Do you want to be an information security professional or an Ethical Hacker? Then you can learn by finding answers to the following questions. You can search Google, read book, or even ask the security professionals around you to get the answers. Knowing these (and doing/practicing/analyzing/thinking/applying/building/relating) for sure will help.
What you might need to know for Ethical Hacking (CEH Foundation)
First some Operating System Basics
What is an Operating System? What is a kernel?
How do Windows Kernel and Linux Kernel differ?
What is ring or layered architecture for Kernel?
What is a file system? Give examples of File System. Give some details on the File Systems that you just mentioned.
What are device drivers?
Difference between stacks and heaps?
Types of windows authentication? Local and Central
How can you backup and restore windows registry?
What is windows event viewer? How can you use to identify security incidents?
What are windows services?
Where can you see windows security policies?
What is the shell command wf.msc ?
What do the following commands do? Is there any relation to security ? tasklist, tracert, ipconfig, driverquery, cipher, assoc
What are the permission groups in Linux?
What is a IPTable in Linux? Give some IPTable related commands? Also give some related concepts. How can you use them to ensure/check security? What are input chain, output chain, forward chain?
What do the following files do in Linux/Unix? /etc/hosts.allow, /etc/hosts.deny
What do the following commands do? uname, sudo, last, diff, history, uptime, w, crontab, lsof, kill
What are TCP wrappers?
What is uid, gid in Linux? Also, what is sticky bit? What is SELinux? What is LDAP? What is Active Directory?
How can you dump all password hashes in windows? and do similar in Linux?
How can you set password policy?
What is Powershell Integrated Scripting Environment?
what does netsh.exe do?
What do the following powershell cmdlets do? Stop-Process, Get-Process, Get-eventlog, Export-csv, Get-Service, Get-Help, Get-CimInstance, Get-WmiObject
What is a Hypervisor? Types of Hypervisors?
What is a Type 1 Hypervisor? What is a Type 2 Hypervisor?
What are snapshots? How can you use this for the integrity of the Operating System and the installed software?
What are common security issues with Virtual Machines?
Unpatched Hypervisor, Insecure Management Console, Dormant virtual machines: What are these?
What are the commercial/free software to create virtual machines?
What is docker? What is Software Containerization? How can docker help? Any other alternatives to Docker?
What is Kubernetes?
What are SaaS, PaaS, IaaS?
What are cloud security considerations?
How the following can happen in Cloud? What can you do about these?
Data Loss, Account Hijacking, Insecure APIs, Denial of Service Attack, Legal Issues, Abuse by malicious insiders.
Define Confidentiality, Integrity, Availability.
Give examples of attacks that affect confidentiality?
Give examples of attacks that affect Integrity?
Give examples of attacks that affect Availability?
How do Functionality, Usability, Security interact/influence each other? Define them as well.
Define Authentication, Authorization, and Accounting (AAA)? How are they related?
What is nonrepudiation?
What is a vulnerability?
What is a zero day vulnerability?
What is an exploit? What is a Risk? What is Threat?
What are some Natural, Physical, and Human threats to Information Security?
What is Defense in Depth architecture for Information Security? (layered … )
What are the types of hackers? How do they differ?
Black Hats, White Hats, Gray Hats, Suicide Hats, Script-Kiddies, Spy Hacks, Cyber Terrorists, State Sponsored Hacks : what are these?
Difference between Hacking and ethical Hacking?
What are the steps in Incident Management?
What is a penetration testing? Does it apply to the infrastructure or the software?
What is security assessment? Is it required?
What are the types of Penetration Testing? Black, gray, White,
What are other testing for security? Announced, manual, automated
What are the steps in Penetration Testing?
What should you do in the pre-attack phase, attack phase, post-attack phase.?
Define False Positive and False Negative Security alarms?
What is Footprinting?
What are the ways hackers collect information about your organization (assets)?
How do hackers use Pipl?
What is Enumeration in the hacking process?
How can you use Maltego? https://www.paterva.com/buy/maltego-clients/maltego-ce.php . How hackers use this?
What do the following commands do? Finger, Netscan tools, superscan, nmap,
what is https://www.shodan.io/?
What is nbtstat tool?
what can you find on www.sec.gov/edgar.shtml?
Where can you trace emails? www.traceemail.com/trace-email-header.html
readnotify.com what does it do?
What are attack vectors when it comes down to web-application hacking?
Give some example of web-application flaws?
Give some example of web-application authentication flaws?
Give some example of web-application authorization flaws?
Give some example of web-application session management flaws?
Give some example of web-application input validation flaws?
Give some example of web-application configuration management flaws?
What are the steps in Web Application Hacking Methodology?
Analyze web-app, identify entry and exit points, break down components, test for vulnerability, automated security scanning, remove false positives, reporting with remediation
What can you do to mitigate and prevent the security flaws mentioned above? authentication flaws, authorization flaws, session management flaws, input validation flaws, configuration management flaws, auditing and logging flaws?
What are some advantages and risks of Wireless Networking?
What do you know about OSA authentication, Shared Key authentication and centralized authentication for Wireless Networks? At least give some examples?
What are some common Wireless Threats?
What are the steps in Wireless Hacking Methodology?
Discover Wi-fi networks, GPS Mapping, Wireless Traffic Analysis, execute attacks (), break wi-fi encryption
attacks: Fragmentation, MAC-spoofing, De-authentication, Man-in-the-middle, Evil twin
What is Spectrum Analysis? How can Bluetooth hacking happen? What is Bluetooth pairing?
What are common Bluetooth Threats?
loss personal data, hijacking, sending SMS, use airtime, malicious code, bluejacking,, blue sniffing, bluesmacking, bluesnarfing
How can you defend against bluetooth attacks? PIN change, go to hidden mode, monitor pairing, enable only when needed, review pairing requests
What are common Mobile Attack Vectors? Malware, Jailbreak, application modification
Jailbreak: enable to run all 3rd party applications, corrupt kernel
Provide some Android, and iOs security guidelines?
What is IDS? How does it work? Can IDS be used for Anomaly Detection?
What are the different types of IDS? Network Host, Log, File
What are the approaches to evade IDS? Insertion attack, DoS, Obfuscating/Encoding, Session Splicing, invalid packets, polymorphic shellcodes
What are the common Symptoms of an Intrusion?
DMZ what is it?
What are the following concepts for Firewall architecture? Bastion Host, Screened subnet, multi-homes subnet
What are the different types of firewalls? Packet, circuit, application level, stateful inspection
how to detect firewalls in the target system? What is Port Scanning? How can it help in this case?
What is firewalking? What is the purpose?
What are some possible ways to evade firewalls? IP Address spoofing, source routing, use a proxy to bypass firewalls, tunneling
What are Honeypots? What are the types? High, Low -> interactions
How can you detect Honeypots? HPING, Port Scan detect all services, Send Safe Honeypot Hunter,
What are the different types of Encryption?
What is the concept: Key Escrow?
What are DES, AES, RSA, Private key cryptography, Public Key Cryptography?
What is the Advanced Encryption Package?
Give some details on how Message Digests are used in securing and also in hacking?
What is PKI?
What is Splunk?
By
Sayed Ahmed
Linkedin: https://ca.linkedin.com/in/sayedjustetc
Blog: http://Bangla.SaLearningSchool.com, http://SitesTree.com
Online and Offline Training: http://Training.SitesTree.com
If you want to contribute to the operation of this site including occasional free online training (using Skype, Zoom.us): http://Training.SitesTree.com (or charitable/non-profit work in the education sector), you can financially contribute to: safoundation at salearningschool.com using Paypal. Sometime, we also provide
Affiliate Links:
Hottest Deals on Amazon USA: http://tiny.cc/38lddz
Hottest Deals on Amazon CA: http://tiny.cc/bgnddz
Hottest Deals on Amazon Europe: http://tiny.cc/w4nddz
Reference: Certified Ethical Hacker Guide, S. A. Rahalkar From: https://sitestree.com/do-you-want-to-be-an-information-security-professional/
Categories:Root
Tags:
Post Data:2019-11-21 21:40:17
Shop Online: https://www.ShopForSoul.com/
(Big Data, Cloud, Security, Machine Learning): Courses: http://Training.SitesTree.com
In Bengali: http://Bangla.SaLearningSchool.com
http://SitesTree.com
8112223 Canada Inc./JustEtc: http://JustEtc.net (Software/Web/Mobile/Big-Data/Machine Learning)
Shop Online: https://www.ShopForSoul.com/
Medium: https://medium.com/@SayedAhmedCanada
