Guys,

Check this.

Hackers, that elusive class of computer criminals who break into systems, release viruses, and deface Web sites, right? Wrong! While such computer criminals have helped shape the typical definition of a hacker, not all hackers are out to wreak havoc. There are ethical hackers who crack a system for the sheer challenge of doing so-not to cause damage or destruction. In fact, they often lend a hand to system administrators by notifying them of the loopholes in their system...

Now a company based in Malaysia is offering a Certified Ethical Hacker Certification. The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. To achieve CEH certification, you must pass 3 comprehensive exams that covers the standards and language involved in common exploits, vulnerabilities and countermeasures. You must also show knowledge of the tools used by hackers in exposing common vulnerabilities as well as the tools used by security professionals for implementing countermeasures. To achieve Certified Ethical Hacker Certification, you must pass an exam in Ethical Hacking and Countermeasures...
Source and full story here


------------------------------------------------------------------------------------------------------------------------


(And here you have the full exam)


EXAM:


Credit Towards Certification
Certified e-Security Hacker


Exam Details

Number of Questions: 50
Passing Score: 70%
Test Duration: 2 Hours
Test Format: Multiple Choice
Test Delivery: Prometric Prime


Skills Measured

Footprinting
Scanning
Enumeration
Hacking Windows 95
Hacking Windows 98
Hacking Windows ME
Hacking Windows XP Home Edition
Hacking Windows NT
Hacking Windows 2000
Novell Netware Hacking
Hacking UNIX/Linux
Dial-Up and PBX Hacking
VPN Hacking
Hacking through Firewalls
Denial of Service Attacks (DOS)
Remote Control and Trojan Horse
Web Server Hacking
SSL and E-mail Hacking
Cracking Passwords
Hacking Tools


Test Objectives

Understanding Hackers

Know the Hacker
Hacker Ethics
Hacker and the Law
Legal implications of Hacking
Computer Crime and Punishment

Footprinting What is Foorprinting?
Determining the scope of activities
Network enumeration
DNS interrogation


Scanning Determining if the system is alive
Determining which services are running or listening
Scan types
Identifying TCP and UDP services running
Windows based port scanners
Port scanning breakdown
Detecting operating systems
Active stack fingerprinting
Passive stack fingerprinting
Automated discovery tools


Enumeration

Windows NT/2000 enumeration
Windows NT/2000 network enumeration
Windows NT/2000 host enumeration
Application and banner enumeration
Novell enumeration
UNIX enumeration
BGP route enumeration


System Hacking

Win 9x remote exploits
Direct connection Win 9x resources
Win 9x backdoor Trojan and horses
Server application vulnerabilities
Win 9x denial of service
Win 9x local exploits
Windows ME remote attacks


Hacking Windows NT

Remote exploits: Denial of service and buffer overflows
Privilege escalation
Exploiting trust
Sniffers
Remote control and backdoors
Port redirection
Countermeasures to privileged compromise
Covering tracks
Disabling auditing
Clearing the event log
Hiding files

Hacking Windows 2000 Footprinting
Scanning
Enumeration
Penetration
NetBIOS-SMB password guessing
Eavesdropping on password hashes
SMBRelay
Attacks against IIS 5.0
Remote buffer overflows
Denial of service
Privilege escalation
Grabbing the Windows 2000 password hashes
EFS
Startup manipulation
Remote control
Keystroke loggers


Novell Netware Hacking Enumerating Bindery and Trees
Authenticated enumeration
Gaining Admin access
Application vulnerabilities
Spoofing attacks
Console logs and NDS files
Log doctoring


Hacking UNIX/Linux

Root abuse
Vulnerability mapping
Remote access Vs local access
Data driven attacks
Common types of remote attacks
Hacking root account
Retrieving /etc/passwd file
Caching.


Dial-up, Voicemail and VPN Hacking

Brute force scripting
PBX hacking
Voicemail hacking
VPN hacking
Modem scramblers


Wireless Network Hacking

IEEE 802.11 Wireless LAN attack
WAP (Cellular phone) hacking
Detecting the wireless media
Hacking Wireless network adapter cards


Firewalls

Firewall identification
Scanning through firewalls
Packet filtering
Application proxy vulnerabilities


Denial of Service (DOS) attacks

Types of DOS attacks
Bandwidth consumption
Resource starvation
Programming flaws
Routing and DNS attacks
Generic DOS attacks
UNIX and Windows NT DoS
Remote DOS attacks
Distributed denial of attacks (DDOS)


Remote control and back doors

Discovering remote control software
Virtual network computing (VNC)
Attacking Microsoft Terminal Server
Attacking Citrix ICA


Hacking the internal user

Malicious mobile code
Microsoft ActiveX
Java Security Holes
Cookie fraud
SSL fraud
E-Mail hacking
Invoking outbound client connections


Web Server Hacking

Attacking Web authentication
HTTP authentication basic and digest
Forms-based authentication
Microsoft Passport
Password guessing
Attacking session state management
Session ID prediction and brute-forcing
Bypassing SQL-backend login forms
Input validation attacks
Attacking Web datastores
Hacking Web application development
Web client hacking
Attacking Web services
SOAP over HTTPS
WSDL attack
Hacking Web services
Cookie hijacking


Hacker Tools

Queso
Fragrouter
IPLog
IPTraf
Lids
LSOF
Nemesis
Swatch
Cerberus Internet Scanner
Crack / Libcrack
Retina
Cheops
Ngrep
Logcheck
NFR
SAM Spade
Scanlogd
NAT (NetBIOS Auditing Tool
Ntop
Hunt
John the Ripper
L0pht Crack
Strobe
Firewalk
Iptables
SATAN
SARA
Sniffit
Hping2
Cybercop Scanner
Tripwire
DSniff
Whisker
Ethereal
Netcat
Nessus
Back Orfice
Camera/Shy