دانلود کتاب راهنمای مطالعه هکر اخلاقی دارای گواهینامه (CEH)

Welcome, dear reader! I sincerely hope you’ve found your way to this introduction happy, healthy, and brimming with confidence—or, at the very least, with curiosity. I can see you there, standing in your bookstore and flipping through the book, or sitting in your living room while clicking through virtual pages at some online retailer. And you’re trying to decide whether you’ll buy it—whether this is the book you need for your study guide. You probably have perused the outline, checked the chapter titles—heck, you may have even read the author bio they forced me to write. And now you’ve found your way to this, the preface. Sure, this preface is supposed to be designed to explain the ins and outs of the book—to lay out its beauty and crafty witticisms in such a way that you just can’t resist buying it. But I’m also going to take a moment to explain the realities of the situation and let you know what you’re really getting yourself into. This exam isn’t a walk in the park. The Certified Ethical Hacker (CEH) certification didn’t gain the reputation and value it has by being easy to attain. It requires clearing a challenging examination that tests more than just simple memorization. Its worth has elevated it to one of the top certifications a technician can attain, and it remains part of DoD 8570’s call for certification on DoD networks. In short, this certification actually means something to employers because they know the effort it takes to attain it. If you’re not willing to put in the effort, maybe you should pick up another line of study. If you’re new to the career field or you’re curious and want to expand your knowledge, you may be standing there with the glow of innocent expectation on your face, wondering whether this is the book for you. To help you decide, let’s take a virtual walk over to our entrance sign and have a look. Come on, you’ve seen one of these signs before—it’s just like the one in front of the roller coaster that reads, “You must be this tall to enter the ride.” However, the prerequisites for this ride are just a little different. Instead of your height, I’m interested in your knowledge, and I have a question or two for you. Do you know the OSI reference model? What port does SMTP use by default? How about Telnet? What transport protocol (TCP or UDP) do they use, and why? Can you possibly run something else over those ports? What’s an RFC? Why am I asking these questions? Well, my new virtual friend, I’m trying to save you some agony. Just as you wouldn’t be allowed on a roller coaster that could potentially fling you off into certain agony and/or death, I’m not going to stand by and let you waltz into something you’re not ready for. If any of the questions I asked seem otherworldly to you, you need to spend some time studying the mechanics and inner workings of networking before attempting this certification. As brilliantly written as this little tome is, it is not—nor is any other book—a magic bullet, and if you’re looking for something you can read in one night and become Super-Hacker by daybreak, you’re never going to find it. Don’t get me wrong—go ahead and buy this book. You’ll want it later, and I could use the sales numbers. All I’m saying is, you need to learn the basics before stepping up to this plate. I didn’t bother to drill down into the basics in this book, because it would have been 20,000 pages long and would have scared you off right there at the bookrack without you even picking it up. Instead, I want you to go learn the “101” stuff first so that you can be successful with this book. Learning it won’t take long—it’s not rocket science. I was educated in the public school system of Alabama and didn’t know what cable TV or VCRs were until I was nearly a teenager, and I figured it out. How tough can it be for you? There is plenty in here for the beginner, though—trust me. I wrote it in the same manner I learned it: simple, easy, and (ideally) fun. This stuff isn’t necessarily hard; you just need to get the basics out of the way first. Then, I think, you’ll find this book perfect for your goals. For those of you who have already put your time in and know the basics, you’ll find this book pleasantly surprising. You’re obviously aware by now that technology isn’t magic, nor is it necessarily difficult or hard to comprehend—it’s just learning how something works so that you can use it to your advantage. I’ve tried to attack ethical hacking in this manner, making things as light as possible and laughing a little along the way. But please be forewarned: you cannot, should not, and will not pass the CEH exam just by reading this book. Any book that promises that is lying to you. Combine this study guide with some hands-on practice, a lot of practice exams, and a whole lot of additional study, and I don’t think you’ll have any trouble at all with the exam. Read it as a one-stop shop for obtaining certification, though, and you’ll be leaving the exam room wondering what happened to you. This book has, of course, one primary goal and focus—to help you achieve the title of Certified Ethical Hacker by passing the exam. I believe it provides you with everything you’ll need to pass the test. However, I’d like to think there’s more to the book than that. I hope I’ve also succeeded in another goal that’s just as important: helping you to become an employed ethical hacker. No, there is no way someone can simply read a book and magically become a seasoned IT security professional, but I sincerely hope I’ve provided enough real-world insight that you can safely rely on this book along your journey out in the real world. Finally, I want to address a few specifics regarding the content itself. I’ve pulled information from a wide range of study materials and tried to do my best to cover things I’m almost certain you’ll see on your exam. However, there are no doubt some specifics covered herein that you won’t see at all on the exam (not to mention that, without fail, you’ll probably see topics on your exam I somehow missed—it is a dynamic, constantly moving target, after all). Take, for example, the chapter on artificial intelligence (AI). I’m not certain AI has made its way into the exam question pool yet, but it’s a really important topic that should and will make appearances soon. I covered it as best I could given the source materials I used for study purposes, combing the interwebs for the latest information available, attending conferences and webinars, and interviewing/speaking to a lot of folks in the profession. Will AI show up on your exam? I don’t know and can’t confirm. But will knowledge of AI be valuable to you as an ethical hacker? You bet your bits it will.