312-49

The ECCouncil 312-49 exam, Certified Ethical Hacker (CEH) v12, covers a broad range of cybersecurity topics. The main points can be categorized into these key domains:

1. Reconnaissance & Footprinting: This section focuses on the techniques used by ethical hackers to gather information about a target system or network before launching an attack. This includes:

• Passive and Active Reconnaissance: Understanding the differences and techniques used in each.
• Footprinting Techniques: Using various tools and methods to identify network infrastructure, operating systems, services, and vulnerabilities.
• Information Gathering: Collecting data from various sources like search engines, social media, and Whois databases.

2. Scanning Networks: This involves systematically probing a target network to identify vulnerabilities and potential entry points. Key aspects include:

• Port Scanning: Identifying open ports and services running on a target system. (Nmap, Nessus)
• Vulnerability Scanning: Using automated tools to detect known vulnerabilities in software and hardware. (Nessus, OpenVAS)
• Network Mapping: Creating a visual representation of the target network's topology.

3. Enumeration: This stage delves deeper into the information gathered during scanning to gain a more complete understanding of the target system's configuration and security posture. Key areas include:

• OS and Service Enumeration: Identifying the specific operating system and services running on target systems.
• User and Group Enumeration: Identifying users and their privileges within the network.
• Network Device Enumeration: Identifying network devices like routers, switches, and firewalls.

4. System Hacking: This section deals with exploiting vulnerabilities on individual systems. It covers:

• Exploiting Web Application Vulnerabilities: Such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF).
• Exploiting System Vulnerabilities: Using exploits to gain unauthorized access to systems.
• Privilege Escalation: Gaining higher-level access to a system after initial compromise.

5. Trojans & Backdoors: Understanding how these malicious programs grant unauthorized access and persist on a system.

6. Viruses, Worms, and Malware: This section covers the characteristics, propagation methods, and impact of different types of malware.

7. Sniffing and Eavesdropping: This involves techniques for intercepting network traffic and analyzing its contents.

8. Social Engineering: This focuses on manipulating individuals to divulge confidential information or perform actions that compromise security. Phishing, baiting, and pretexting are key concepts.

9. Denial-of-Service (DoS) Attacks: Understanding the methods used to disrupt the availability of network services and resources.

10. Session Hijacking: Techniques used to steal or hijack an active user session, gaining unauthorized access to the account.

11. Wireless Attacks: This covers various attacks targeting wireless networks, including WEP and WPA/WPA2 cracking.

12. Mobile Security: This section will touch upon security issues specific to mobile devices and applications.

13. Cloud Computing Security: This relatively newer section explores security implications pertaining to cloud-based systems.

Important Note: The specific weight and depth of coverage for each topic may vary slightly between exam versions. Always refer to the official ECCouncil exam guide and study materials for the most accurate and up-to-date information. The exam emphasizes practical knowledge and the ability to apply concepts, not just memorization.