With enterprise and governments struggling to keep up with the ever-changing cybersecurity landscape, EC-Council has updated its Certified Ethical Hacker (CEH) certification and training to version 9, focusing on the latest cyber attack vectors and addressing new vulnerabilities. With CEH training in preparation for the new CEH exam, students will gain access to thousands of the most commonly used hacking tools to help them look for vulnerabilities in their organization’s network just like a hacker would.
Covering 270 attack technologies, training for EC-Council’s venerable CEH certification is an advanced hacking course that now features 18 of the most current and comprehensive security domains. Site administrators, security officers, auditors and other security professionals concerned about the integrity of their network infrastructure depend on the skills and knowledge gained in CEH training. Having the latest tools and information is essential to their jobs.
What’s New in CEH v9
Seeing a need for an update, EC-Council’s security experts designed 140 hands-on labs mimicking current threats in the latest version of CEH. Students will experience real-time attacks in the CEH course environment. The new CEH courseware includes the latest mobile hacking tools, as well as 40 percent new hands-on labs.
Since EC-Council’s inception in 2002, more than 140,000 cybersecurity professionals have earned CEH, internationally recognized as the leading hacking certification. With the huge need for certified cybersecurity professionals across the globe, Eric Lopez, EC-Council’s director of Online Learning, said the number of CEH credential holders is estimated to reach 243,000 by 2020.
New Threats in Your Hands
As tablets and mobile devices become more prevalent in every home and – depending on your organization’s BYOD policy – in most offices, they will also become bigger targets for hackers. The new CEH training addresses the latest hacking attacks targeted to smartphones, Web-based technologies and tablet computers, as well as countermeasures to secure your organization’s mobile infrastructure, including:
- DDoS attacks
- System hacking
Today’s Greatest Hacks
In addition to some old favorites, like the latest Trojan, virus and backdoor attacks, EC-Council’s CEH update covers the latest incarnations of the hacks listed below with the Common Vulnerabilities and Exposures (CVE) system reference number for publicly known cybersecurity attacks, maintained by MITRE Corporation:
- Heartbleed (CVE-2014-0160) affects the OpenSSL library, a popular implementation of the Transport Layer Security (TLS) protocol used by thousands of websites and cloud providers. Look for more details on Heartbleed in CEH v9 Module 18: Cryptography.
- Shellshock, also known as Bashdoor (CVE-2014-6271), exposes vulnerabilities in the popular UNIX-based Bash shell command language that Linux and OS X utilize. Many popular Web servers use Bash to process requests. A vulnerable version of Bash allows a hacker to execute arbitrary commands and take control of a network. Look for information on Shellshock in CEH v9 Module 11: Hacking Webservers.
- POODLE, which stands for “Padding Oracle On Downgraded Legacy Encryption” (CVE-2014-3566), allows hackers to decrypt SSLv3 connections. Hackers can then control your account on a service without a valid password. You can find more details on POODLE in CEH v9 Module 18: Cryptography.
New Threats in the Cloud
To help students with the rapid pace of new attacks, CEH v9 more thoroughly covers emerging technologies like cloud computing. Students will learn proven countermeasures to combat cloud computing attacks, as well as precise penetration testing methodologies for cloud systems to identify threats before they launch.
Certified Ethical Hacker v9