CEH v4 Domain #9: Cryptography
Organizations that want to maximize the chances of not being another statistic of malicious hacking can hire a certified ethical hacker. These hackers test an organization’s systems, networks and overall information security. The Certified Ethical Hacker, or CEH, certification is a well-renowned certification.
The CEH certification is currently on Exam Blueprint v4.0, which has brought some changes to how the Domains of knowledge are presented.
What is the CEH certification?
The CEH certification verifies that the holder has a practical understanding of the phases of ethical hacking, the various attack vectors and the preventative countermeasures used by ethical hackers. It certifies that the holder knows how to think and act like a malicious hacker to better position your organization’s information security measures and defend against real-world attacks. It is premised on the idea that if you understand vulnerabilities and system weaknesses your organization faces, you can better strengthen system security controls in the face of malicious activity and attacks.
Who is the target audience for CEH?
From a high-level view, any information security professional wants their organization to be better positioned in the face of attacks and malicious activity. Below is a list of roles that typically earn this certification:
- Information Security Analyst
- Information Assurance Security Officer
- Information Security Manager/Specialist
- Information Systems Security Engineer/Manager
- Information Security Professionals/Officers
- Risk/Threat/Vulnerability Analyst
- Information Security/IT Auditors
What has changed since CEH Exam Blueprint v3?
They say that the only thing constant in life is change, which applies to the new CEH Exam Blueprint. Normally, I offer a side-by-side comparison of the old and new exam versions, but in the case of CEH, so much has changed we will keep it brief. CEH Exam Blueprint v3.0 only had six domains and the material v.4.0 #9 covers was briefly covered within different domains but did not have its own dedicated Domain of Knowledge.
In CEH Exam Blueprint v4.0, Domain #9 is titled “Cryptography” and covers 6% of CEH exam content and represents seven CEH certification exam questions. There is only one subdomain in this Domain, also called Cryptography.
Let’s explore what this Domain will cover below.
1. Cryptography Concepts
- Encrypting text data into scrambled code
- Decrypted at destination for security
- Objectives – confidentiality, integrity, authentication, non-repudiation
- Types of Cryptography
- Systemic Cryptography
- Asymmetric Cryptography/Public Key Cryptography
- Government Access to Keys (GAK)
2. Encryption Algorithms
- Stream Cipher
- Block Cipher
- Data Encryption Standard (DES)
- Advanced Encryption Standard (AES)
- RC 4, RC 5, RC 6 Algorithms
- RSA (Rivest Shamir Adleman)
- Message Digest (One-Way Hash) Functions
- Message Digest Function: MD 5
- Secure Hashing Algorithm (SHA)
- Secure Hash Algorithm 2 (SHA-2)
- Hashed Message Authentication Code (HMAC)
- SSH (Secure Shell)
3. Cryptography Tools
- MD 5 Hash Calculators
- Hash Calculators for Mobile
- Cryptography Tools
4. Public Key Infrastructure (PKI)
- Public Key Infrastructure: The policies, procedures, technology, software, and personnel necessary to create, administer, and revoke digital certificates
- Public and Private Key Pair
- Certificate Authorities (CA)
- Root Certificate
- Identity Certificate
- Signed Certificate vs. Self-signed Certificate
5. Email Encryption
- Digital Signature
- Direct Digital Signature
- Arbitrated Digital Signature
- SSL (Secure Sockets Layer)
- Pretty Good Privacy (PGP)
6. Disk Encryption
- Symantec Drive Encryption
- GiliSoft Full Disk Encryption
- Cryptanalysis is the process of identifying flaws in a code, encryption technique, or key management scheme. It can be used to either strengthen or decrypt cryptographic techniques
- Cryptographic attacks
- Known Plaintext Attack
- Ciphertext-only Attack
- Chosen Plaintext Attack
- Chosen Ciphertext Attack
- Adaptive Chosen Ciphertext Attack
- Adaptive Chosen Plaintext Attack
- Rubber Hose Attack
- Code Breaking Methodologies
CEH Domain 9
Certified Ethical Hacker, or CEH, is a certification intended for information security professionals who want to bring ethical hacking benefits to their organization. You have to pass the CEH certification exam to earn this certification, which is now operating under the v4.0 Exam Blueprint and has significantly changed the material covered in CEH Domain #9, Cryptography. With the roadmap provided above (coupled with my articles for the other Domains of Knowledge), you will have a better grasp of all of the Domains covered by the CEH certification exam. You will be better positioned to pass the exam and reap the benefits that this in-demand ethical hacking certification has to offer.
- CEH Exam Blueprint v4.0, EC-Council