Document Details

WellWishersBaroque4583

Uploaded by WellWishersBaroque4583

Singapore Institute of Technology

Tags

ethical hacking security penetration testing cybersecurity

Summary

This document provides a summary of ethical hacking concepts, including its definition, objectives, and process. It details penetration testing models and physical security measures. The content covers key aspects of information security, including ethical hacking techniques and certifications.

Full Transcript

Ethical Hacking Summary Key Concepts in Ethical Hacking: 1. Definition of Ethical Hacking: Ethical hacking involves breaking into systems legally with permission from the target's owner to identify vulnerabilities and security weaknesses. 2. Objectives of Ethical Hacking: - Conduct authoriz...

Ethical Hacking Summary Key Concepts in Ethical Hacking: 1. Definition of Ethical Hacking: Ethical hacking involves breaking into systems legally with permission from the target's owner to identify vulnerabilities and security weaknesses. 2. Objectives of Ethical Hacking: - Conduct authorized security investigations. - Assess security posture, report vulnerabilities, and recommend fixes. - Ethical hackers use similar tools and methods as attackers but do so in a non-destructive manner. 3. Penetration Testing: - Involves examining systems, discovering vulnerabilities, and reporting findings. - Ethical hackers deliver a report with specific advice for fixing vulnerabilities. 4. Ethical Hacking Process: - Reconnaissance: Gather information on the target. - Scanning and Enumeration: Identify open ports, services, and vulnerabilities. - Gaining Access: Exploit vulnerabilities to enter the system. - Maintaining Access: Set up backdoors for future access. - Covering Tracks: Hide any signs of intrusion. 5. Penetration Testing Models: - White Box Testing: Tester has full knowledge of the system. - Black Box Testing: Tester has no prior knowledge of the system. - Gray Box Testing: Tester has partial knowledge of the system. 6. Physical Access Exploits: - Techniques like tailgating and lock bumping can give attackers physical access to systems. 7. Defense Against Physical Access: - Implement physical security measures like badges, biometrics, and surveillance systems. 8. Certifications: - Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), among others.

Use Quizgecko on...
Browser
Browser