Collection of CEH V9 Topics

I’m taking the CEHv9 soon and since I didn’t have any V9 materials to study, I’ve been looking around various forums trying to get clues to what the new test topics are (and more than what is provided on EC- Council’s website). For those who I have sat through the test, I’d appreciate a quick review. I tried to keep the list to things that are beyond the v8 material.

Terminology: Common Bluetooth hacking, XOR truth table
Popular incidents: Heartbleed – OpenSSL vulnerability, Shellshock – Bash vulnerability, POODLE SSLv3 vulnerability
Phases: Attacker phases, Incident management phases
Risk: Methods to reduce risk and the risk equation, Calculating basic ALE/SLE/ARO
Purpose of AAA protocol
Purpose of IPsec
Rootkits –their capability and how they can defeat current OS security controls
Steganography: Types of files it can be used with, its use in watermarking and copyrighting
Tools: Armitage, Metagoofil, Snow, Aircrack-ng/ kismet, Nikto,
Law/policy: HIPPA, PCI, Contracts for penetration testing, ISO 27001, DCMA, COBIT

Find more posts tagged with

Comments

UncleB

I haven't seen any books or test exams for v9 yet, but I see Sybex has some due out next month:
CEHV: Certified Ethical Hacker Version 9 Study Guide: Amazon.co.uk: Sean Philip Oriyano: Books
CEH: Certified Ethical Hacker Version 9 Practice Tests: Amazon.co.uk: Raymond Blockmon: 9781119252153: Books

I do have PDFs of the training slides but there is a lack of background notes to make these particularly useful - you can but the course book on ebay but it is about $500 the last I looked.

Good luck in finding anything this early without going on a training course.
Iain

pcmanhouse

Exactly! All study material is due out next month while I need to take it this month. Thus why I'm trying to put together some more realistic exam topics based on what people have been saying about the test.

UncleB

From what I see at What You Need To Know About The Certified Ethical Hacker - CEH V9 - Cybersecurity Zen :

"The CEH v9 focuses on new attack vectors. It has an updated emphasis on cloud computing technology and ensures that its certification holders are well versed in countermeasures to combat cloud computing attacks.

Additionally, the CEH v9 is different from CEH v8 by placing a deeper emphasis on mobile platforms and table computers. This is directly in line with the latest developments in mobile and web technologies, and addresses the rising popularity of use of these devices- even for hacking.

For the first time ever, the CEH v9 focuses on performing hacking techniques using mobile phones and tablets, and covers the latest mobile hacking tools in all the modules presented."

If you haven't done the course then you probably won't have the tools to run the labs the exam is based on, so I wouldn't fancy your chances. Having said that, if it is still all multiple choice then there is not such a challenge.

Can you not reschedule the exam for 2 months? Then you would have a chance to get the training material, work through it and avoid the risk of paying twice for the exam.

thanks
Iain