CEH

Certified Ethical Hacker

Introduction

Welcome, Dear Reader! I sincerely hope you’ve found your way here to this introduction happy, healthy, and brimming with confidence—or, at the very least, curiosity. I can see you there, standing in your bookstore flipping through the book or sitting in your living room clicking through virtual pages at some online retailer. And you’re wondering whether you’ll buy it—whether this is the book you need for your study guide. You probably have perused the outline, checked the chapter titles—heck, you may have even read that great author bio they forced me to write. And now you’ve found your way to this, the introduction. Sure, this intro is supposed to be designed to explain the ins and outs of the book—to lay out its beauty and crafty witticisms in such a way that you just can’t resist buying it. But I’m also going to take a moment and explain the realities of the situation and let you know what you’re really getting yourself into.

This isn’t a walk in the park. Certified Ethical Hacker (CEH) didn’t gain the reputation and value it has by being easy to attain. It’s a challenging examination that tests more than just simple memorization. Its worth has elevated it as one of the top certifications a technician can attain and is now part of DoD 8570’s call for certification on DoD networks. In short, this certification actually means something to employers because they know the effort it takes to attain it. If you’re not willing to put in the effort, maybe you should pick up another line of study. Like cake decorating. Or Sudoku.

If you’re new to the career field or you’re curious and want to expand your knowledge, you may be standing there, with the glow of innocent expectation on your face, reading this intro and wondering whether this is the book for you. To help you decide, let’s take a virtual walk over to our entrance sign and have a look. Come on, you’ve seen one before—it’s just like the one in front of the roller coaster reading, “You must be this tall to enter the ride.” However, this one is just a little different. Instead of your height, I’m interested in your knowledge, and I have a question or two for you. Do you know the OSI Reference Model? What port does SMTP use? How about Telnet? What transport protocol (TCP or UDP) do they use and why?

Why am I asking these questions? Well, my new virtual friend, I’m trying to save you some agony. Just as you wouldn’t be allowed on a roller coaster that could potentially fling you off into certain agony and/or death, I’m not going to stand by and let you waltz into something you’re not ready for. If any of the questions I asked seem otherworldly to you, you need to spend some time studying the mechanics and inner workings of networking before attempting this certification. As brilliantly written as this little tome is, it is not—nor is any other book—a magic bullet, and if you’re looking for something you can read one night and become Super-Hacker by daybreak, you’re never going to find it.

Don’t get me wrong—go ahead and buy this book. You’ll want it later, and I could use the sales numbers. All I’m saying is you need to learn the basics before stepping up to this plate. I didn’t bother to drill down into the basics in this book because it would have been

20,000 pages long and scared you off right there at the rack without you even picking it up. Instead, I want you to go learn the “101” stuff first so you can be successful with this book. It won’t take long, and it’s not rocket science. I was educated in the public school systems of Alabama and didn’t know what cable TV or VCR meant until I was nearly a teenager, and I figured it out—how tough can it be for you? There is plenty in here for the beginner, though, trust me. I wrote it in the same manner I learned it: simple, easy, and ideally fun. This stuff isn’t necessarily hard; you just need the basics out of the way first. I think you’ll find, then, this book perfect for your goals.

For those of you who have already put your time in and know the basics, I think you’ll find this book pleasantly surprising. You’re obviously aware by now that technology isn’t magic, nor is it necessarily difficult or hard to comprehend—it’s just learning how something works so you can use it to your advantage. I tried to attack ethical hacking in this manner, making things as light as possible and laughing a little along the way. Combine this book with some hands-on practice, and I don’t think you’ll have any trouble at all

with the exam.

There is, of course, one primary goal and focus of this book—to help you achieve the title of Certified Ethical Hacker by passing the version 8 exam. I believe this book provides you with everything you’ll need to pass the test. However, I’d like to think this little book has more to it than that. I hope I also succeeded in another goal that’s just as important: helping you to actually become an employed ethical hacker. No, there is no way someone can simply pick up a book and magically become a seasoned IT security professional just by reading it, but I sincerely hope I’ve provided enough real-world insight that you can safely rely on keeping this book around on your journey out there in the real world.

How to Use This Book

Speaking of this book, it covers everything you’ll need to know for EC-Council’s eighth version of the Certified Ethical Hacker examination. Each chapter covers specific objectives and details for the exam, as defined by EC-Council. I’ve done my best to arrange them in a manner that makes sense to me, and I hope you see it the same way.

Each chapter has several components designed to effectively communicate the information you’ll need for the exam:

• The certification objectives covered in each chapter are listed first, right off the bat. These identify the major topics within the chapter and help you to map out your study.
• Sidebars are included in each chapter and are designed to point out information, tips, and stories that will be helpful in your day-to-day responsibilities. Not to mention, they’re just downright fun sometimes. Please note, though, that although these entries provide real-world accounts of interesting pieces of information, they are sometimes used to reinforce testable material. Don’t just discount them as simply “neat”—some of the circumstances and tools described in these sidebars may prove the difference in correctly answering a question or two on the exam.
• Exam Tips are exactly what they sound like. These are included to point out an area you need to concentrate on for the exam. No, they are not explicit test answers. Yes, they will help you focus your study.
• Specially called out Notes are part of each chapter, too. These are interesting tidbits of information that are relevant to the discussion and point out extra information. Just as with the sidebars, don’t discount them.
• Some chapters have step-by-step exercises designed to provide hands-on experience and to reinforce the chapter information. As your system and circumstances are no doubt different from mine, these may, from time to time, need a little adjustment on your end. For additional information on the exercises—and any of the tools listed in the book, for that matter—visit your favorite search engine. I guarantee you’ll find more than enough videos and tutorials already created to whet your appetite.

The Examination

Before I get to anything else, let me be crystal clear: This book will help you pass your test. I’ve taken great pains to ensure everything EC-Council has asked you to know before taking the exam is covered in the book, and I think it’s covered pretty darn well. The only cautionary note I’d place here is to not use this book as your sole source of study. This advice goes for any book for any certification.

You simply cannot expect to pick up a single book and pass a certification exam. You need practice. You need hands-on experience, and you need to practice some more.

Yes, I’m fully confident this book is a great place to start and a good way to guide your study. Just don’t go into this exam without performing some (a lot of) hands-on practice with the tools. There is simply no substitute for experience, and I promise you, come test time, you’ll be glad you put your time in.

Speaking of the test, officially entitled CEH 312-50, version 8, it was designed to provide skills-and-job-roles-based learning, standard-based training modules, and better industry acceptance using state-of-the-art labs (in the official courseware and online). The exam consists of 125 multiple-choice questions and lasts 4 hours. Delivery is provided by Prime Prometric (IBT), VUE, and APTC. These tidbits should help you:

• Be sure to pay close attention to the Exam Tips in the chapters. They are there for a reason. And retake the exams—both the end-of-chapter exams and the downloadable exams—until you’re sick of them. They will help, trust me.
• You are allowed to mark, and skip, questions for later review. Go through the entire exam, answering the ones you know beyond a shadow of a doubt. On the ones you’re not sure about, choose an answer anyway and mark the question for further review (you don’t want to fail the exam because you ran out of time and had a bunch of questions that didn’t even have an answer chosen). At the end, go back and look at the ones you’ve marked. Change your answer only if you are absolutely, 100 percent sure about it.
• You will, with absolute certainty, see a couple of questions that will blow your mind. One or two will come totally out of left field. I’ve taken the CEH exam four times—from version 5 to the current version 8 (which this book is written for)—and every single time I’ve seen questions that seemed so far out of the loop I wasn’t sure I was taking the right exam. When you see them, don’t panic. Use deductive reasoning and make your best guess. Almost every single question on this exam can be whittled down to at least 50/50 odds on a guess. The other type of question you’ll see will use some bad grammar in regard to the English language. Just remember this is an international organization and sometimes things don’t translate so easily.
• On code questions on the exam (where code snippets are shown for you to answer questions on), pay attention to port numbers. Even if you’re unsure about what generated the log or code, you can usually spot the port numbers pretty quickly. This will definitely help you on a question or two. Additionally, don’t neglect the plain text on the right side of the code snippet. It can often show you what the answer is.

The Certification

So, you’ve studied, you’ve prepped, and you think you’re ready to become CEH certified. Usually most folks looking for this certification believe their next step is simply to go take a test, and for years (as is the case for most other certifications) that was the truth. However, times change, and certification providers are always looking for a way to add more worth to their title. EC-Council is no different, and it has changed things just a bit for candidates.

There are two ways for a candidate to attain CEH certification: with training or using only self-study. The training option is pretty straightforward: You must attend an approved CEH training class before attempting the exam. EC-Council offers two different methods for attaining the required training (http://iclass.eccouncil.org/?p=719).

• Instructor-led, in-person class   These are offered by many training affiliates EC-Council has certified to provide the training. They offer the official courseware in a standard classroom setting, with a certified instructor leading the way. EC-Council can also arrange for a class at your location, provided you’re willing to pay for it, of course.
• Live, online, instructor-led course   These are online courses delivered by a certified EC-Council instructor. Courses run from 8 a.m. to 4 p.m. Mountain time, Monday through Friday, and include the official courseware, access to all online iLabs, a certification exam voucher, and a test prep program. Per the website, this course cost $2,895.

Once you attend training, you can register for and attempt the exam with no additional cost of steps required. As a matter of fact, the cost for the exam is usually part of the course pricing. If you attempt self-study, however, there are some additional requirements, detailed here, straight from EC-Council:

In order to be considered for the EC-Council certification exam without attending official training, candidate must:

• Have at least two years of information security related experience.
• Remit a non-refundable eligibility application fee of USD 100.00.
• Submit a completed Exam Eligibility Application Form. (Applicant will need to go to https://cert.eccouncil.org/exam-eligibility-form.html to fill in an online request for the Eligibility Application Form. USA/Canada applicants can contact applicationservices@eccouncil.org, and international applicants can contact cehapp@eccouncil.org. EC-Council will contact applicant’s Boss/ Supervisor/ Department head, who have agreed to act as applicant’s verifier in the application form, for authentication purposes. If application is approved, applicant will be required to purchase a voucher from EC-Council DIRECTLY. EC-Council will then send the candidate the eligibility code and the voucher code which candidate can use to register and schedule the test at any Authorized Prometric or VUE Testing Center globally. Please note that Prometric and VUE Registration will not entertain any requests without the eligibility code. If application is not approved, the application fee of USD 100 will not be refunded.)
• Purchase an official exam voucher DIRECTLY from EC-Council through http://store.eccouncil.org/

And there you have it, Dear Reader. Sure, there are a couple of additional hoops to jump through for CEH using self-study, but it’s the best option, cost-wise. From the perspective of someone who has hired many employees in the security world, I honestly believe it may be the better option all around: Anyone can attend a class, but those who self-study need to have a sponsor to verify they have the appropriate experience. It’s well worth the extra step, in my humble opinion.

Finally, thank you for picking up this book. I sincerely hope your exam goes well, and I wish you the absolute best in your upcoming

career. Here’s hoping I see you out there, somewhere and sometime!

More in the next week ...