Domain 2 of CEH v11: Reconnaissance Techniques (21%) - PowerPoint PPT Presentation

About This Presentation
Title:

Domain 2 of CEH v11: Reconnaissance Techniques (21%)

Description:

Reconnaissance is the initial step that every ethical hacker follows. Reconnaissance is a method of gathering all the important information about our target system and network. – PowerPoint PPT presentation

Number of Views:122

less

Transcript and Presenter's Notes

Title: Domain 2 of CEH v11: Reconnaissance Techniques (21%)


1
Domain 2 of CEH v11 Reconnaissance Techniques
(21)
www.infosectrain.com sales_at_infosectrain.com
2
www.infosectrain.com sales_at_infosectrain.com
3
  • Domains of CEH
  • CEH v11 comprises the following domains
  • Information Security and Ethical Hacking
    Overview-6
  • Reconnaissance Techniques-21
  • System hacking phases and Attack Techniques-17
  • Network and perimeter hacking-14
  • Web application hacking-16
  • Wireless network hacking-6
  • Mobile platform, IoT, and OT hacking-8
  • Cloud Computing-6

www.infosectrain.com sales_at_infosectrain.com
4
www.infosectrain.com sales_at_infosectrain.com
5
  • We will discuss the second domain of CEH, which
    is Reconnaissance Techniques.
  • What is reconnaissance?
  • Reconnaissance is the initial step that every
    ethical hacker follows. Reconnaissance is a
    method of gathering all the important information
    about our target system and network.
  • The ethical hacker follows the below steps to
    gather the maximum information about the target
  • Collect the initial information
  • Determine the range of the network
  • Identifies the active machines
  • Identifies the access ports and open ports
  • Fingerprint the operating system
  • Uncover services on ports
  • And finally, map them.





www.infosectrain.com sales_at_infosectrain.com
6
  • Types of reconnaissance
  • There are two types of reconnaissance
  • Active reconnaissance Active reconnaissance is a
    process of gathering information by directly
    engaging with the target system. Ethical hackers
    can perform active reconnaissance by using
    different tools like Netcat, Ping, and
    Traceroute. This recon is faster and accurate
    simultaneously, the chances of getting detected
    are also very high because the ethical hacker is
    directly interacting with the target system.
  • Passive reconnaissance Passive reconnaissance is
    the process of gathering information about a
    target computer or network without actively using
    it. Its a way to acquire data about a victim
    without making them aware of it. Ethical hackers
    use tools like Shodan and Wireshark to perform
    passive reconnaissance.





www.infosectrain.com sales_at_infosectrain.com
7
  • Reconnaissance Techniques
  • There are three reconnaissance techniques
  • Footprint and reconnaissance
  • Scanning networks
  • Enumeration





www.infosectrain.com sales_at_infosectrain.com
8
  • 1.Footprint and reconnaissance Footprinting is a
    technique used to gather as much information as
    possible about a target network, victim, or
    system. It aids hackers in several ways to
    compromise a companys infrastructure. The
    security posture of the target may also be
    determined using this kind of penetration
    testing.
  • Footprinting can be done passively or actively.
    Passive footprinting, such as looking at a
    companys website and collecting information,
    active footprinting, such as using social
    engineering techniques to access sensitive data.
  • During this phase, ethical hackers will collect
    information like
  • IP addresses
  • Domain name
  • Employee information
  • Namespaces
  • E-mails
  • Phone numbers





www.infosectrain.com sales_at_infosectrain.com
9
2. Network scanning Network scanning identifies
active ports, hosts, and the various services
used by the target application. For example,
assume you are an ethical hacker and trying to
find weak points in the application. You use
network scanning to find out those points. In
simple terms, to hack a network, youll need to
discover a weak point in the system that can be
exploited. Such network nodes can be located by
performing a Network Scanning operation. The
difference between reconnaissance and network
scanning Assume you are a police officer and are
planning to find some criminal. First of all, you
will gather all the information about the
criminals like name, location, and daily routine,
which is called reconnaissance. Then you will
find an entry point to enter into his home to
attack him, and the process of finding the entry
point is called network scanning.




www.infosectrain.com sales_at_infosectrain.com
10
  • Types of network scanning
  • There are two types of network scanning
  • Port scanning Port Scanning, as its name
    suggests, finds out which ports are active on the
    network. Scanners transmit client requests to a
    range of ports on the target network and then
    store the details of the ports that respond to
    the requests. In this way, active ports are
    discovered.
  • There are various types of port scanning. They
    are
  • TCP scanning
  • SYN scanning
  • UDP scanning
  • ACK scanning
  • Window scanning
  • FIN scanning
  • Vulnerability scanning An ethical hacker uses
    vulnerability scanning to find out the weaknesses
    in the network. This identifies vulnerabilities
    that are caused by inappropriate programming or
    misconfigured networks.





www.infosectrain.com sales_at_infosectrain.com
11
  • 3. Enumeration Enumeration is described as the
    procedure by which the user names, hostnames,
    network resources, shares, and services may be
    extracted from a system. In this step, the
    attacker connects with the system and makes
    directed requests to learn more about the target.
  • By using enumeration, ethical hackers can get the
    information of
  • SNMP data, if they are not secured correctly.
  • Network shares
  • Usernames of different systems
  • IP tables
  • Password policies lists





www.infosectrain.com sales_at_infosectrain.com
12
CEH with InfosecTrain InfosecTrain is one of
the leading training providers with a
pocket-friendly budget. We invite you to join us
for an unforgettable journey with industry
experts to gain a better understanding of
the Certified Ethical Hacker course. Courses can
be taken as live instructor-led sessions or as
self-paced courses, allowing you to complete your
training journey at your convenience.




www.infosectrain.com sales_at_infosectrain.com
13
About InfosecTrain
  • Established in 2016, we are one of the finest
    Security and Technology Training and Consulting
    company
  • Wide range of professional training programs,
    certifications consulting services in the IT
    and Cyber Security domain
  • High-quality technical services, certifications
    or customized training programs curated with
    professionals of over 15 years of combined
    experience in the domain

www.infosectrain.com sales_at_infosectrain.com
14
Our Endorsements
www.infosectrain.com sales_at_infosectrain.com
15
Why InfosecTrain
Global Learning Partners
Access to the recorded sessions
Certified and Experienced Instructors
Flexible modes of Training
Tailor Made Training
Post training completion
www.infosectrain.com sales_at_infosectrain.com
16
Our Trusted Clients
www.infosectrain.com sales_at_infosectrain.com
17
(No Transcript)
18
Contact us
Get your workforce reskilled by our certified and
experienced instructors!
IND 1800-843-7890 (Toll Free) / US 1
657-221-1127 / UK 44 7451 208413
sales_at_infosectrain.com
www.infosectrain.com
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Domain 2 of CEH v11: Reconnaissance Techniques (21%)" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!