Certified Ethical Hacker Mastery (Expert Level)

  • 23m
  • 23 questions
The Certified Ethical Hacker Mastery benchmark measures whether a learner has mastery of the CEH practice with extensive experience with virtually all CEH scenarios and processes, and is considered a thought leader. A learner who scores high on this benchmark demonstrates professional mastery in all of the major areas of the CEH discipline, across a variety of different platforms and deployments. This learner works and act almost 100% independently of others, and is seen as a leader in the industry.

Topics covered

  • define session hijacking, describe how it can be accomplished, and recognize the different types
  • describe common application level session hijacking attacks such as man-in-the-middle, man-in-the-browser, cross-site scripting (XSS), and cross-site request forgery (XSRF)
  • describe common session-hijacking security controls and countermeasures like detection methods and tools, as well as best-practices like using encrypted protocols and secure session handling techniques
  • describe firewalls, their role as a security countermeasure, and techniques commonly used to bypass them
  • describe footprinting and recognize the different types of information you can gather in this initial stage of attack
  • describe honeypots and how they can be used to build better defenses to protect your organization
  • describe Inverse TCP scans, how to issue an Inverse TCP scan with nmap, and the pros and cons of this scan type
  • describe risk as it pertains to cybersecurity, recognize the risk levels, and use a risk matrix to visualize risk
  • describe Stealth scans, how to issue a Stealth scan with nmap, and the pros and cons of using this scan type
  • describe TCP Connect scans, how to issue a TCP Connect scan with nmap, and the pros and cons of using this type of scan
  • describe unvalidated redirects and forwards and how they can be used to access protected data
  • recognize commonly used footprinting tools that will help you with not only the exam, but that are employed in real-life as well
  • recognize common web app attacks listed in the OWASP Top 10 Web Application Attacks document, as well as how to use them as ethical hackers and protect against them as defenders
  • recognize common web server attacks such as directory traversal, HTTP response splitting, and Server-side Request Forgery (SSRF)
  • recognize how to discover the public network info associated with your target
  • recognize how to use a common web server attack methodology, including the tools and techniques used at each step
  • recognize security controls that could be recommended to a client to help them better protect against an attacker's footprinting and recon efforts
  • recognize the details of common network-based session hijacking attacks such as UDP, TCP, and RST hijacking used to perform man-in-the-middle attacks
  • recognize the details of web applications, including their commonly used technologies, associated risks, and defenses
  • recognize the function of a web server, common components that can lead to vulnerabilities, and security controls to help mitigate those possible vulnerabilities
  • recognize the function of intrusion detection/prevention systems (IDS/IPS), common deployment solutions, and techniques for evading detection by these systems
  • use nmap's ACK scan for the purposes of mapping possible firewall rules and enumerating port states
  • use social engineering techniques like shoulder surfing and dumpster diving to obtain useful or sensitive information about your target's organization