EC-Council CEH

CEH v4 Domain #1: Information Security and Ethical Hacking Overview

November 22, 2021 by Greg Belding

EC-Council has moved to CEH Examination Blueprint v4.0. The domains have changed significantly since v.3.0, and Domain #1 is no exception. 

Organizations that want to maximize the chances of not being another statistic of malicious hacking can hire a certified ethical hacker. These “white hat” hackers test an organization’s systems, networks, and overall information security. The Certified Ethical Hacker, or CEH, certification is a well-renowned cert that verifies the knowledge and skills of these “white hat” heroes.

The CEH certification is currently on Exam Blueprint v4.0, which has changed how the domains of knowledge are presented. This article will detail domain #1 of CEH Exam Blueprint v4.0, Information Security and Ethical Hacking Overview. It will explore what the CEH certification is, changes since the last exam version, the target audience, and the content that this domain will challenge you to master on your way to earning this Ethical Hacking certification.

What is the CEH certification?

The CEH certification verifies that the holder has a practical understanding of the phases of ethical hacking, the various attack vectors, and the preventative countermeasures used by ethical hackers. It certifies that the holder knows how to think and act like a malicious hacker to better position your organization’s information security measures and defend against real-world attacks. It is premised on the idea that if you understand vulnerabilities and system weaknesses your organization faces, you can better strengthen system security controls in the face of malicious activity and attacks.

Who is the target audience for CEH?

From a high-level view, any information security professional wants their organization to be better positioned in the face of attacks and malicious activity. Below is a list of roles that typically earn this certification:

  • Information Security Analyst
  • Information Assurance Security Officer
  • Information Security Manager/Specialist
  • Information Systems Security Engineer/Manager
  • Information Security Professionals/Officers
  • Risk/Threat/Vulnerability Analyst
  • Information Security/IT Auditors

What has changed since CEH Exam Blueprint v3?

Bluntly speaking, a lot has changed since v3. Normally, I offer a side-by-side comparison of the old and new exam versions, but in the case of CEH, so much has changed we will keep it brief. Domain #1 of CEH Exam Blueprint v3 was entitled “Background” and consisted of three subdomains, making up 21.79% of CEH exam content and accounting for 27 CEH certification exam questions. No other Domain has had as much of a change as CEH Domain #1.

In comparison, CEH Exam Blueprint v4.0 has significantly downsized to one subdomain, making up 6% of CEH exam content and accounting for eight exam questions. The subdomain “Introduction to Ethical Hacking” is comprised of the objectives below:

  • Information Security Overview
  • Cyber Kill Chain Concepts
  • Hacking Concepts
  • Ethical Hacking Concepts
  • Information Security Controls
  • Information security Laws and Standards

Let’s explore these objectives in a little more depth below.

Information security overview

This objective provides a high-level view of information Security. Think of it as a refresher.

  • Information Security Terminology
    • Hack Value
    • Zero-Day Attack
    • Vulnerability
    • Daisy Chaining
    • Exploit
    • Doxing
    • Payload
  • Data breaches
  • Elements of Information Security
    • Confidentiality
    • Integrity
    • Availability
    • Authenticity
    • Non-Repudiation
    • Security, Functionality, and Usability Triangle
  • Threats and attack vectors

Cyber kill chain concepts

The seven steps of the cyber kill chain

  1. Reconnaissance
  2. Weaponization
  3. Delivery
  4. Exploitation
  5. Installation
  6. Command and Control
  7. Actions on Objectives

Hacking concepts

CEH candidates will be required to explain what hacking is as well as what a hacker is. The five phases of hacking are:

  1. Reconnaissance
  2. Scanning
  3. Gaining Access
  4. Maintaining Access
  5. Clearing Tracks

Ethical hacking concepts

1. Why ethical hacking is necessary

Most of all, ethical hackers and CEH candidates need to understand the need for ethical hacking. The aggressive and advanced attacks which need to be understood are:

  • Denial-of-services attacks
  • Manipulation of data
  • Identity theft
  • Vandalism
  • Credit card theft
  • Piracy
  • Theft of services

2. Phases of ethical hacking

  • Footprinting and reconnaissance
  • Scanning
  • Enumeration
  • System hacking
  • Escalation of privileges
  • Covering tracks

3. Technical skills

  • Operating systems knowledge (all popular OSs)
  • Networking
  • Security and information security-related issues
  • Older advanced and sophisticated attacks

4. Non-technical skills

  • Learning ability
  • Problem-solving skills
  • Communication skills
  • Committed to security policies
  • Awareness of laws, standards and regulations

Information security controls

  • Information assurance (IA)
  • Information security policies
  • Categories of security policies
    • Promiscuous policy
    • Permissive policy
    • Prudent policy
    • Paranoid policy
  • Information security management program
  • Enterprise Information Security Architecture (EISA)
  • Threat modeling
  • Network security zoning
  • Physical security
  • Incident management
  • Incident response team
  • Vulnerability assessment
  • Penetration testing

Information security laws and standards

  • Payment Card Industry Data Security Standard (PCI-DSS)
  • ISO/IEC 27001:2013
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Industry-Standard Framework and Reference Architecture
    • Regulatory
    • Non-Regulatory
    • National vs. International
    • Industry-Specific Framework
    • Benchmarks/Secure Configuration Guides
    • Platform-Specific Guide

Pursuing the CEH

Certified Ethical Hacker, or CEH, is a certification intended for information security professionals who want to bring ethical hacking benefits to their organization. You have to pass the CEH certification exam to earn this certification, which is now operating under the v4.0 Exam Blueprint, which has significantly changed the material covered in CEH Domain #1. Use this article as your roadmap to the first domain of the CEH exam that you will have to master to earn this ethical hacking certification. 

 

Sources

Posted: November 22, 2021
Author
Greg Belding
View Profile

Greg is a Veteran IT Professional working in the Healthcare field. He enjoys Information Security, creating Information Defensive Strategy, and writing – both as a Cybersecurity Blogger as well as for fun.

Leave a Reply

Your email address will not be published.