CEH V11 | All You Need To Know

Table Of Contents

4. What you will learn in the CEH v11 training program?

What is CEH V11?

All the cybersecurity professionals were waiting for the launch of the CEH v11 training program for a lot of time.

Your wait is over. Now, EC-Council has updated the old version of their ethical hacking certification CEH v10 to CEH v11.

Let us see what is new in this 11th version of ethical hacker certification and why it’s different from the old version.

Before that, here is a brief description of the importance of CEH.

CEH certification

As you all know the increased number of cyber crimes and the expansion of methodologies of cyber-attacks resulted in high demand for cybersecurity professionals all over the world.

After the introduction of CEH in 2003, it is considered a standard in the field of information security.

CEH training program trains cybersecurity professionals to work as ethical hackers and penetration testers.

A certified ethical hacker recognizes the malicious attacker’s strategy and its attacking vectors.

A CEH professional mimics the Skills and styles of black hat hackers so that, they can find out the vulnerabilities and weaknesses of the security systems of organizations.

Now let us discuss the significance of the updated version of the ethical hacker certification course by EC-Council.

What is CEH v11 and why is it demanding?

The Certified Ethical Hacker V11 (CEH V11) course is the most demanding and desired information security training program around the globe.

Any information security professional will need this certification to upgrade their skill in this field.

CEH v11 covers all the scenarios you could face when you work as a security defender of an organization.

The CEH still focuses on knowledge of one’s core security features and how they use it to interpret the threats in the infrastructure of security systems.

After completion of this course, you will be armed with an understanding of the latest commercial hacking tools, practices, and methodologies used by real-world hackers. 

Now let us discuss what kind of new tools, scripts, and technologies added to the new version (CEH v11).

What’s New in CEH v11?

CEH v11 course is introduced by EC-Council with the inclusion of more topics into the curriculum whereas removing some topics present in CEH v10.

CEH V11 course includes all concepts in the objectives so you can master the skills and knowledge you need to pass the CEH exam.

Through the Certified Ethical Hacker CEH v11 training program, you will be expertise in the latest commercial-grade hacking tools, techniques, and methodologies used by hackers and information security professionals to rightfully hack an organization.

Globally CEH v11 certification is a highly demanding security certification with high reward.

In its 11th version, CEH continues to evolve with the latest operating systems, tools, tactics, exploits, and technologies. Here are some critical updates of CEH v11:

Incorporating Parrot Security OS

When compared to Kali Linux, Parrot Security OS offers better performance on lower-powered laptops and machines while offering an intuitive look and feel with a bigger repository of general tools.

Re-Mapped to NIST/NICE Framework

CEH v11 is mapped rigorously to important Specialty Areas under the NIST/NICE framework’s Protect and Defend (PR) job role category overlapping with other job roles, including Analyze(AN) and Securely Provision (SP).

Enhanced Cloud Security, IoT, and OT Modules

View Original CEH v11 covers updated Cloud and IoT modules to include CSP’s Container Technologies (e.g., Docker, Kubernetes), Cloud Computing threats, and a variety of IoT hacking tools (e.g. Shikra, Bus Pirate, Facedancer21, and more).

This is critical as the world moves towards broader and deeper cloud adoptions.

1. Cloud−Based Threats

As the cloud industry is estimated to reach $354 billion by 2022, businesses struggle to limit the frequency of data theft incidents due to misconfigured cloud environments.

January to April 2020 alone we could see a 630% spike in cloud-based attacks. Find out how to avoid, identify, and answer cloud-based attacks with CEH v11.

2. IoT Threats

Market reports anticipate that the worldwide IoT-connected devices are expected to succeed in 43 billion by 2023.

To support this rapid expansion, the prominent players of the internet, including Amazon Web Services, Google, IBM, Microsoft, are swiftly shifting to private cloud services, creating complexities in IoT ecosystems.

Learn to deal with IoT-based attacks with the CEH v11 course that covers the newest IoT hacking tools, like Shikra, Bus Pirate, Facedancer21, and lots of others.

3. Operational Technology (OT) Attacks

Last year, businesses experienced a 2,000% rise in OT based incidents. You can gain expertise in OT, IT, and IIoT (industrial IoT) to secure critical enterprise OT/IoT deployments.

To learn the advanced skills of OT, CEH covers concepts of OT, like ICS, SCADA, and PLC, various challenges of OT, OT hacking methodology, tools, communication protocols of an OT network like Modbus, Profinet, HART-IP, SOAP, CANopen, DeviceNet, Zigbee, Profibus, etc., and gaining Remote Access using DNP3 protocol.

Modern Malware Analysis

CEH v11 now covers the latest malware analysis tactics for ransomware, banking and financial malware, IoT botnets, OT malware analysis, Android malware, and more!

Covering the Latest Threats – Fileless Malware

As the security community observed an increase in fileless attacks, it began to boost concerns about fileless malware attacks.

As fileless malware may be a relatively new sort of malware attack, organizations find it difficult to detect with endpoint security solutions.

With the CEH v11, you can now understand various fileless malware techniques with associated defensive strategies, as the course focuses on the taxonomy of fileless malware threats, fileless malware obfuscation techniques to avoid antivirus, launching fileless malware by script-based injection, launching fileless malware by way of phishing, and more.

New Lab Designs and Operating Systems

This latest iteration of CEH v11 covers new operating systems like, Windows Server 2019, Windows Server 2016, and Windows 10 configured with Domain Controller, firewalls, and vulnerable web applications for practising and improving hacking skills.

Increased Lab Time and Hands−on Focus

More than 50% of the CEH v11 course is dedicated to practical skills in live ranges by providing more practical oriented training.

Industry’s Most Comprehensive Tools Library

The CEH v11 course covers a library of the latest tools needed by security practitioners and pen testers across the world.

From these updates, it is clear that the new version is fully packed to mould you to become the best cybersecurity professional.

This is the world’s most progressive certified ethical hacking course with 20 of the most current security domains.

These domains are very important whenever set the information security framework of their organization.

The course covers 340 attack technologies commonly used by hackers in 20 comprehensive modules.

Course Outline

This CEH v11 training program consists of 20 different modules. they are listed below,

1. Introduction to Ethical Hacking
2. Footprinting and Reconnaissance
3. Scanning Networks
4. Enumeration
5. Vulnerability Analysis
6. System Hacking
7. Malware Threats
8. Sniffing
9. Social Engineering
10. Denial-of-Service
11. Session Hijacking
12. Evading IDS, Firewalls, and Honeypots
13. Hacking Web Servers
14. Hacking Web Applications
15. SQL Injection
16. Hacking Wireless Networks
17. Hacking Mobile Platforms
18. IoT and OT Hacking
19. Cloud Computing
20. Cryptography

What you will learn in the CEH v11 training program?

The 11th version of CEH adds more topics into the course content to make you perfect to analyze the infrastructure and security system of an organization.

After the successful completion of this training, you will be having deep knowledge of this field including,

• Ethical hacking concepts, cyber kill chain concepts, an overview of information security, security controls, and various laws and regulations related to information security.
• Footprinting concepts and methodologies and utilizing footprinting tools along with the countermeasures
• Performing network scans, host and port discovery by utilizing different scanning tools
• Enumeration techniques that now includes NFS enumeration and related tools, DNS cache snooping, and DNSSEC Zone walking along with the countermeasures
• Concepts of vulnerability assessment, its types, and solutions along with a hands-on experience of industrial tools used
• Phases of system hacking, attacking techniques to obtain, escalate, and maintain access on victim along with covering tracks.
• Malware threats, analysis of various viruses, worms, and trojans like Emotet and battling them to prevent data. APT and Fileless Malware concepts have been introduced to this domain.
• Packet sniffing concepts, techniques, and protection against the same.
• Social engineering concepts and related terminologies like identity theft, impersonation, insider threats, social engineering techniques, and countermeasures
• Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, use cases, and attack & defence tools
• Security solutions like firewall, IPS, honeypots, their evasion, and protection
• Web server and web application-based attacks, methodologies
• SQL injection, hijacking, and evasion techniques
• Wireless encryption, wireless hacking, and Bluetooth hacking-related concepts
•  Mobile device management, mobile platform attack vectors, and vulnerabilities related to Android and iOS systems
• Operational Technology (OT) essentials, threats, attack methodologies, and attack prevention. The concept of OT is a new addition.
• Recognizing the vulnerabilities in IoT and ensuring the safety of IoT devices
• Encryption algorithms, Public Key Infrastructure (PKI), cryptographic attacks, and cryptanalysis
• Cloud computing, threats and security, essentials of container technology and serverless computing

Introducing The Break The Code Challenge With CEH v11

In this new version, EC-Council is introducing the break the code challenge with CEH v11.

It includes 24 incredible hacking challenges across 4 levels of intricacy that cover 18 attack vectors, including the OWASP Top 10 as a part of our Gamification Platform is now included in the CEH v11 certification program!

Pre-Requisites

Don’t worry!

This course doesn’t need any top academic background.

Anyone who passed the 12th board exam and has a basic knowledge of networking or CCNA can attend the training program and upgrade their skill to secure a better career in cybersecurity.

Course Duration

Training Boot Camps Days: 5

Minimum Hours: 40

Academic Courses Days: Adapts according to the academic format of universities

Minimum Hours: Vary according to program requirements of universities

Details of Examination

CEH(ANSI)

Exam Title: Certified Ethical Hacker (ANSI)  

Exam Code: 312-50 (ECC EXAM), 312-50 (VUE)  

Number of Questions: 125

Duration: 4 hours  

Availability: ECC EXAM / VUE  

Test Format: Multiple Choice

CEH(PRACTICAL)

Exam Title: Certified Ethical Hacker (Practical)

Number of Practical Challenges: 20  

Duration: 6 hours  

Availability: Aspen- iLabs  

Test Format: iLabs cyber range

Passing score: 70%

The passing score also depends on the complexity of the questions in the exam.

Major Job Roles For CEH Professionals

Conclusion

This article will give you a complete idea of what is CEH v11. The differences and advancement of the updated version of ethical hacking certification are fully explained in this article.

Check out RedTeam Hacker Academy’s Certified ethical hacker v11 training program with EC-Council certification?

Don’t wait, join the course with us, upgrade your skill, and secure a better position in the field of cybersecurity.