EC-Council CEH

CEH v4 Domain #7: Mobile Platform, IoT and OT Hacking

Greg Belding
January 24, 2022 by
Greg Belding

Organizations that want to maximize the chances of not being another statistic of malicious hacking can hire a certified ethical hacker. These ethical hackers test an organization's systems, networks and overall information security. The Certified Ethical Hacker, or CEH, certification is a well-renowned cert that verifies the knowledge and skills of these heroes.

The CEH certification is currently on Exam Blueprint v4.0, which has brought some changes to how the Domains of knowledge are presented. This article will detail Domain 7 of CEH Exam Blueprint v4.0, Mobile Platform, IoT (Internet of Things) and OT (Operational Technology) Hacking.

Earn your CEH, guaranteed!

Earn your CEH, guaranteed!

Get hands-on hacking experience and live expert, instruction. Enroll now to claim your Exam Pass Guarantee!

What is the CEH certification?

The CEH certification verifies that the holder has a practical understanding of the phases of ethical hacking, the various attack vectors, and the preventative countermeasures used by ethical hackers.

It certifies that the holder knows how to think and act like a malicious hacker to better position your organization's information security measures and better defend against real-world attacks. It is premised on the idea that if you understand vulnerabilities and system weaknesses your organization faces, you can better strengthen system security controls in the face of malicious activity and attacks.

Who is the target audience for CEH?

From a high-level view, any information security professional wants their organization to be better positioned in the face of attacks and malicious activity. Below is a list of roles that typically earn this certification:

  • Information Security Analyst
  • Information Assurance Security Officer
  • Information Security Manager/Specialist
  • Information Systems Security Engineer/Manager
  • Information Security Professionals/Officers
  • Risk/Threat/Vulnerability Analyst
  • Information Security/IT Auditors

What has changed since CEH Exam Blueprint v3?

Normally, I offer a side-by-side comparison of the old and new exam versions, but in the case of CEH, so much has changed we will keep it brief. They say that the only thing constant in life is change, which applies to the new CEH Exam Blueprint. CEH Exam Blueprint v3.0 only had six domains. The material v.4.0 #7 covers was relegated to nothing more than sub-objectives for Mobile Platforms in v.3.0 (IoT and OT hacking were not even covered altogether!).

In CEH Exam Blueprint v4.0, Domain 7 is titled “Mobile Platform, IoT, and OT Hacking,” covering 8% of CEH exam content and representing 10 of the CEH certification exam questions. The two subdomains of Domain 7 are:

  • Hacking Mobile Platforms
  • IoT and OT Hacking

Let’s explore this content below.

Hacking mobile platforms

1. Mobile Platform Attack Vectors

  • OWASP Top 10 Mobile Threats - Top 10 Mobile Threats according to the Open Web Application Security Project (OWASP).
    • Improper Platform Usage
    • Insecure Data Storage
    • Insecure Communication
    • Insecure Authentication
    • Insufficient Cryptography
    • Insecure Authorization
    • Client Code Quality
    • Code Tampering

  • Mobile Attack Vector - Mobile attack vectors covered are:
    • Malware
    • Data Loss
    • Data Tampering
    • Data Exfiltration

  • Vulnerabilities and Risks on Mobiles - There are many vulnerabilities and risks on mobile devices.  The categories covered are:
    • Malicious third-party applications
    • Malicious applications on Store
    • Malware and rootkits
    • Application vulnerability
    • Data security
    • Excessive permissions
    • Weak encryptions
    • Operating System update issues
    • Application update issues
    • Jailbreaking and rooting
    • Physical attack

2. Hacking Android OS

  • Device Administration API
  • Root Access/Android Rooting
  • Android Phone Security Tools

3. Hacking iOS

  • Jailbreaking iOS
  • Types of Jailbreaking
    • Userland Exploit
    • iBoot Exploit
    • Bootrom Exploit

  • Jailbreaking Techniques
    • Tethered Jailbreaking
    • Semi-tethered Jailbreaking
    • Untethered Jailbreaking

4. Hacking Windows Phone OS

5. Hacking BlackBerry

6. Mobile Device Management (MDM)

7. Mobile Security Guidelines

IoT & OT hacking

1. IoT Concept

  • IoT Communication Models
    • Device-to-Device Model
    • Device-to-Cloud Model
    • Device-to-Gateway Model
    • Back-end Data-sharing Model

2. Understanding IoT Attacks

  • IoT Attacks
    • DDoS Attack
    • Rolling Code Attack
    • BlueBorne Attack
    • Jamming Attack
    • Backdoor
  • IoT Hacking Methodology
    • Information Gathering
    • Vulnerability Scanning
    • Launch Attack
    • Gain Access
    • Maintain Attack
  • Operational Technology (OT) Concept
  • OT Attacks
    • 2017 Triton Malware attack on the petroleum sector – Middle East
    • 2015 BlackEnergy Malware power grid attack – Ukraine
  • OT Hacking Methodology
    • Initial Access
    • Discovery
    • Inhibit Response Functions
    • Impair Process Control
    • Impacts
  • OT Hacking Tools
  • OT Countermeasures

Earn your CEH, guaranteed!

Earn your CEH, guaranteed!

Get hands-on hacking experience and live expert, instruction. Enroll now to claim your Exam Pass Guarantee!

CEH domain 7

Certified Ethical Hacker, or CEH, is a certification intended for information security professionals who want to bring ethical hacking benefits to their organization. To earn this certification, you have to pass the CEH certification exam, which is now operating under the v4.0 Exam Blueprint and has significantly changed the material covered in CEH Domain 7, Mobile Platform, IoT, and OT Hacking. Use this article as your roadmap to this Domain of the CEH exam that you will have to master to earn this ethical hacking certification.



Greg Belding
Greg Belding

Greg is a Veteran IT Professional working in the Healthcare field. He enjoys Information Security, creating Information Defensive Strategy, and writing – both as a Cybersecurity Blogger as well as for fun.