Here is the second lecture of Ethical Hacking, if you miss the first lecture then visit it here, [ Basic Concept Using in Ethical Hacking ].
Here are some more terminology which is used in Ethical Hacking.
Attack:- An assault on system security that derives from an intelligent threat. An attack is any action that violates security.
Exploit:- A defined way to breach the security of an IT system through vulnerability.
Threat:- An action or event that might prejudice security. A threat is a potential violation of security.
Vulnerability:- Existence of a weakness, design or implementation error that can lead to an unexpected undesirable event compromising the security of the system.
Now What is Ethical Hacking?
Ethical Hacking also known as penetration testing or white-hat hacking, it involves the same tools, tricks and techniques that hacker use but with difference.
‘If you know the enemy and know yourself, you need not fear the result of a hundred battles.’ Says Sun Tzu
Here are some more saying about ethical hacking.
- Ethical hacking is legal.
- Ethical hacking is performed with the target’s permission.
- The internet of ethical hacking is to discover vulnerabilities form a hacker’s viewpoint so system can be better secured.
- Ethical hackers perform the hacks as security tests for their system.
- An Ethical hacker possesses the skills, mindset and the tools of a hacker but is also trustworthy.
Skill Profile of an Ethical Hacker?
- Computer expert adept at technical domains.
- In-depth knowledge in OS(Such as windows, Linux, Unix)
- Exemplary knowledge in networking and related hardware/software.
Modes of Ethical Hacking:-
Modes of ethical hacking shows the different methods for different-2 type attacks.
1. Remote Network:- This mode attempts to simulate an intruder launch an attack over the Internet.
2. Remote Dial-up Network:- This mode attempts to simulate an intruder launching an attack against the client’s modem pools.
3. Local Network:- This mode simulates an employee with legal access gaining unauthorized access over the local network.
4. Stolen Equipment:- This mode simulates theft of an critical information resource such as a laptop owned by a strategist.
5. Social Engineering:- This aspect attempts to check the integrity of the organization’s employees.
6. Physical Entry:- This mode attempts to physically compromise the organization ICT infrastructure.