Ethical Hacking Essay

1144 words - 5 pages

Chapter 1 Ethical Hacking Overview


 

Describe the role of an ethical hacker
Describe what you can do legally as an ethical hacker Describe what you cannot do as an ethical hacker

Hands-On Ethical Hacking and Network Defense

2

Ethical hackers
 Employed by companies to perform penetration tests

Penetration test
 Legal attempt to break into a company’s network to find

its weakest link
 Tester only reports findings, does not solve problems

Security test
 More than an attempt to break in; also includes analyzing

company’s security policy and procedures
 Tester offers solutions to secure or protect the network
Hands-On Ethical Hacking ...view middle of the document...

com (Link Ch 1g)
Hands-On Ethical Hacking and Network Defense 9

Hands-On Ethical Hacking and Network Defense

10

Black box model
 Company staff does not know about the test

 Tester is not given details about the network
▪ Burden is on the tester to find these details

 Tests if security personnel are able to detect an

attack

Hands-On Ethical Hacking and Network Defense

11

Gray box model
 Hybrid of the white and black box models  Company gives tester partial information

Hands-On Ethical Hacking and Network Defense

12


Certification programs available in almost every area of network security
Basics:
 CompTIA Security+ (CNIT 120)  Network+ (CNIT 106 or 201)

Hands-On Ethical Hacking and Network Defense

13

CNIT is a Prometric Vue testing center
 Certification tests are given in S214  CompTIA and Microsoft  The next tests will be in the second week of April,

right after Spring Break
 Email sbowne@ccsf.edu if you want to take a test

Hands-On Ethical Hacking and Network Defense

14

Is it good?

15

Designated by the Institute for Security and Open Methodologies (ISECOM)
 Uses the Open Source Security Testing

Methodology Manual (OSSTMM)
 Test is only offered in Connecticut and outside the

USA, as far as I can tell

16

Issued by the International Information Systems Security Certifications Consortium (ISC2) Usually more concerned with policies and procedures than technical details Web site
 www.isc2.org
17


SysAdmin, Audit, Network, Security (SANS)
Offers certifications through Global Information Assurance Certification (GIAC)

Top 20 list
 One of the most popular SANS Institute documents  Details the most common network exploits  Suggests ways of correcting vulnerabilities

Web site
 www.sans.org
Hands-On Ethical Hacking and Network Defense 18

 

Laws involving technology change as rapidly as technology itself
Find what is legal for you locally
 Laws change from place to place

Be aware of what is allowed and what is not allowed

Hands-On Ethical Hacking and Network Defense

19


  

Tools on your computer might be illegal to possess Contact local law enforcement agencies before installing hacking tools
Written words are open to interpretation Governments are getting more serious about punishment for cybercrimes
Hands-On Ethical Hacking and Network Defense 20

Hands-On Ethical Hacking and Network Defense

21

  

Some states deem it legal Not always the case Federal Government does not...

Other Papers Like Ethical Hacking

Monkeys Essay

307 words - 2 pages & Answers 1. What is Zenmap typically used for? How is it related to Nmap? Describe a scenario in which you would use this type of application. 2. Which application can be used to perform a vulnerability assessment scan in the reconnaissance phase of the ethical hacking process? 3. What must you obtain before you begin the ethical hacking process or penetration test on a live production network, even before performing the reconnaissance step

Chemistry Essay

4728 words - 19 pages White hat hackers are the ethical, legal hackers (2002). Companies pay them to find holes in software or networks and fix the problems. The difference between white hat hackers and black hat hackers is that white hats have permission to carry out their attacks on a company to fix the problems. (2) A majority of company owners say that white hat protection is the only true way to ensue security in their businesses. White hats use the same

Is Responsible Business Important?

638 words - 3 pages emphasis that they regret not acting faster to sort the problem. So the ‘phone hacking’ scandal lead to more victims who has suffered from the event and the impacts become worse in the sociality. As we known, timing is important in ethical behaviour. They can create a positive image of a business that boosts the growth and sales by increasing consumer trust. On the other hand, breaching business ethics could create serious damage; causing

Building An Access Control System

996 words - 4 pages information on desktops, laptops, tablets and smart phones. Thinking like a hacker and understanding a hacker’s tactics and scams could make you aware and become more effective when applying countermeasures. There are several methods for carrying out ethical hacking, the most common are limited vulnerability and penetration testing. Limited vulnerability analysis, focus on entry points to gather critical systems and data. By understanding the basic

Vulnerability Assessment Scan

572 words - 3 pages containing maximum two or three sentences. Q1: What is Zenmap typically used for? Describe a scenario in which you would use this type of application. If necessary, use screenshot image to support your answer. (11 points) Answer to Q1) Q2: Which application can be used to perform a vulnerability assessment scan in the reconnaissance phase of the ethical hacking process? If necessary, use screenshot image to support your answer. (11 points

We Have a Problem

565 words - 3 pages to another machine, hacking, dumpster diving, social engineering, bribery, and hiring away key employees. I believe Corporate Intelligence is an ethical issue because it is “the collection and analysis of information on markets, technologies, customers, and competitors, as well as on socioeconomic and external political trends” (Ferrell, Fraedrich & Ferrell, 2011). First, there are the problems that arise with the obtaining of corporate

Unit 4 Business Communication

458 words - 2 pages Unit 4 Business Communication P5 Explain the legal and ethical issues in relation to the use of business information In this P5 I’m going to explain the legal and ethical issues of tesco. Legal issues • Data Protection Act 1998 • Freedom of Information Act 2000 • The Computer Misuse Act 1990 Data Protection Act 1998 The Data Protection Act 1998 regulates the processing of information relating to individuals, including

Sec Paper Testing

1886 words - 8 pages classification is tended to and all controls are executed in a way that doesn't permit somebody simple circumvention. [5] Penetrate Testing (Ethical Hacking): Penetration testing, as the name suggests, is centrally focused on objective association's barriers, trading off frameworks and accessing data. Ethical hacking is an extensive term that incorporates all hacking systems, and PC assault procedures to discover security measures with the consent

The Mysterious Blogger

857 words - 4 pages The Mysterious Blogger and the Veiled ID ETH/316 Ethics and Social Responsibility March 11, 2013 The Mysterious Blogger and the Veiled ID The ethical issues that are presented in: The Mysterious Blogger and the Veiled ID; were the leaking of confidential information by an employee and in the second dilemma was an employee who is Muslim could not remove her head scarf for a photo. My name is Stephanie Tetting Director

Ethics in It

2694 words - 11 pages ethically or morally wrong. However it does boil down to perception, morals, and possibly common sense. Dr. McFarland’s ideals and natural law can even be directed at ethical hacking. Ethical hacking and teaching intrusion methods can be a great way for students to learn real world skills. Looking at ethical hacking through natural law, the question once again is if ethical hacking is good and just. However, is it impossible to understand the mind

I Dunno

479 words - 2 pages In the following task set I will explain the legal, ethical and operational issues that affect St Charles use of information. I will be explaining what each of the three Acts are and how they are used in the College. As well as, briefly clarifying the ethical issues that affect St Charles’ use of email, internet, whistle blowing, organisational policies and information ownership. I will also identify and explain the operational issues in

Related Essays

Ethical Hacking Essay

1344 words - 6 pages What is Ethical Hacking Ethical hacking provides a way to determine the security of an information technology environment – at least from a technical point of view. As the name ethical hacking already tells, the idea has something to do with hacking. But what does “hacking” mean “The word hacking has two definitions. The first definition refers to the hobby/profession of working with computers. The second definition refers to breaking

Ethical Hacking Essay

879 words - 4 pages As the internet is growing there has been a higher demand for network security. With the higher demand comes a new form of job known as ethical hacking. An ethical hacker is a person that conducts penetration testing on networks to test the integrity of a network for any given business or corporation (White hat (computer security)). With this technique, corporations and businesses will have the assurance they need for protecting their personal

Ethical Hacking Essay

6482 words - 26 pages Ethical hacking by C. C. Palmer The explosive growth of the Internet has brought many good things: electronic commerce, easy access to vast stores of reference material, collaborative computing, e-mail, and new avenues for advertising and information distribution, to name a few. As with most technological advances, there is also a dark side: criminal hackers. Governments, companies, and private citizens around the world are anxious to be a part

Ethical Hacking Essay 635 Words

635 words - 3 pages What are Header files?        Header file contains different predefined functions, which are required to run the program. All header files should be included explicitly before main ( ) function.Header files are also called as Pre-compiled header. Here is some C programming header files ... * <assert.h> * <complex.h>  * <ctype.h> * <errno.h>   * <fenv.h>  * <float.h>  * &lt