Why the CEH?
The main reason I chose to start with the CEH 🔗 is definitely the completeness of the certification in the field of ethical hacking, compared to alternatives. It covers all aspects of ethical hacking that an intermediate individual should know. Moreover, the EC-Council - the organization that issues this certification - is accredited by the American National Standards Institute (ANSI 🔗). This makes the certification globally recognized and ideal for pursuing significant positions in this field.
What topics are covered by the certification
In order to obtain the certification, it's essential to start with a solid knowledge base in networking. Without this, it would be impossible to delve into ethical hacking topics since almost all the attacks presented are carried out over the network. The first real concept we will cover involves the basics of security, which include a series of concepts to understand what it means to design a security architecture. Then, we will talk about the three fundamental steps to gather as much information as possible about the target system of an attack. These are: footprinting, scanning, and enumeration. Immediately after, we will cover classic attack techniques, with a focus on post-exploitation practices. After consolidating this knowledge, we will introduce the types of malware and their analysis and creation. Every ethical hacker's arsenal must include network sniffing skills. That's why we will study the main tools that allow such operations. At this point, we will talk about how most attacks are executed today, namely by exploiting social engineering techniques. To complete our understanding of the main attack techniques, we will also cover wireless security, studying how to hack communications transmitted over Wi-Fi and Bluetooth. Finally, we will thoroughly examine the main encryption protocols and take a look at today's most common buzzwords: Cloud Computing and the Internet of Things.
How to best prepare for obtaining the certification
For almost all the topics we will cover, it is important to do practical exercises to acquire the necessary skills to pass the certification. We will make extensive use of tools and operating systems designed to facilitate the work of those in this field. For this reason, we will use Kali Linux 🔗, an open-source distribution of the famous Linux that includes a collection of tools to support penetration testing activities. Additionally, in the /resources 🔗 section, it will be possible to access and download material that I will provide to consolidate the knowledge acquired during the study.
In the next post, we will discuss an introduction to ethical hacking. I wish you a pleasant stay on engsitter.com!