victim along with covering tracks.

• Malware threats, analysis of various viruses, worms and trojans like Emotet and battling them to prevent data. APT and Fileless Malware concepts have been introduced to this domain.

• Packet sniffing concepts, techniques, and protection against the same.

• Social engineering concepts and related terminologies like identity theft, impersonation, insider threats, social engineering techniques, and countermeasures

• Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, use cases, and attack and defence tools

• Security solutions like firewall, IPS, honeypots, their evasion, and protection

• Web server and web application-based attacks, methodologies

• SQL injection, hijacking, and evasion techniques

• Wireless encryption, wireless hacking, and Bluetooth hacking-related concepts

• Mobile device management, mobile platform attack vectors, and vulnerabilities related to Android and iOS systems

• Operational Technology (OT) essentials, threats, attack methodologies and attack prevention. The concept of OT is a new addition.

• Recognizing the vulnerabilities in IoT and ensuring the safety of IoT devices

• Encryption algorithms, Public Key Infrastructure (PKI), cryptographic attacks, and cryptanalysis

• Cloud computing, threats and security, essentials of container technology and serverless computing