CEHv8 Exam Blueprint 1 Secton Knowledge of: Weight Number of Questons I . Background A. networki ng technol ogi es (e.g., hardware, i nfrastructure) 4% 5 B. web technol ogi es (e.g., web 2.0, skype) C. systems technol ogi es D. communi caton protocol s E. mal ware operatons F. mobi l e technol ogi es (e.g., smart phones) G. tel ecommuni caton technol ogi es H. backups and archi vi ng (e.g., l ocal , network) I I . Anal ysi s/Assessment A. data anal ysi s 13% 16 B. systems anal ysi s C. ri sk assessments D. techni cal assessment methods I I I . Securi ty A. systems securi ty control s 25% 31 B. appl i caton/l e server C. rewal l s D. cryptography E. network securi ty F. physi cal securi ty G. threat model i ng H. veri caton procedures (e.g., fal se posi tve/negatve val i daton) I . soci al engi neeri ng (human factors mani pul aton) J. vul nerabi l i ty scanners K. securi ty pol i cy i mpl i catons L. pri vacy/condental i ty (wi th regard to engagement) M. bi ometri cs N. wi rel ess access technol ogy (e.g., networki ng, RFI D, Bl uetooth) O. trusted networks P. vul nerabi l i tes CEHv8 Exam Blueprint 2 Secton Knowledge of: Weight Number of Questons I V. Tools / Systems / Programs A. network/host based i ntrusi on 32% 40 B. network/wi rel ess sni ers (e.g., Wi reShark, Ai rsnort) C. access control mechani si ms (e.g., smart cards) D. cryptography techni ques (e.g., I Psec, SSL, PGP) E. programmi ng l anguages (e.g. C++, Java, C#, C) F. scri ptng l anguages (e.g., PHP, Java scri pt) G. boundary protecton appl i ances H. network topol ogi es I . subnetng J. port scanni ng (e.g., NMAP) K. domai n name system (DNS) L. routers/modems/swi tches M. vul nerabi l i ty scanner (e.g., Nessus, Retna) N. vul nerabi l i ty management and protecton systems (e.g., Foundstone, Ecora) O. operatng envi ronments (e.g., Li nux, Wi ndows, Mac) P. antvi rus systems and programs Q. l og anal ysi s tool s R. securi ty model s S. expl oi taton tool s T. database structures V. Procedures / A. cryptography 20% 25 B. publ i c key i nfrastructure (PKI ) C. Securi ty Archi tecture (SA) D. Servi ce Ori ented Archi tecture E. i nformaton securi ty i nci dent F. N-ter appl i caton desi gn G. TCP/I P networki ng (e.g., network routng) H. securi ty testng methodol ogy VI . Regul aton/Pol i cy A. securi ty pol i ci es 4% 5 B. compl i ance regul atons (e.g., PCI ) VI I . Ethi cs A. professi onal code of conduct 2% 3 B. appropri ateness of hacki ng Programs Methodology