Certified Ethical Hacker Version Comparison Exam 312-50 Version Comparison CEHv8 vs CEHv7 CEHv7 CEHv8 Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation of concepts and attacks Exclusive section for best practices to follow to protect information systems against various attacks New and rich presentation style with eye catching graphics Latest OS covered and a patched testing environment Well tested, result oriented, descriptive and analytical lab manual to evaluate the presented concepts 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides No Document Document Page | 1 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Module Comparison of CEHv8 with CEHv7 Introduction to Ethical Hacking Hacking refers to exploiting system vulnerabilities and compromising security controls to gain unauthorized or inappropriate access to the system resources. The topics highlighted in red under CEHv8 Module 01: Introduction to Ethical Hacking are the new additions. CEHv7 Module 01: Introduction to Ethical Hacking CEHv8 Module 01: Introduction to Ethical Hacking Data Breach Investigations Report Data Breach Investigations Report Essential Terminologies Essential Terminologies Elements of Information Security Elements of Information Security Effects of Hacking on Business Top Information Security Attack Vectors Who Is a Hacker? Motives, Goals, and Objectives of Information Security Attacks Hacking Phases Information Security Threats Types of Attacks on a System Information Warfare Why Ethical Hacking is Necessary IPv6 Security Threats Skills of an Ethical Hacker Hacking vs. Ethical Hacking Vulnerability Research Effects of Hacking on Business What Is Penetration Testing? Who Is a Hacker? Hacking Phases Types of Attacks on a System Why Ethical Hacking is Necessary Skills of an Ethical Hacker Incident Management Process Types of Security Policies Page | 2 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Vulnerability Research What Is Penetration Testing? Footprinting and Reconnaissance Footprinting refers to uncovering and collecting as much information as possible about a target network, for identifying various ways to intrude into an organization’s network system. The topics highlighted in red under CEHv8 Module 02: Footprinting and Reconnaissance are the new additions. CEHv7 Module 02: Footprinting and Reconnaissance CEHv8 Module 02: Footprinting and Reconnaissance Footprinting Terminologies Footprinting Terminologies What Is Footprinting? What Is Footprinting? Objectives of Footprinting Objectives of Footprinting Footprinting Threats Footprinting Threats Footprinting through Search Engines Footprinting through Search Engines Website Footprinting Website Footprinting Email Footprinting Email Footprinting Competitive Intelligence Competitive Intelligence Footprinting Using Google Footprinting Using Google WHOIS Footprinting WHOIS Footprinting DNS Footprinting DNS Footprinting Network Footprinting Network Footprinting Footprinting Tools Footprinting through Social Engineering Footprinting Countermeasures Footprinting through Social Networking Sites Page | 3 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Footprinting Pen Testing Exam 312-50 Footprinting Tools Footprinting Countermeasures Footprinting Pen Testing Footprinting Terminologies What Is Footprinting? Scanning Networks Network scanning refers to a set of procedures for identifying hosts, ports, and services in a network. The topics highlighted in red under CEHv8 Module 03: Scanning Networks are the new additions CEHv7 Module 03: Scanning Networks CEHv8 Module 03: Scanning Networks Overview of Network Scanning Overview of Network Scanning CEH Scanning Methodology CEH Scanning Methodology Checking for Live Systems Checking for Live Systems Scanning Techniques Scanning IPv6 Network IDS Evasion Techniques Scanning Techniques Banner Grabbing IDS Evasion Techniques Vulnerability Scanning Banner Grabbing Drawing Network Diagrams Vulnerability Scanning Proxy Chaining Drawing Network Diagrams HTTP Tunneling Techniques Proxy Chaining SSH Tunneling HTTP Tunneling Techniques Anonymizers SSH Tunneling IP Spoofing Detection Techniques Anonymizers Scanning Countermeasures IP Spoofing Detection Techniques Scanning Pen Testing Scanning Countermeasures Scanning Pen Testing Latest Network Scanning Tools Added Page | 4 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 6 more Labs Added Enumeration In the enumeration phase, attacker creates active connections to system and performs directed queries to gain more information about the target. The topics highlighted in red under CEHv8 Module 04: Enumeration are the new additions. CEHv7 Module 04: Enumeration CEHv8 Module 04: Enumeration What Is Enumeration? What Is Enumeration? Techniques for Enumeration Techniques for Enumeration NetBIOS Enumeration Services and Ports to Enumerate Enumerate Systems Using Default Passwords NetBIOS Enumeration SNMP Enumeration Enumerate Systems Using Default Passwords UNIX/Linux Enumeration SNMP Enumeration LDAP Enumeration Working of SNMP NTP Enumeration UNIX/Linux Enumeration SMTP Enumeration LDAP Enumeration DNS Enumeration NTP Enumeration Enumeration Countermeasures SMTP Enumeration Enumeration Pen Testing DNS Enumeration Enumeration Countermeasures Enumeration Pen Testing Latest Enumeration Tools Added 1 more Lab Added Page | 5 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 System Hacking Password cracking techniques are used to recover passwords from computer systems. The topics highlighted in red under CEHv8 Module 05 System Hacking are the new additions. CEHv7 Module 05 System Hacking CEHv8 Module 05 System Hacking System Hacking: Goals System Hacking: Goals CEH Hacking Methodology (CHM) CEH Hacking Methodology (CHM) Password Cracking Password Cracking Microsoft Authentication Stealing Passwords Using Keyloggers How to Defend against Password Cracking Microsoft Authentication Privilege Escalation How to Defend against Password Cracking Types of Privilege Escalation Privilege Escalation Executing Applications Types of Privilege Escalation Types of Keystroke Loggers and Spywares Executing Applications Anti-Keylogger and Anti-Spywares Methodology of Attacker in using Remote Keylogger Detecting Rootkits Types of Keystroke Loggers and Spywares NTFS Stream Manipulation Anti-Keylogger and Anti-Spywares Classification of Steganography Various methods to place a rootkit Steganalysis Methods/Attacks on Steganography Detecting Rootkits Covering Tracks NTFS Stream Manipulation Penetration Testing Application of steganography Classification of Steganography Audio Steganography Methods Issues in Information hiding Steganalysis Methods/Attacks on Steganography Detecting Text, Image, Audio, and Video Steganography Covering Tracks Penetration Testing Page | 6 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Trojans and Backdoors It is a program in which the malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and cause damage, such as ruining the file allocation table on your hard disk. The topics highlighted in red under CEHv8 Module 06: Trojans and Backdoors are the new additions. CEHv7 Module 06: Trojans and Backdoors CEHv8 Module 06: Trojans and Backdoors What Is a Trojan? What Is a Trojan? What Do Trojan Creators Look For What Do Trojan Creators Look For Indications of a Trojan Attack Indications of a Trojan Attack Common Ports used by Trojans Common Ports used by Trojans How to Infect Systems Using a Trojan How to Infect Systems Using a Trojan Different Ways a Trojan can Get into a System Different Ways a Trojan can Get into a System How to Deploy a Trojan How to Deploy a Trojan Types of Trojans Types of Trojans How to Detect Trojans Trojan Analysis Trojan Countermeasures How to Detect Trojans Trojan Horse Construction Kit Trojan Countermeasures Anti-Trojan Software Trojan Horse Construction Kit Pen Testing for Trojans and Backdoors Anti-Trojan Software Pen Testing for Trojans and Backdoors Latest Trojan Detection Tools Added 2 more Labs Added Page | 7 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Viruses and Worms A virus is a self-replicating program that produces its own code by attaching copies of itself into other executable codes. The topics highlighted in red under CEHv8 Module 07: Viruses and Worms are the new additions. CEHv7 Module 07: Viruses and Worms CEHv8 Module 07: Viruses and Worms Introduction to Viruses Introduction to Viruses Stages of Virus Life Stages of Virus Life Working of Viruses Working of Viruses Indications of Virus Attack Common Techniques Used to Distribute Malware on the Web How does a Computer Get Infected by Viruses Indications of Virus Attack Types of Viruses How does a Computer Get Infected by Viruses Virus Maker Virus Analysis Computer Worms Types of Viruses Worm Analysis Virus Maker Worm Maker Computer Worms Malware Analysis Procedure Worm Analysis Online Malware Analysis Services Worm Maker Virus and Worms Countermeasures Malware Analysis Procedure Antivirus Tools Online Malware Analysis Services Penetration Testing for Virus Virus Detection Methods Virus and Worms Countermeasures Antivirus Tools Penetration Testing for Virus Page | 8 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Sniffers Packet sniffing is a process of monitoring and capturing all data packets passing through a given network using software (application) or hardware device. The topics highlighted in red under CEHv8 Module 08: Sniffing are the new additions. CEHv7 Module 08: Sniffers CEHv8 Module 08: Sniffing Packet Sniffing Packet Sniffing Sniffing Threats Sniffing Threats Types of Sniffing Attacks Types of Sniffing Attacks Hardware Protocol Analyzers Hardware Protocol Analyzers MAC Flooding IPv6 Addresses How DHCP Works MAC Flooding Rogue DHCP Server Attack How DHCP Works ARP Spoofing Techniques Rogue DHCP Server Attack ARP Poisoning Tools ARP Spoofing Techniques How to Defend Against ARP Poisoning ARP Poisoning Tools Spoofing Attack Threats How to Defend Against ARP Poisoning How to Defend Against MAC Spoofing Spoofing Attack Threats DNS Poisoning Techniques MAC Spoofing Technique How to Defend Against DNS Spoofing IRDP Spoofing Sniffing Tools How to Defend Against MAC Spoofing Sniffing Pen Testing DNS Poisoning Techniques How to Defend Against DNS Spoofing Sniffing Tools Sniffer Detection Technique Sniffing Pen Testing Page | 9 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Social Engineering Social engineering is the art of convincing people to reveal confidential information. Social engineers depend on the fact that people are unaware of their valuable information and are careless about protecting it. The topics highlighted in red under CEHv8 Module 09: Social Engineering are the new additions. CEHv7 Module 09: Social Engineering CEHv8 Module 09: Social Engineering What Is Social Engineering? What Is Social Engineering? Factors that Make Companies Vulnerable to Attacks Factors that Make Companies Vulnerable to Attacks Warning Signs of an Attack Warning Signs of an Attack Phases in a Social Engineering Attack Phases in a Social Engineering Attack Common Targets of Social Engineering Common Targets of Social Engineering Human-based Social Engineering Human-based Social Engineering Computer-based Social Engineering Computer-based Social Engineering Social Engineering Through Impersonation on Social Networking Sites Mobile-based Social Engineering Identify Theft Mobile-based Social Engineering Using SMS Social Engineering Countermeasures Social Engineering Through Impersonation on Social Networking Sites How to Detect Phishing Emails Identify Theft Identity Theft Countermeasures Social Engineering Countermeasures Social Engineering Pen Testing How to Detect Phishing Emails Identity Theft Countermeasures Social Engineering Pen Testing Social Engineering Toolkit Page | 10 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Denial of Service Denial of Service (DoS) is an attack on a computer or network that prevents legitimate use of its resources. The topics highlighted in red under CEHv8 Module 10: Denial-of-Service are the new additions. CEHv7 Module 10: Denial of Service CEHv8 Module 10: Denial-of-Service What Is a Denial of Service Attack? What Is a Denial of Service Attack? What Are Distributed Denial of Service Attacks? What Are Distributed Denial of Service Attacks? Symptoms of a DoS Attack Symptoms of a DoS Attack DoS Attack Techniques DoS Attack Techniques Botnet Botnet Botnet Ecosystem Botnet Ecosystem DDoS Attack Tools Botnet Trojans DoS Attack Tools DDoS Attack Tools Detection Techniques DoS Attack Tools DoS/DDoS Countermeasure Detection Techniques Techniques to Defend against Botnets DoS/DDoS Countermeasure Advanced DDoS Protection Appliances Techniques to Defend against Botnets Denial of Service (DoS) Attack Penetration Testing Advanced DDoS Protection Appliances Denial of Service (DoS) Attack Penetration Testing Latest DDoS and DoS attack tools added Latest DoS/DDoS Protection Tools added Page | 11 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Session Hijacking Session Hijacking refers to the exploitation of a valid computer session where an attacker takes over a session between two computers. The topics highlighted in red under CEHv8 Module 11: Session Hijacking are the new additions. CEHv7 Module 11: Session Hijacking CEHv8 Module 11: Session Hijacking What Is Session Hijacking? What Is Session Hijacking? Why Session Hijacking Is Successful? Why Session Hijacking Is Successful? Key Session Hijacking Techniques Key Session Hijacking Techniques Brute Forcing Attack Brute Forcing Attack Session Hijacking Process Session Hijacking Process Types of Session Hijacking Types of Session Hijacking Application Level Session Hijacking Application Level Session Hijacking Session Sniffing Session Sniffing Man-in-the-Middle Attack Man-in-the-Middle Attack Network Level Session Hijacking Network Level Session Hijacking TCP/IP Hijacking TCP/IP Hijacking Session Hijacking Tools Session Hijacking Tools Protecting against Session Hijacking Protecting against Session Hijacking IPsec Architecture IPsec Architecture Session Hijacking Pen Testing Session Hijacking Pen Testing Latest Session Hijacking Tools Added Page | 12 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Hacking Webservers Web server pen testing is used to identify, analyze, and report vulnerabilities such as authentication weaknesses, configuration errors, protocol related vulnerabilities, etc. in a web server. The topics highlighted in red under CEHv8 Module 12: Hacking Webservers are the new additions. CEHv7 Module 11: Session Hijacking CEHv8 Module 11: Session Hijacking IIS Webserver Architecture IIS Webserver Architecture Why Web Servers are Compromised? Why Web Servers are Compromised? Impact of Webserver Attacks Impact of Webserver Attacks Webserver Attacks Webserver Attacks Webserver Attack Methodology Webserver Attack Methodology Webserver Attack Tools Webserver Attack Tools Metasploit Architecture Metasploit Architecture Web Password Cracking Tool Web Password Cracking Tool Countermeasures Countermeasures How to Defend Against Web Server Attacks How to Defend Against Web Server Attacks Patch Management How to Defend against HTTP Response Splitting and Web Cache Poisoning Patch Management Tools Patch Management Webserver Pen Testing Patch Management Tools Latest Webserver Security Tools Added Latest Webserver Pen Testing Tools Added Webserver Pen Testing Page | 13 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Hacking Web Applications Web applications provide an interface between end users and web servers through a set of web pages that are generated at the server end or contain script code to be executed dynamically within the client web browser. The topics highlighted in red under CEHv8 Module 13: Hacking Web Applications are the new additions. CEHv7 Module 13: Hacking Web Applications CEHv8 Module 13: Hacking Web Applications How Web Applications Work How Web Applications Work Web Attack Vectors Web Attack Vectors Web Application Threats Web Application Threats Web App Hacking Methodology Web App Hacking Methodology Footprint Web Infrastructure Footprint Web Infrastructure Hacking Web Servers Hacking Web Servers Analyze Web Applications Analyze Web Applications Attack Authentication Mechanism Attack Authentication Mechanism Attack Authorization Schemes Attack Authorization Schemes Session Management Attack Session Management Attack Attack Data Connectivity Attack Data Connectivity Attack Web App Client Attack Web App Client Attack Web Services Attack Web Services Web Application Hacking Tools Latest Web Application Hacking Tools Countermeasures Countermeasures Web Application Security Tools Latest Web Application Security Tools Added Web Application Firewall Web Application Firewall Web Application Pen Testing Web Application Pen Testing Page | 14 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 SQL Injection SQL Injection is the most common website vulnerability on the Internet. It is a flaw in Web Applications and not a database or web server issue. The topics highlighted in red under CEHv8 Module 14: SQL Injection are the new additions. CEHv7 Module 14: SQL Injection CEHv8 Module 14: SQL Injection SQL Injection SQL Injection SQL Injection Attacks SQL Injection Attacks SQL Injection Detection SQL Injection Detection SQL Injection Attack Characters SQL Injection Attack Characters Testing for SQL Injection Testing for SQL Injection Types of SQL Injection Types of SQL Injection Blind SQL Injection Blind SQL Injection SQL Injection Methodology SQL Injection Methodology Advanced SQL Injection Advanced SQL Injection Password Grabbing Bypass Website Logins Using SQL Injection Network Reconnaissance Using SQL Injection Password Grabbing SQL Injection Tools Network Reconnaissance Using SQL Injection Evasion Technique Latest SQL Injection Tools Added How to Defend Against SQL Injection Attacks Evasion Technique SQL Injection Detection Tools How to Defend Against SQL Injection Attacks Latest SQL Injection Detection Tools Added 2 more Labs Added Page | 15 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Hacking Wireless Networks Wi-Fi is developed on IEEE 802.11 standards, and it is widely used in wireless communication. It provides wireless access to applications and data across a radio network. The topics highlighted in red under CEHv8 Module 15: Hacking Wireless Networks are the new additions. CEHv7 Module 15: Hacking Wireless Networks CEHv8 Module 15: Hacking Wireless Networks Types of Wireless Networks Types of Wireless Networks Wireless Terminologies Wireless Terminologies Types of Wireless Encryption Types of Wireless Encryption How to Break WEP Encryption How to Break WEP Encryption Wireless Threats Wireless Threats Footprint the Wireless Network Footprint the Wireless Network GPS Mapping Mobile-based Wi-Fi Discovery Tools Wireless Traffic Analysis GPS Mapping What Is Spectrum Analysis? Wireless Traffic Analysis How to Reveal Hidden SSIDs What Is Spectrum Analysis? Crack Wi-Fi Encryption How to Reveal Hidden SSIDs Wireless Hacking Tools Crack Wi-Fi Encryption Bluetooth Hacking Latest Wireless Hacking Tools Added How to BlueJack a Victim Bluetooth Hacking How to Defend Against Wireless Attacks How to BlueJack a Victim Wireless Security Tools How to Defend Against Wireless Attacks Wireless Penetration Testing Latest Wireless Security Tools Added Wireless Penetration Testing 1 more Lab Added Page | 16 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Hacking Mobile Platforms CEHv8 Module 16 Hacking Mobile Platforms is a new module which covers the following topics: CEHv8 Module 16 Hacking Mobile Platforms Mobile Attack Vectors Guidelines for Securing Windows OS Devices Mobile Platform Vulnerabilities and Blackberry Attack Vectors Risks Android OS Architecture Guidelines for Securing BlackBerry Devices Android Vulnerabilities Android Trojans Mobile Device Management (MDM) General Guidelines for Mobile Platform Security Securing Android Devices Jailbreaking iOS Mobile Protection Tools Mobile Pen Testing Guidelines for Securing iOS Devices Windows Phone 8 Architecture Evading IDS, Firewalls, and Honeypots An intrusion detection system (IDS) gathers and analyzes information from within a computer or a network, to identify the possible violations of security policy, including unauthorized access, as well as misuse. The topics highlighted in red under CEHv8 Module 17: Evading IDS, Firewalls, and Honeypots are the new additions. CEHv7 Module 16: Evading IDS, Firewalls, and Honeypots CEHv8 Module 17: Evading IDS, Firewalls, and Honeypots Ways to Detect an Intrusion Ways to Detect an Intrusion Types of Intrusion Detection Systems Types of Intrusion Detection Systems General Indications of Intrusions General Indications of Intrusions Firewall Architecture Firewall Architecture Types of Firewall Types of Firewall Firewall Identification Firewall Identification Page | 17 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 How to Set Up a Honeypot How to Set Up a Honeypot Intrusion Detection Tools Latest Intrusion Detection Tools Added How Snort Works How Snort Works Firewalls Firewalls Honeypot Tools Latest Honeypot Tools Added Evading IDS Evading IDS Evading Firewalls Evading Firewalls Detecting Honeypots Detecting Honeypots Firewall Evasion Tools Latest Firewall Evasion Tools Added Packet Fragment Generators Packet Fragment Generators Countermeasures Countermeasures Firewall/IDS Penetration Testing Firewall/IDS Penetration Testing 1 more Lab Added Page | 18 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Buffer Overflow A generic buffer overflow occurs when a program tries to store more data in a buffer than it was intended to hold. The topics highlighted in red under CEHv8 Module 18: Buffer Overflow are the new additions. CEHv7 Module 17: Buffer Overflow CEHv8 Module 18: Buffer Overflow Heap-Based Buffer Overflow Heap-Based Buffer Overflow Knowledge Required to Program Buffer Overflow Exploits Why Are Programs and Applications Vulnerable to Buffer Overflows? Buffer Overflow Steps Knowledge Required to Program Buffer Overflow Exploits Overflow Using Format String Buffer Overflow Steps Buffer Overflow Examples Overflow Using Format String How to Mutate a Buffer Overflow Exploit Buffer Overflow Examples Identifying Buffer Overflows How to Mutate a Buffer Overflow Exploit How to Detect Buffer Overflows in a Program Identifying Buffer Overflows BoF Detection Tools How to Detect Buffer Overflows in a Program Defense Against Buffer Overflows Latest BoF Detection Tools Added Buffer Overflow Security Tools Defense Against Buffer Overflows Buffer Overflow Penetration Testing Programming Countermeasures Latest Buffer Overflow Security Tools Added Buffer Overflow Penetration Testing Page | 19 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Cryptography Cryptography is the conversion of data into a scrambled code that is decrypted and sent across a private or public network. The topics highlighted in red under CEHv8 Module 19: Cryptography are the new additions. CEHv7 Module 18: Cryptography CEHv8 Module 19: Cryptography Cryptography Cryptography Encryption Algorithms Encryption Algorithms Ciphers Ciphers What Is SSH (Secure Shell)? What Is SSH (Secure Shell)? Cryptography Tools Latest Cryptography Tools Added Public Key Infrastructure (PKI) Public Key Infrastructure (PKI) Certification Authorities Certification Authorities Digital Signature Digital Signature Disk Encryption Disk Encryption Disk Encryption Tool Disk Encryption Tool Cryptography Attacks Cryptography Attacks Code Breaking Methodologies Code Breaking Methodologies Cryptanalysis Tools Latest Cryptanalysis Tools Added Online MD5 Decryption Tools Online MD5 Decryption Tools 2 more Labs Added Page | 20 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited. Certified Ethical Hacker Version Comparison Exam 312-50 Penetration Testing Penetration testing assesses the security model of the organization as a whole. It reveals potential consequences of a real attacker breaking into the network. The topics highlighted in red under CEHv8 Module 20: Penetration Testing are the new additions. CEHv7 Module 19: Penetration Testing CEHv8 Module 20: Penetration Testing Security Assessments Security Assessments Vulnerability Assessment Vulnerability Assessment What Should be Tested? Introduction to Penetration Testing ROI on Penetration Testing Comparing Security Audit, Vulnerability Assessment, and Penetration Testing Types of Penetration Testing What Should be Tested? Common Penetration Testing Techniques ROI on Penetration Testing Pre-Attack Phase Types of Penetration Testing Attack Phase Common Penetration Testing Techniques Post-Attack Phase Pre-Attack Phase Penetration Testing Deliverable Templates Attack Phase Pen Testing Roadmap Post-Attack Phase Web Application Testing Penetration Testing Deliverable Templates Outsourcing Penetration Testing Services Pen Testing Roadmap Web Application Testing Outsourcing Penetration Testing Services Page | 21 Certified Ethical Hacker Copyright © by EC-Council All Rights Reserved. Reproduction Is Strictly Prohibited.