[CEH v10] A Quick Note About EC-Council’s New Version - Mercury

Companies continue mining the data for marketing purpose. And, this is the space where hackers can take advantage of. Beware of these spaces that are easily prone to attacks and tackle the cyber attacks.
 

EC-Council sets the standards for cybersecurity again with its new release of CEH V10.
 

Keep in touch with the industry’s news and meet the upcoming industry demands. See what’s new in version: CEH v10?

EC-Council has announced its latest version CEH v10, the tenth edition of the most in-demand certification related to cybersecurity.
 

Since its inception way back in 2003, the certified ethical hacker certification has become the hiring standard for several Fortune 500 organizations, Government agencies, and as the baseline certification for United States Department of Defense Directive 8570.

CEH, being the globally accepted certification, is ANSI 17024 compliant and adds value to the credential members. This course in its 10th iteration has got updated with the tools and techniques used by information security professionals and the hackers to hack any of the systems.
 

The course mainly envelopes the five phases of ethical hacking. They are:
 

• Diving into Reconnaissance
• Gaining Access
• Enumeration
• Maintaining Access
• Covering your Tracks
   

Highlights of CEH v10:
 

1. Compliant with Nice 2.0 Framework:
 

CEH v10 maps 100% to NICE framework’s Protect and Defend specialty area
 

2. New Modules:
 

A] Vulnerability Analysis: This topic will get you acquainted with the skill to perform vulnerability analysis. You will be able to identify the security loopholes present in the network, communication infrastructure, and, end systems.
 

It helps you to manage
 

• Vulnerability management lifecycle
• Perform vulnerability assessment through various tools/approaches
   

B] IoT Hacking: This module, introduced in the wake of unprotected IoT devices’ threat gives you the basic understanding of the potential threats related to IoT platforms and help you defend IoT devices.
 

CEH V10 ANSI Course  

3. An Insight into Cloud computing threats and attacks:
 

It provides an insight into the emerging threats like:

• Cloud computing threats
• Cloud computing attacks
• Cloud computing security and tools
• Pen-testing steps
   

Moreover, it teaches you to use Artificial Intelligence to defend the network against attacks that an antivirus scan may fail to detect.
 

4. Each module has hacking challenges:
 

Once you complete a module, you can practice what you have learned that could be used helpfully to solve real-time challenges.  
 

5. Latest Malware:
 

This module highlights the latest malware namely the IoT botnet, Android malware, latest ransomware, banking/financial malware, and, etc.
 

6. Malware Analysis Process:
 

This topic will make you learn reverse engineer malware so as to determine the origin, functionality, and potential impact of the malware, which is a crucial skill for an ethical hacker.
 

7. Hands-on Program:
 

The theory to practice ratio for CEH program now onwards is 60:40, which is achieved through EC-Council iLabs. Moreover, the participants can purchase and acquire additional labs post training for practice through EC-Council iLabs platform.
 

8. Lab environment simulating Real-time environment:

CEH v10 lab environment has the latest operating systems. They are Windows Server 2016 and Windows 10 configured with Domain Controller, firewalls, and vulnerable web applications.
 

9. Latest Hacking tools:
 

The CEH v10 course possesses a library of tools essential for security practitioners and pentesters to work across operating platforms like Windows, MAC, Linux, and Mobile.
 

10. ANSI accreditation:

Earning the ANSI accreditation validates your skill and knowledge that meets the predefined industry requirements.

Vulnerability Assessment & Penetration Testing [VAPT] Learning Track:
 

As we all know, the cybersecurity programs and credentials are always organized into learning paths facilitating the professionals to specialize in a select domain and advance the skills.  
 

The learning path is as follows:

Image Source: EC-Council

Certified Network Defender [CND]: The course has hands-on labs based on network security tools facilitating the network administrators to gain knowledge on current network security operations and technologies.
 

Certified Ethical Hacker [CEH]: You can challenge your skill to use of hacking tools and techniques by taking up the CEH practical exam and prove your learned skills.
 

EC-Council Certified Security Analyst [ECSA]: This program helps you to use the tools and techniques learned in CEH to the next level through penetration testing methodology.
 

Licensed Penetration Tester [LPT]: You will advance your penetration testing skills in this course. You will learn all the Penetration Testing process and life cycle with a focus on writing reports.

Let us move forward and know each of the details in a stepwise manner.

Course Outline:  

The course outline is as listed below:

• Information security world, penetration testing, and incident management process.
• Footprinting, its tools, and countermeasures.
• Network scanning techniques and its countermeasures.
• Enumeration techniques and its countermeasures.
• System hacking, steganography, and its attacks.
• Viruses, worms, malware: analysis and countermeasures.
• Trojans, Analysis, and its countermeasures.
• Packet sniffing techniques and its defense
• Social Engineering techniques and countermeasures.
• DoS/DDoS: Techniques, tools, botnets, and countermeasures.
• Session hijacking techniques and countermeasures.
• Web server: Attacks, methodology, and countermeasures.
• Web application: Attacks, methodology to hack, and countermeasures.
• SQL injection: Attacks and detection tools.
• Wireless Encryption, hacking, tools, and Wi-Fi security tools.
• Vector, Android vulnerabilities, guidelines, and tools for mobile security guidelines.
• Techniques, tools, and countermeasures for IDS, Firewall, and, honeypot evasion
• Cloud computing: concepts, threats, attacks, and security.
• Cryptography ciphers, attacks, and tools; Public Key Infrastructure (PKI)
• Penetration testing, types, security audit, vulnerability assessment, and penetration testing roadmap.
• Perform vulnerability analysis
• IoT platforms: Threats and its defense
   

Intended Audience:
 

The targeted audience for this course are as follows:
 

• Ethical hackers
• System Administrators
• Network Administrators and Engineers
• Web Managers
• Auditors
• Security Professionals

New Exam Pattern:

Image Source: EC-Council

The CEH (Practical) is a 6 hours practical exam. It is built in the specification with the subject matter experts which will test the limits of the participating individual in regards to unearthing the vulnerabilities across the major operating systems, databases, and networks.
 

Prerequisites: Candidates must have CEH or CEH (ANSI) credential to receive the CEH (Practical) credential.
 

Successful candidates can represent both of their credentials as CEH (ANSI) and CEH (Practical) credentials.
 

CEH v10 is recognized or mapped by:
 

• The National Initiative for Cybersecurity Education (NICE)
• American National Standards Institute (ANSI)
• Committee on National Security Systems (CNSS)
• United States Department of Defense (DoD)
• National Infocomm Competency Framework (NICF)
• Department of Veterans Aairs
• KOMLEK
• MSC

How to take the exam?
 

Stay tuned and keep tracking our website https://www.mercurysolutions.co/ for the latest news update.