CEH: Certified Ethical Hacker
Random

Click random to get a fresh chapter.

CEH (Certified Ethical Hacker) Exam Survival Guide

Window: Global | Security knowledge & tools | 125 Q / 4 hrs

Must-do topics

• Reconnaissance: footprinting, scanning, enumeration, OSINT
• Exploitation: malware types, buffer overflow basics, privilege escalation
• Tools: Nmap, Wireshark, Metasploit, Nessus, Burp Suite, Aircrack
• Attacks: DoS/DDoS, MITM, phishing, SQL injection, XSS, password cracking
• Security controls: firewalls, IDS/IPS, VPNs, honeypots, SIEM basics
• Cryptography: symmetric/asymmetric, hashing, PKI, SSL/TLS, digital signatures
• Wireless security: WPA2/WPA3, rogue AP, evil twin

Top traps (avoid)

• Confusing tool purpose (Nmap vs Nessus vs Metasploit)
• Forgetting OSI layer mapping for attacks/controls
• Mixing symmetric/asymmetric key uses (AES vs RSA)
• Choosing black-hat actions; exam focuses on lawful/authorized use
• Ignoring wireless standards frequency/speed differences

Time split

• 125 Q, 4 hrs → ~2 min/Q
• Two-pass: answer recall Qs → return for tool/config questions

Last-48h checklist

• OSI attack mapping; port numbers; default service ports
• SQLi/XSS injection syntax; mitigation methods
• Cryptography uses: hashing vs encryption vs signing
• Wireless WPA2/WPA3 differences

Quick facts

• Nmap = scanning; Nessus = vulnerability; Metasploit = exploitation
• Symmetric = fast, same key; Asymmetric = slow, key pairs
• Hashing = integrity; Encryption = confidentiality; Signing = authentication
• WPA2 uses AES-CCMP; WPA3 adds SAE handshake

Speed tactics

• Eliminate tools that don’t fit scenario goal
• If in doubt, pick the defensive/authorized choice
• Remember: attack + countermeasure pairing often tested

Day-of mini-plan

• Warm-up: 15 port numbers + 5 OSI layer mappings
• Pace 30 Q/hour; review flagged at halfway point
• Keep hydrated; stay calm; trust first tool–attack mapping instinct