Difference between CEH v8 and v9
- October 25, 2016
- Posted by: Juan van Niekerk
- Category: Security
CEH v9 – How is it different from v8?
As hackers become more apt at their craft, utilising new technologies, such as cloud computing, in order to infect or cause damage to systems, the need for up to date and relevant ethical hacking has become very real. EC-Council aims to do just that with their new version of CEH (Certified Ethical Hacker version 9).
This course will teach you to think like a hacker in order to guard against future attacks on your organisation using hacks, scanning, testing and securing to ensure that your systems are kept safe. Learn about the five phases of Ethical Hacking, namely reconnaissance, gaining access, enumeration, maintaining access and covering your tracks.
Using the same techniques as those that hack systems for malicious purposes, you will be able to identify weaknesses and vulnerabilities in your organisation’s systems, enabling you to fortify them against cyber attacks.
What changes have been made with CEH v9?
- A number of changes have been made in the latest version of CEH. There is now a heavy emphasis on new attack vectors, focussed on cloud computing technology, including the countermeasures that are to be taken in case of an attack. Students are also provided wit a thorough pen testing methodology in order to identify possible threats in advance.
- You will also learn about the threats that exist in connection with mobile devices such as tablets and mobile phones, including the countermeasures that can be taken. The latest available developments in mobile technologies is also covered.
- As there are new vulnerabilities that emerge with new technology, these are now also addressed. These include the following:
- Heartbleed CVE-2014-0160
This causes vulnerability in the SSL layer that is used by websites and cloud providers.
- Shellshock CVE-2014-6271
Causes Bash, the shell for Unix-based operating systems to become vulnerable. This is covered in detail in Module 11.
- Poodle CVE-2014-3566
Allows attackers to decrypt SSLv3 connections, hijacking your cookie session which identifies you to a service in order to control your account without the need for a password. This is covered in a case study in Module 18.
- Learn about hacking using mobile phones using the latest tools available.
- The latest Viruses, Trojans and Backdoors are covered.
- The latest developments in security controls and information security laws and standards.
- Labs have been added on mobile platform and cloud computing hacking.
- 40% more labs have been added.
- 1500+ updated and new tools.
- Addressing security issues to newer operating systems such as Windows 8.1.
- This course also covers the existing threats in Windows operating systems such as Windows 7 and 8.
What course topics are covered by v9?
The following are the topics that you will study when undertaking the CEH v9 course:
Introduction to Ethical Hacking
Footprinting and Reconnaissance
System Hacking
Malware Threats
Social Engineering
Denial of Service
Hacking Web Applications
SQL Injection
Cloud Computing
Scanning Networks
Enumeration
Evading IDS, Firewalls and Honeypots
Sniffing
Session Hijacking
Hacking Web Servers
Hacking Wireless Networks
Hacking Mobile Platforms
Cryptography
CEH v9 exam details
With most of the changes to the CEH course being made to the content, rather than the exam, the latter will remain largely unchanged with the questions still being presented in multiple choice format. You will be given 4 hours (240 minutes) in which to complete the exam. There will be a total of 125 questions that need to be answered, with the passing mark being set at 70%.
Exam Title | Certified Ethical Hacker v9 (ANSI) |
Exam Code | 312-50 (ECC Exam), 312-50 (VUE) |
Number of Questions | 125 |
Duration | 4 Hours |
Availability | VUE/ECCEXAM |
Test Format | Multiple Choice |
Passing Score | 70% |
Upon completion of the CEH v9 course, you will be equipped with the skills and knowledge that is needed to ensure that your organisation’s systems and networks are kept safe from hackers and those with malicious intent. This will ensure that you become a professional with a skill set that is regarded as highly sought after.