Embed Size (px)
Citation preview
EC-Council
CEH Exam Blueprint v2.0
CEH Exam Blueprint 1
Sec on Knowledge of: WeightNumber of
I . Background A. networking technologies (e.g., hardware, infrastructure) 4% 5B. web technologies (e.g., web 2.0, skype)C. systems technologiesD. communica on protocolsE. malware opera onsF. mobi le technologies (e.g., smart phones) G. telecommunica on technologiesH. backups and archiving (e.g., loca l , network)
I I . Analys is/Assessment A. data analys is 13% 16B. systems analys isC. ri sk assessmentsD. technica l assessment methods
III . Securi ty A. systems securi ty controls 25% 31B. appl ica on/file server C. firewal ls D. cryptography E. network securi tyF. phys ica l securi tyG. threat model ingH. verifica on procedures (e.g., fa lse pos i ve/nega ve va l ida on) I . socia l engineering (human factors manipula on)J. vulnerabi l i ty scannersK. securi ty pol icy impl ica onsL. privacy/confiden al i ty (with regard to engagement)M. biometricsN. wireless access technology (e.g., networking, RFID, Bluetooth)O. trusted networksP. vulnerabi l i es
CEH Exam Blueprint 2
Sec on Knowledge of: WeightNumber of
IV. Tools / Systems / Programs
A. network/host based intrus ion 32% 40B. network/wireless sniffers (e.g., WireShark, Ai rsnort)C. access control mechanis ims (e.g., smart cards) D. cryptography techniques (e.g., IPsec, SSL, PGP)E. programming languages (e.g. C++, Java, C#, C)F. scrip ng languages (e.g., PHP, Java script)G. boundary protec on appl iances H. network topologiesI. subne ngJ. port scanning (e.g., NMAP)K. domain name system (DNS)L. routers/modems/switchesM. vulnerabi l i ty scanner (e.g., Nessus , Re na)N. vulnerabi l i ty management and protec on systems (e.g., Foundstone, Ecora)O. opera ng environments (e.g., Linux, Windows, Mac) P. an virus systems and programsQ. log analys is toolsR. securi ty modelsS. exploi ta on tools T. database s tructures
V. Procedures / A. cryptography 20% 25B. publ ic key infrastructure (PKI)C. Securi ty Architecture (SA)D. Service Oriented Archi tecture E. informa on securi ty incident F. N- er appl ica on des ignG. TCP/IP networking (e.g., network rou ng)H. securi ty tes ng methodology
VI. Regula on/Pol icy A. securi ty pol icies 4% 5B. compl iance regula ons (e.g., PCI)
VII. Ethics A. profess ional code of conduct 2% 3B. appropriateness of hacking
Programs
Methodology
