What you need to know about the CEH v11 (update 2022)

 

The Certified Ethical Hacker (CEH) accreditation from EC-Council is a well-respected and well-trusted ethical hacking program that has become one of the best ways to verify a professional's skills in penetration testing, vulnerability finding, and evaluation in target systems. Certified professionals play a critical role in safeguarding an organization's digital assets and infrastructures by discovering vulnerabilities and potential attack vectors, preventing data from being stolen and misused by malevolent attackers.

 

The CEH (ANSI) program from EC-Council has recently been updated to reflect the most recent advancements in the area. The CEH certification, now in its 11th version, assesses a person's understanding of core security concepts as well as their ability to assess an organization's infrastructure to identify threats, analyze them, and provide remediation in the context of the latest operating systems, tools, tactics, exploits, and technologies.

 

An overview of CEH v11

The CEH certification, which is currently on Exam Blueprint v4.0, is designed to verify that a professional has the skills and knowledge required to perform well in a variety of roles, including penetration tester, cybersecurity auditor, security analyst, vulnerability assessment analyst, ethical hacker, security compliance analyst, and more.

 

The CEH V11 curriculum includes an exam that assesses applicants' understanding of five ethical hacking phases (Reconnaissance, Gaining Access, Enumeration, Maintaining Access, and Covering Your Tracks), as well as numerous attack vectors and countermeasures.

 

The CEH v4 topics (CEH v11 objectives) include:

  1. Information Security and Ethical Hacking Overview (6%)
  2. Reconnaissance Techniques (21%)
  3. System Hacking Phases and Attack Techniques (17%)
  4. Network and Perimeter Hacking (14%)
  5. Web Application Hacking (16%)
  6. Wireless Network Hacking (6%)
  7. Mobile Platform, IoT, and OT Hacking (8%)
  8. Cloud Computing (6%)
  9. Cryptography (6%)

 

The CEH exam subdomains on which the students need to concentrate when preparing for the test include:


  • Footprinting and reconnaissance
  • Network scanning
  • Enumeration
  • Vulnerability analysis
  • Malware threats
  • Sniffing
  • Social engineering
  • Denial of service attacks
  • Session hijacking
  • Evading IDS, Firewalls, and Honeypots
  • Server hacking
  • SQL injection

 

 

CEH v11: What's New

 

CEH v11 is more advanced, resilient, and extensive than ever, with more hacking techniques, tactics, and tools than ever before.

 

The course's practical orientation is demonstrated by the fact that 50 percent of the content is devoted to practical skills, owing to a new version of iLabs that is based on real-world tasks rather than simulations.

 

Students must learn and understand over 20 modules in CEH v11, with hacking challenges at the end of each module to reinforce what they've learned. Some of the more prevalent technologies in the exam are cloud computing and remotely hosted solutions.

 

The OWASP Top 10, IoT Hacking, Vulnerability Analysis, APT, Fileless Malware, Web API Threats, Webhooks, Web Shell, OT Attacks, Cloud Attacks, AI, ML, and much more are all covered in CEH v11.

 

CEH v11 contains additional operating systems for training and developing hacking abilities, including Windows Server 2019, Windows Server 2016, and Windows 10, all equipped with Domain Controller, firewalls, and vulnerable web applications.

 

The latest Malware Analysis methods for ransomware, banking and financial malware, IoT botnets, OT Malware Analysis, Android Malware, and more are covered in CEH v11.


More than 500 new threats and vulnerability scenarios are covered in CEH v11, including APT, Fileless Malware, Web API Threats, Webhooks, Web Shell, OT Attacks, Cloud Attacks, AI, ML, and more.


New labs for the most recent themes have been added to CEH v11.

 

What else has changed since CEH v11?

 

According to the CEHv11-Brochure, Certified Ethical Hacker (CEH) Version 11 features the following additions:


  • Incorporating Parrot Security OS, which offers better performance on lower-powered laptops and machines while offering an intuitive look and feel with a larger repository of general tools

  • Re-mapped to NIST/NICE framework to include the protect and defend (PR) job role category overlapping with other job roles, including analyze (AN) and securely provision (SP) 

  • Enhanced Cloud Security, IoT, and operational technology (OT) modules, to incorporate CSP’s Container Technologies (e.g., Docker, Kubernetes), Cloud Computing threats, and several IoT hacking tools (e.g., Shikra, Bus Pirate, Facedancer21, and more)

  • Modern malware analysis includes the latest malware analysis tactics for ransomware, banking and financial malware, IoT botnets, OT malware analysis, and Android malware

  • Covering the latest threats, with a strong focus on rising threats such as fileless malware techniques that are covered together with possible defensive strategies

  • New lab designs and operating systems for practicing and improving hacking skills

  • Increased lab time and hands−on focus, with more than 50% of the CEH v11 course dedicated to practical skills in a lab environment

  • Industry’s most comprehensive tools library, with the latest additions required by security practitioners and pentesters across the world

 

CEH v11 will be covering new topics like:


  • DNS cache snooping, DNSSEC zone walking, NFS enumeration
  • Different types of malware attacks
  • IoT hacking threats to IoT and OT platforms with ways to defend such devices securely
  • Cloud computing solutions and the essentials of container technology and serverless computing
  • WPA3 encryption and cracking
  • OWASP Top 10 Web Application Attacks
  • Malware analysis and reverse engineering


 

 Please don't forget to subscribe to our YouTube channel, like it, and share it.

Thank You For Your Support


"It's not how many you've learned that matters, but how well you've applied and mastered what you've learned." -cybersoc


LearnIT, HackIT, SecureIT @ Life After Coffee


Comments

Post a Comment

Popular posts from this blog

Download FREE4ALL IT Security, Information Security, Cyber Security, IT Systems, and Network Administration Training Courses

Image
  CYBERSOC IT Library LearnIT  |  HackIT  |  SecureIT "It's not how many you've learned that matters, but how well you've applied and mastered what you've learned."  - cybersoc | retired | hacker - Cyber Security | IT | Cloud | Data Science | Training Courses The Complete 2022 Web Development Bootcamp Part 1:  Full-Stack Web Developer01 Part 2: Full-Stack Web Developer02 ********************** Complete Machine Learning & Data Science Bootcamp 2022 Download   ********************** Hacking Android 2022 Download   ********************** MongoDB Developers 2022 Download   ********************** Complete Machine Learning & Data Science Bootcamp 2022 Part-01 Part-02 Part-03   ********************** Data Structures - Computer Science Course For Beginners Download  ********************** All Python Courses Download   ********************** Excel for Data Science and Machine Learning Download  ********************** Competitive Programming Essentials, Master A
Read more

Cybersecurity Training and Exam Giveaway

Image
Five lucky winners will receive FREE training and a certification exam in CyberOps or Security from Cisco! Now through June 30, 2022 , enter the Cybersecurity Giveaway:   Build the skills to stand up to today's most advanced security threats - for FREE.   Enter our Cybersecurity Giveaway now through June 30, 2022, for your chance to win free Cisco training and a certification exam in CyberOps or Security.   Five (5) winners will be selected at random on June 30, 2022. Winners will choose one of the following options:   Cisco Certified CyberOps Associate Cisco Certified CyberOps Professional CCNP Security   The approximate retail value (ARV) of this prize is worth up to US$1,190 .   See the official Terms and Conditions for details.   Join the next generation of security professionals for FREE. Enter to win a Security or CyberOps training and exam bundle.   Enter to Win!
Read more

Free On-Demand Content for CyberOps Associate Prep

Image
  Stay on track and meet your goals! Webinar recordings focused on each CyberOps Associate exam topic The CyberOps Associate Prep Learning Map, with 95+ hours of free self-study resources to help you work your way through the exam blueprint The CyberOps Associate Prep Practice Quiz that tests your knowledge and exam-readiness Additional materials to guide your self-study preparation and keep you motivated Technical discussions from Cisco Subject Matter Experts to help with any questions you may have Get help on your CyberOps Associate Certification self-study plan directly from Cisco for FREE. Sign up for the CyberOps Associate Prep On Demand program and you’ll gain access to the following exclusive resources: The best part of the CyberOps Associate Prep On Demand program is the learning materials are ready when you are, so you can access what you need on your own time, at your own pace. Sign up today
Read more