Home > Store

Certified Ethical Hacker (CEH) Cert Guide

Register your product to gain access to bonus material or receive a coupon.

Certified Ethical Hacker (CEH) Cert Guide

Book

  • Sorry, this book is no longer in print.
Not for Sale

About

Features

  • Chapter-ending Exam Preparation Tasks help students drill on key concepts they must know thoroughly
  • Review questions help students assess their knowledge
  • Final preparation chapter guides students through tools and resources to help them craft a final study
  • Companion CD contains the powerful Pearson IT Certification Practice Test engine, complete with hundreds of exam-realistic questions
  • Assessment engine offers students a wealth of customization options and reporting features, laying out a complete assessment of their knowledge to help them focus their study where it is needed most

Description

  • Copyright 2014
  • Edition: 1st
  • Book
  • ISBN-10: 0-7897-5127-5
  • ISBN-13: 978-0-7897-5127-0

Learn, prepare, and practice for CEH v8 exam success with Certified Ethical Hacker (CEH) Cert Guide from Pearson IT Certification, a leader in IT certification.

  • Master CEH exam topics
  • Assess your knowledge with chapter-ending quizzes
  • Review key concepts with exam preparation tasks
  • Practice with realistic exam questions on the CD

Certified Ethical Hacker (CEH) Cert Guide is a best-of-breed exam study guide. Leading security consultant and certification expert Michael Gregg shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

You'll get a complete test preparation routine organized around proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.

The companion CD contains the powerful Pearson IT Certification Practice Test engine, complete with hundreds of exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most, so you can succeed on the exam the first time.

This study guide helps you master all the topics on the CEH v8 (312-50) exam, including

  • Ethical hacking basics
  • Technical foundations of hacking
  • Footprinting and scanning
  • Enumeration and system hacking
  • Linux distros and automated assessment tools
  • Trojans and backdoors
  • Sniffers, session hijacking, and denial of service
  • Web server hacking, web applications, and database attacks
  • Wireless technologies, mobile security, and mobile attacks
  • IDS, firewalls, and honeypots
  • Buffer overflows, viruses, and worms
  • Cryptographic attacks and defenses
  • Physical security and social engineering

Companion CD

The CD contains two free, complete practice exams, plus memory tables and answers to help you study more efficiently and effectively.

Pearson IT Certification Practice Test minimum system requirements:

Windows XP (SP3), Windows Vista (SP2), Windows 7, or Windows 8; Microsoft .NET Framework 4.0 Client; Pentium class 1GHz processor (or equivalent); 512MB RAM; 650MB disc space plus 50MB for each downloaded practice exam; access to the Internet to register and download exam databases

Premium Edition

Certified Ethical Hacker (CEH) Cert Guide, Premium Edition eBook and Practice Test

Save 50% - Limited Time, Introductory Offer

The exciting new Certified Ethical Hacker (CEH) Cert Guide, Premium Edition eBook and Practice Testis a digital-only certification preparation product combining an eBook with enhanced Pearson IT Certification Practice Test. The Premium Edition eBook and Practice Test contains the following items:

  • The CEH Premium Edition Practice Test, including four full practice exams and enhanced practice test features
  • PDF and EPUB formats of the Certified Ethical Hacker (CEH) Cert Guide from Pearson IT Certification, which are accessible via your PC, tablet, and smartphone

About the Premium Edition Practice Test

This Premium Edition contains an enhanced version of the Pearson IT Certification Practice Test (PCPT) software with four full practice exams. In addition, it contains all the chapter-opening assessment questions from the book. This integrated learning package

  • Enables you to focus on individual topic areas or take complete, timed exams
  • Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions
  • Provides unique sets of exam-realistic practice questions
  • Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most

Pearson IT Certification Practice Test minimum system requirements:

Windows XP (SP3), Windows Vista (SP2), Windows 7, or Windows 8; Microsoft .NET Framework 4.0 Client; Pentium class 1GHz processor (or equivalent); 512MB RAM; 650MB disc space plus 50MB for each downloaded practice exam; access to the Internet to register and download exam databases

About the Premium Edition eBook

Learn, prepare, and practice for CEH exam success with this study guide from Pearson IT Certification, a leader in IT certification learning.

  • Master CEH exam topics
  • Assess your knowledge with chapter-ending quizzes
  • Review key concepts with exam preparation tasks
  • Practice with realistic exam questions on the DVD

Certified Ethical Hacker (CEH) Cert Guide is a best-of-breed exam study guide from Pearson IT Certification, a leader in IT certification learning. Leading security consultant and certification expert Michael Gregg shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

Certified Ethical Hacker (CEH) Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.

Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

The study guide helps you master all the topics on the CEH v8 (312-50) exam, including

  • Ethical hacking basics
  • Technical foundations of hacking
  • Footprinting and scanning
  • Enumeration and system hacking
  • Linux and automated assessment tools
  • Trojans and backdoors
  • Sniffers, session hijacking, and denial of service
  • Web server hacking, web applications, and database attacks
  • Wireless technologies, mobile security, and mobile attacks
  • IDS, firewalls, and honeypots
  • Buffer overflows, viruses, and worms
  • Cryptographic attacks and defenses
  • Physical security and social engineering

Sample Content

Online Sample Chapter

Certified Ethical Hacker Cert Guide: Enumeration and System Hacking

Sample Pages

Download the sample pages (includes Chapter 4)

Table of Contents

Introduction xxiii

Chapter 1 Ethical Hacking Basics 3

“Do I Know This Already?” Quiz 3

Foundation Topics 6

Security Fundamentals 6

    Goals of Security 7

    Risk, Assets, Threats, and Vulnerabilities 8

    Defining an Exploit 10

Security Testing 10

    No-Knowledge Tests (Black Box) 11

    Full-Knowledge Testing (White Box) 11

    Partial-Knowledge Testing (Gray Box) 11

    Types of Security Tests 12

Hacker and Cracker Descriptions 13

    Who Attackers Are 15

    Hacker and Cracker History 16

Ethical Hackers 17

    Required Skills of an Ethical Hacker 18

    Modes of Ethical Hacking 19

Test Plans–Keeping It Legal 21

    Test Phases 23

    Establishing Goals 24

    Getting Approval 25

    Ethical Hacking Report 25

    Vulnerability Research–Keeping Up with Changes 26

Ethics and Legality 27

    Overview of U.S. Federal Laws 28

    Compliance Regulations 30

Chapter Summary 31

Exam Preparation Tasks 32

Review All Key Topics 32

Hands-On Labs 32

    Lab 1-1 Examining Security Policies 32

Review Questions 33

Define Key Terms 36

View Recommended Resources 36

Chapter 2 The Technical Foundations of Hacking 39

“Do I Know This Already?” Quiz 39

Foundation Topics 42

The Attacker’s Process 42

    Performing Reconnaissance and Footprinting 42

    Scanning and Enumeration 43

    Gaining Access 44

    Escalation of Privilege 45

    Maintaining Access 45

    Covering Tracks and Planting Backdoors 45

The Ethical Hacker’s Process 46

    National Institute of Standards and Technology 47

    Operational Critical Threat, Asset, and Vulnerability Evaluation 47

    Open Source Security Testing Methodology Manual 48

Security and the Stack 48

    The OSI Model 48

    Anatomy of TCP/IP Protocols 51

        The Application Layer 53

        The Transport Layer 57

        The Internet Layer 60

        The Network Access Layer 65

Chapter Summary 67

Exam Preparation Tasks 67

Review All Key Topics 67

Define Key Terms 68

Exercises 68

    2.1 Install a Sniffer and Perform Packet Captures 68

    2.2 List the Protocols, Applications, and Services Found at Each Layer of the Stack 70

Review Questions 71

Suggested Reading and Resources 75

Chapter 3 Footprinting and Scanning 77

“Do I Know This Already?” Quiz 77

Foundation Topics 80

The Seven-Step Information-Gathering Process 80

    Information Gathering 80

        Documentation 80

        The Organization’s Website 81

        Job Boards 83

        Employee and People Searches 84

        EDGAR Database 87

        Google Hacking 88

        Usenet 92

        Registrar Query 93

        DNS Enumeration 96

    Determine the Network Range 101

        Traceroute 101

Identifying Active Machines 104

Finding Open Ports and Access Points 105

    Nmap 112

    SuperScan 115

    THC-Amap 115

    Scanrand 116

    Hping 116

    Port Knocking 117

    War Dialers 117

    War Driving 118

OS Fingerprinting 118

    Active Fingerprinting Tools 120

    Fingerprinting Services 122

        Default Ports and Services 122

        Finding Open Services 123

Mapping the Network Attack Surface 125

    Manual Mapping 125

    Automated Mapping 125

Chapter Summary 127

Exam Preparation Tasks 127

Review All Key Topics 127

Define Key Terms 128

Command Reference to Check Your Memory 128

Exercises 129

    3.1 Performing Passive Reconnaissance 129

    3.2 Performing Active Reconnaissance 130

Review Questions 131

Suggested Reading and Resources 134

Chapter 4 Enumeration and System Hacking 137

“Do I Know This Already?” Quiz 137

Foundation Topics 140

Enumeration 140

    Windows Enumeration 140

    Windows Security 142

    NetBIOS and LDAP Enumeration 143

        NetBIOS Enumeration Tools 145

    SNMP Enumeration 148

    Linux/UNIX Enumeration 149

    NTP Enumeration 150

    SMTP Enumeration 150

    DNS Enumeration 151

System Hacking 151

    Nontechnical Password Attacks 151

    Technical Password Attacks 152

        Password Guessing 152

        Automated Password Guessing 153

        Password Sniffing 154

        Keystroke Loggers 155

    Privilege Escalation and Exploiting Vulnerabilities 155

    Exploiting an Application 156

    Exploiting a Buffer Overflow 156

    Owning the Box 157

        Authentication Types 158

        Cracking the Passwords 159

    Hiding Files and Covering Tracks 162

        File Hiding 163

Chapter Summary 165

Exam Preparation Tasks 165

Review All Key Topics 165

Define Key Terms 166

Command Reference to Check Your Memory 166

Exercise 166

    4.1 NTFS File Streaming 166

Review Questions 167

Suggested Reading and Resources 171

Chapter 5 Linux and Automated Assessment Tools 173

“Do I Know This Already?” Quiz 173

Foundation Topics 176

Linux 176

    Linux or Windows? Picking the Right Platform 176

    Linux File Structure 177

    Linux Basics 179

        Passwords and the Shadow File 182

        Linux Passwords 183

    Compressing, Installing, and Compiling Linux 185

Hacking Linux 186

    Reconnaissance 186

    Scanning 186

    Enumeration 188

    Gaining Access 188

    Privilege Escalation 190

    Maintaining Access and Covering Tracks 191

Hardening Linux 194

Automated Assessment Tools 196

    Automated Assessment Tools 196

        Source Code Scanners 197

        Application-Level Scanners 197

        System-Level Scanners 198

Automated Exploit Tools 201

Chapter Summary 203

Exam Preparation Tasks 204

Review All Key Topics 204

Define Key Terms 204

Command Reference to Check Your Memory 205

Exercises 205

    5.1 Downloading and Running Backtrack 205

    5.2 Using Backtrack to Perform a Port Scan 206

    5.3 Creating a Virtual Machine 206

    5.4 Cracking Passwords with John the Ripper 207

Review Questions 208

Suggested Reading and Resources 210

Chapter 6 Trojans and Backdoors 213

“Do I Know This Already?” Quiz 213

Foundation Topics 216

Trojans 216

    Trojan Types 216

    Trojan Ports and Communication Methods 217

    Trojan Goals 219

    Trojan Infection Mechanisms 219

    Effects of Trojans 220

    Trojan Tools 221

    Distributing Trojans 225

    Trojan Tool Kits 226

Covert Communication 227

    Covert Communication Tools 231

        Port Redirection 232

        Other Redirection and Covert Tools 234

Keystroke Logging and Spyware 235

    Hardware 236

    Software 236

    Spyware 237

Trojan and Backdoor Countermeasures 238

Chapter Summary 240

Exam Preparation Tasks 241

Review All Key Topics 241

Define Key Terms 242

Command Reference to Check Your Memory 242

Exercises 243

    6.1 Finding Malicious Programs 243

    6.2 Using a Scrap Document to Hide Malicious Code 244

    6.3 Using Process Explorer 244

Review Questions 246

Suggested Reading and Resources 248

Chapter 7 Sniffers, Session Hijacking, and Denial of Service 251

“Do I Know This Already?” Quiz 251

Foundation Topics 254

Sniffers 254

    Passive Sniffing 254

    Active Sniffing 255

        Address Resolution Protocol 255

        ARP Poisoning and Flooding 256

    Tools for Sniffing 260

        Wireshark 260

        Other Sniffing Tools 262

    Sniffing and Spoofing Countermeasures 263

Session Hijacking 264

    Transport Layer Hijacking 264

        Predict the Sequence Number 265

        Take One of the Parties Offline 267

        Take Control of the Session 267

    Application Layer Hijacking 267

        Session Sniffing 267

        Predictable Session Token ID 268

        Man-in-the-Middle Attacks 268

        Man-in-the-Browser Attacks 269

        Client-Side Attacks 269

    Session-Hijacking Tools 271

    Preventing Session Hijacking 273

Denial of Service, Distributed Denial of Service, and Botnets 274

    Types of DoS 275

        Bandwidth Attacks 276

        SYN Flood Attacks 277

        Program and Application Attacks 277

    Distributed Denial of Service 278

        DDoS Tools 280

    Botnets 282

    DoS, DDOS, and Botnet Countermeasures 285

Summary 288

Exam Preparation Tasks 289

Review All Key Topics 289

Define Key Terms 290

Exercises 290

    7.1 Scanning for DDoS Programs 290

    7.2 Using SMAC to Spoof Your MAC Address 291

Review Questions 291

Suggested Reading and Resources 294

Chapter 8 Web Server Hacking, Web Applications, and Database Attacks 297

“Do I Know This Already?” Quiz 297

Foundation Topics 300

Web Server Hacking 300

    Scanning Web Servers 302

        Banner Grabbing and Enumeration 302

    Web Server Vulnerability Identification 306

    Attacks Against Web Servers 307

        IIS Vulnerabilities 308

        Securing IIS and Apache Web Servers 312

Web Application Hacking 314

    Unvalidated Input 315

    Parameter/Form Tampering 315

    Injection Flaws 315

    Cross-Site Scripting and Cross-Site Request Forgery Attacks 316

    Hidden Field Attacks 317

        Other Web Application Attacks 318

    Web-Based Authentication 319

    Web-Based Password Cracking and Authentication Attacks 320

        Cookies 324

        URL Obfuscation 324

    Intercepting Web Traffic 326

Database Hacking 329

    Identifying SQL Servers 330

    SQL Injection Vulnerabilities 331

    SQL Injection Hacking Tools 333

Summary 334

Exam Preparation Tasks 335

Review All Key Topics 335

Define Key Terms 336

Exercise 336

    8.1 Hack the Bank 336

Review Questions 337

Suggested Reading and Resources 339

Chapter 9 Wireless Technologies, Mobile Security, and Attacks 341

“Do I Know This Already?” Quiz 341

Foundation Topics 344

Wireless Technologies 344

    Wireless History 344

    Satellite TV 344

    Cordless Phones 346

    Cell Phones and Mobile Devices 346

    Mobile Devices 348

        Smartphone Vulnerabilities and Attack Vectors 349

        Android 350

        iOS 352

        Windows Phone 8 352

        BlackBerry 353

        Mobile Device Management and Protection 353

    Bluetooth 354

Wireless LANs 355

    Wireless LAN Basics 355

    Wireless LAN Frequencies and Signaling 357

    Wireless LAN Security 358

    Wireless LAN Threats 361

        Eavesdropping 362

        Configured as Open Authentication 363

        Rogue and Unauthorized Access Points 363

        Denial of Service (DoS) 365

    Wireless Hacking Tools 366

        Discover WiFi Networks 366

        Perform GPS Mapping 367

        Wireless Traffic Analysis 367

        Launch Wireless Attacks 368

        Crack and Compromise the WiFi Network 368

    Securing Wireless Networks 369

        Defense in Depth 369

        Site Survey 371

        Robust Wireless Authentication 372

        Misuse Detection 373

Summary 374

Exam Preparation Tasks 374

Review All Key Topics 375

Define Key Terms 375

Review Questions 375

Suggested Reading and Resources 378

Chapter 10 IDS, Firewalls, and Honeypots 381

“Do I Know This Already?” Quiz 381

Intrusion Detection Systems 385

    IDS Types and Components 385

    Pattern Matching and Anomaly Detection 387

    Snort 388

    IDS Evasion 392

        IDS Evasion Tools 394

Firewalls 395

    Firewall Types 395

        Network Address Translation 395

        Packet Filters 396

        Application and Circuit-Level Gateways 398

        Stateful Inspection 399

    Identifying Firewalls 400

    Bypassing Firewalls 402

Honeypots 407

    Types of Honeypots 408

    Detecting Honeypots 409

Summary 410

Exam Preparation Tasks 411

Review All Key Topics 411

Define Key Terms 411

Review Questions 412

Suggested Reading and Resources 414

Chapter 11 Buffer Overflows, Viruses, and Worms 417

“Do I Know This Already?” Quiz 417

Foundation Topics 420

Buffer Overflows 420

    What Is a Buffer Overflow? 420

    Why Are Programs Vulnerable? 421

    Understanding Buffer-Overflow Attacks 423

    Common Buffer-Overflow Attacks 426

    Preventing Buffer Overflows 427

Viruses and Worms 429

    Types and Transmission Methods of Viruses 429

    Virus Payloads 431

    History of Viruses 432

    Well-Known Viruses 434

        The Late 1980s 434

        The 1990s 434

        2000 and Beyond 435

    Virus Tools 438

    Preventing Viruses 439

    Antivirus 440

    Malware Analysis 442

        Static Analysis 442

        Dynamic Analysis 445

Summary 446

Exam Preparation Tasks 447

Review All Key Topics 447

Define Key Terms 447

Exercises 448

    11.1 Locating Known Buffer Overflows 448

    11.2 Review CVEs and Buffer Overflows 449

Review Questions 449

Suggested Reading and Resources 451

Chapter 12 Cryptographic Attacks and Defenses 453

“Do I Know This Already?” Quiz 453

Foundation Topics 456

Functions of Cryptography 456

History of Cryptography 457

Algorithms 459

    Symmetric Encryption 460

        Data Encryption Standard (DES) 461

        Advanced Encryption Standard (AES) 463

        Rivest Cipher (RC) 463

        Asymmetric Encryption (Public Key Encryption) 464

        RSA 465

        Diffie-Hellman 465

        ElGamal 466

        Elliptic Curve Cryptography (ECC) 466

    Hashing 466

        Digital Signature 467

        Steganography 468

        Steganography Operation 469

        Steganographic Tools 470

        Digital Watermark 472

        Digital Certificates 473

Public Key Infrastructure 474

    Trust Models 475

        Single Authority 475

        Hierarchical Trust 476

        Web of Trust 476

Protocols, Standards, and Applications 477

    Encryption Cracking and Tools 479

        Weak Encryption 481

    Encryption-Cracking Tools 482

Summary 483

Exam Preparation Tasks 484

Review All Key Topics 484

Define Key Terms 484

Exercises 485

    12.1 Examining an SSL Certificate 485

    12.2 Using PGP 486

    12.3 Using a Steganographic Tool to Hide a Message 487

Review Questions 487

Suggested Reading and Resources 490

Chapter 13 Physical Security and Social Engineering 493

“Do I Know This Already?” Quiz 493

Foundation Topics 496

Physical Security 496

    Threats to Physical Security 496

    Equipment Controls 499

        Locks 499

        Fax Machines 504

    Area Controls 505

    Location Data and Geotagging 506

    Facility Controls 508

    Personal Safety Controls 510

        Fire Prevention, Detection, and Suppression 510

    Physical Access Controls 511

        Authentication 511

    Defense in Depth 512

Social Engineering 513

    Six Types of Social Engineering 513

    Person-to-Person Social Engineering 514

    Computer-Based Social Engineering 514

    Reverse Social Engineering 515

    Policies and Procedures 515

        Employee Hiring and Termination Policies 516

        Help Desk Procedures and Password Change Policies 516

        Employee Identification 516

        Privacy Policies 517

        Governmental and Commercial Data Classification 518

        User Awareness 519

Summary 519

Exam Preparation Tasks 520

Review All Key Topics 520

Define Key Terms 521

Exercises 521

    13.1 Biometrics and Fingerprint Recognition 521

Review Questions 522

Suggested Reading and Resources 524

Chapter 14 Final Preparation 527

Tools for Final Preparation 527

    Pearson Cert Practice Test Engine and Questions on the CD 527

        Install the Software from the CD 527

        Activate and Download the Practice Exam 528

        Activating Other Exams 529

        Premium Edition 529

    Memory Tables 530

    End-of-Chapter Review Tools 530

Suggested Plan for Final Review and Study 530

Summary 532

Glossary 535

Practice Exam 1 EC-Council CEH 312-50 561

Practice Exam 2 EC-Council CEH 312-50 603

Appendix A Answers to the “Do I Know This Already?” Quizzes and Review Questions (CD only)

Appendix B Memory Tables (CD only)

Appendix C Memory Table Answer Key (CD only)

9780789751270   TOC   11/4/2013

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020