Chapter 8 - 04 - Discuss Ethical Hacking Concepts - 01_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
EG-Council
Tags
Related
- Chapter 8 - 04 - Discuss Ethical Hacking Concepts - 02_ocred.pdf
- IoT Security - Introduction to IoT Security PDF
- Western Governors University Certified Ethical Hacker (CEH) Version 12 eBook PDF
- NPTEL Online Certification Courses: Ethical Hacking Lecture Notes PDF
- ECCouncil Certified Ethical Hacker Exam (CEHv12) 312-50v12 PDF
- Ethical Hacking CYB 0206 Chapter 1 PDF
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Module Flow Discuss Threat Hunting...
Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Module Flow Discuss Threat Hunting Discuss Various Threat Intelligence Feeds and Sources Discuss Vulnerability Assessment Discuss Ethical Hacking Concepts Understand Fundamentals of Penetration Testing and its Benefits Understand the Fundamentals of Configuration Management and Asset Management Discuss Ethical Hacking Concepts An ethical hacker follows processes similar to those of a malicious hacker. The steps to gain and maintain access to a computer system are similar irrespective of the hacker’s intentions. This section provides an overview of ethical hacking, why ethical hacking is necessary, the scope and limitations of ethical hacking, and the skills of an ethical hacker. Module 08 Page 1084 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools What is Ethical Hacking? @ Ethical hacking @ It focuses on simulating Ethical hackers involves the use of the techniques used by perform security hacking tools, tricks, attackers to verify the assessments for an and techniques to existence of exploitable organization with the identify vulnerabilities vulnerabilities in a permission of and ensure system system’s security concerned authorities security All Rights Reserved. Reproduction is Strictly Prohibited. What is Ethical Hacking? Ethical hacking is the practice of employing computer and network skills in order to assist organizations in testing their network security for possible loopholes and vulnerabilities. White Hats (also known as security analysts or ethical hackers) are the individuals or experts who perform ethical hacking. Nowadays, most organizations (such as private companies, universities, and government organizations) are hiring White Hats to assist them in enhancing their cybersecurity. They perform hacking in ethical ways, with the permission of the network or system owner and without the intention to cause harm. Ethical hackers report all vulnerabilities to the system and network owner for remediation, thereby increasing the security of an organization’s information system. Ethical hacking involves the use of hacking tools, tricks, and techniques typically used by an attacker to verify the existence of exploitable vulnerabilities in system security. Today, the term hacking is closely associated with illegal and unethical activities. There is continuing debate as to whether hacking can be ethical or not, given the fact that unauthorized access to any system is a crime. Consider the following definitions: * The noun “hacker” refers to a person who enjoys learning the details of computer systems and stretching their capabilities. = The verb “to hack” describes the rapid development of new programs or the reverse engineering of existing software to make it better or more efficient in new and innovative ways. = The terms “cracker” and “attacker” refer to persons who employ their hacking skills for offensive purposes. Module 08 Page 1085 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools = The term “ethical hacker” refers to security professionals who employ their hacking skills for defensive purposes. Most companies employ IT professionals to audit their systems for known vulnerabilities. Although this is a beneficial practice, crackers are usually more interested in using newer, lesser-known vulnerabilities, and so these by-the-numbers system audits do not suffice. A company needs someone who can think like a cracker, keep up with the newest vulnerabilities and exploits, and recognize potential vulnerabilities where others cannot. This is the role of the ethical hacker. Ethical hackers usually employ the same tools and techniques as hackers, with the important exception that they do not damage the system. They evaluate system security, update the administrators regarding any discovered vulnerabilities, and recommend procedures for patching those vulnerabilities. The important distinction between ethical hackers and crackers is consent. Crackers attempt to gain unauthorized access to systems, while ethical hackers are always completely open and transparent about what they are doing and how they are doing it. Ethical hacking is, therefore, always legal. Module 08 Page 1086 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Why Ethical Hacking is Necessary To beat a hackezr, hacker, you need to think like one! @ Ethical hacking is necessary as it allows for counter attacks against malicious hackers through anticipating the methods used to break into the system Reasons why organizations recruit ethical hackers E To prevent hackers from gaining access To provide adequate preventive measures a v to the organization’s information systems in order to avoid security breaches 9 To uncover vulnerabilities in systems and To help safeguard customer data explore their potential as a security risk B @ :“ To analyze and strengthen an organization’s To enhance security awareness at all 0% security posture levels in a business Copyright ©© by Copyright by I L. All Rights Reserved. Reproduction is Strictly Prohibited Prohibited. Why Ethical Hacking is Necessary (Cont’d) Ethical Hackers Try to Answer the Following Questions S [ 1— 2 1 3 What can an intruder What can an intruder Does anyone at the see on the target do with that target organization system? information? (Gaining notice the intruders’ (Reconnaissance and Access and attempts or successes? Scanning phases) Maintaining Access (Reconnaissance and phases) Covering Tracks phases) ) ] 4 ] S 5) — | [vs——— = 6 Are all components of How much time, Are the information the information effort, and money are security measures in system adequately required to obtain compliance with legal protected, updated, adequate protection? and industry and patched? standards? Copyright © by E EC-Co cil. All Rights Reserved. Cil. Reproduction isis Strictly erved. Reproduction Strictly Prohibited. Prohibited. Why Ethical Hacking is Necessary As technology is growing at a faster pace, so is the growth in the risks associated with it. To beat a hacker, it is necessary to think like one! Ethical hacking is necessary as it allows to counter attacks from malicious hackers by anticipating methods used by them to break into a system. Ethical hacking helps to predict various possible vulnerabilities well in advance and rectify them without incurring any kind of Module 08 Page 1087 EC-Council Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools outside attack. As hacking involves creative thinking, vulnerability testing, and security audits alone cannot ensure that the network is secure. To achieve security, organizations must implement a “defense-in-depth” strategy by penetrating their networks to estimate and expose vulnerabilities. Reasons why organizations recruit ethical hackers = To prevent hackers from gaining access to the organization’s information systems = To uncover vulnerabilities in systems and explore their potential as a risk = To analyze and strengthen an organization’s security posture, including policies, network protection infrastructure, and end-user practices = To provide adequate preventive measures in order to avoid security breaches = To help safeguard the customer data = To enhance security awareness at all levels in a business An ethical hacker’s evaluation of a client’s information system security seeks to answer three basic questions: 1. What can an attacker see on the target system? Normal security checks by system administrators will often overlook vulnerabilities. The ethical hacker has to think about what an attacker might see during the reconnaissance and scanning phases of an attack. 2. What can an intruder do with that information? The ethical hacker must discern the intent and purpose behind attacks to determine appropriate countermeasures. During the gaining-access and maintaining-access phases of an attack, the ethical hacker needs to be one step ahead of the hacker in order to provide adequate protection. 3. Are the attackers’ attempts being noticed on the target systems? Sometimes attackers will try to breach a system for days, weeks, or even months. Other times they will gain access but will wait before doing anything damaging. Instead, they will take the time to assess the potential use of exposed information. During the reconnaissance and covering tracks phases, the ethical hacker should notice and stop the attack. After carrying out attacks, hackers may clear their tracks by modifying log files and creating backdoors, or by deploying trojans. Ethical hackers must investigate whether such activities have been recorded and what preventive measures have been taken. This not only provides them with an assessment of the attacker’s proficiency but also gives them insight into the existing security measures of the system being evaluated. The entire process of ethical hacking and subsequent patching of discovered vulnerabilities depends on questions such as: = What is the organization trying to protect? = Against whom or what are they trying to protect it? Module 08 Page 1088 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools = Are all the components of the information system adequately protected, updated, and patched? = How much time, effort, and money is the client willing to invest to gain adequate protection? = Do the information security measures comply with industry and legal standards? Sometimes, in order to save on resources or prevent further discovery, the client might decide to end the evaluation after the first vulnerability is found; therefore, it is important that the ethical hacker and the client work out a suitable framework for investigation beforehand. The client must be convinced of the importance of these security exercises through concise descriptions of what is happening and what is at stake. The ethical hacker must also remember to convey to the client that it is never possible to guard systems completely, but that they can always be improved. Module 08 Page 1089 Certified Cybersecurity Technician Copyright © by EC-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited.