SlideShare a Scribd company logo

Ethical Hacking

Download as PPTX, PDF
N
Namrata Raiyani

The document discusses ethical hacking and defines key related terms. It explains that ethical hacking involves assessing an IT environment for vulnerabilities by simulating attacks from a hacker's perspective. This is done to help organizations strengthen their security before real attackers can exploit weaknesses. The document outlines the process of ethical hacking including reconnaissance, scanning systems, gaining access, maintaining access, and covering tracks. It also defines different types of hackers like white hats, black hats, and gray hats based on their intentions.

Internet
1 of 32
Downloaded 95 times
1
2
Most read
3
4
Most read
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Most read
32
Guided By :- Miss Sangita Makhija Created By :- Name :- Raiyani Namrata Himmatbhai Exam No :- 973 1
 What is an ethical hacking?  Who is a hacker ?  Classes of hacker.  Process of ethical hacking.  Types of attacks on a system .  Why ethical hacking is needed?  Scope and limitations of ethical hacking.  What ethical hacker do?  Skills of an ethical hacker.  What is penetration testing?  Module summery. Created By :- Raiyani Namrata H. 2
Ethical hacking is an assessment to test and check an information technology environment for possible weak links and vulnerabilities.  Ethical hacking describes the process of hacking a network in an ethical way.  Ethical hacking is , what it can do , an ethical hacking methodology as well as some tools which can be used for an ethical hack . 1. What is an ethical hacking ? Created By :- Raiyani Namrata H. 3
2. Who is a hacker?  Intelligent individuals with excellent computer skill with the ability to create and explore into the computer software & hardware.  For some hackers , hacking is a hobby to see howmany comp- uters or networks they can compromise.  Their intension can either be to gain knowledge or to poke ar- ound to do illegal things.  Hackers can hack business data , credit card information , etc. Created By :- Raiyani Namrata H. 4
3. Classes of hackers. Class of hackerr Black Hats White Hats Gray Hats Suicide Hackers Created By :- Raiyani Namrata H. 5
 Black Hats  Individuals with extraordinary computing skills , resorting to malicious or destructive activities and are also known as crackers or dark -side hackers.  The term “black hat” comes from old westerns where the bad guys usually wore black hats and the good guys wore white ones.  hackers build things, crackers break things. - Good technical skill - Involved malicious and illegal activities. Created By :- Raiyani Namrata H. 6
 White Hats  Individuals professing hacker skill and using them for defensive purpose and are also known as security analyst .  who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems. - Use of knowledge and skills for defensive purpose , rather offensive Created By :- Raiyani Namrata H. 7
 Gray Hats  Individuals who work both offensive and defensively at various times . - Individuals who work both side :- ethical and malicious.  a grey hat hacker discovers a vulnerability, instead of telling the vendor how the exploit works, he or she may offer to repair it for a small fee. When one successfully gains illegal access to a system or network, he or she may suggest to the system administrator that one of his or her friends be hired to fix the problem; however, this practice has been declining due to the increasing willingness of businesses to prosecute. Created By :- Raiyani Namrata H. 8
Created By :- Raiyani Namrata H. 9 Suicide Hacker  Individuals who aim to bring down critical infrastructure for a“cause” and are not worried about facing 30 years in jail for their actions. - Suicide hacker can be good as well as bad .
4 . Process of Hacking Reconnaissance Scanning Gaining Access Maintaining Access Clearing Tracks Created By :- Raiyani Namrata H. 10
 Reconnaissance  Reconnaissance refer to the preparatory phase where an attacker seeks to gather information about a target prior to launching an attack.  There are two types reconnaissance :- 1) Passive Reconnaissance and 2) Active Reconnaissance . Created By :- Raiyani Namrata H. 11 1) Passive Reconnaissance Passive reconnaissance is an attempt to gain information about targeted computers and networks without actively engaging with the systems.
Created By :- Raiyani Namrata H. 12 2) Active Reconnaissance Active reconnaissance is a type of computer attack in which an intruder engages with the targeted sy- stem to gather information about vulnerabilities.
Created By :- Raiyani Namrata H. 13  Scanning  Scanning refers to the pre-attack phase when the attacker scans the network for specific information on the basis of information gathered during reconnaissance .  Scanning can include use of dialers , port scanner , network mapping vulnerability scanner , etc .  Attacker extract information such as computer names , IP address , and user account to launch attack .
Created By :- Raiyani Namrata H. 14  Gaining Access  Gaining access refers to the points where the attacker obtains access to the operating system or applications on the computer or networks .  The attacker can gain access at the operating system level , application level , or network level .  for example , password cracking , buffer overflows , denial of service , session hijacking , etc .
Created By :- Raiyani Namrata H. 15  Maintaining Access  Maintaining access refers to the phase when the attacker tries to retain his or her ownership of the system .  Attacker may prevent the system from being owned by other attacker by securing their exclusive access with backdoors , roolkits , or trozens .  Attacker use the compromised system to launch further attacks .
Created By :- Raiyani Namrata H. 16  Covering Tracks  Covering tracks refers to the activities carried buy an attacker to hide malicious acts .  The attacker overwrites the server , system and application logs to avoid suspicion .  The attacker’s intension include continuing access to the victim’s system , deleting evidence that might lead to his prosecution .
Created By :- Raiyani Namrata H. 17 5 . Types of attacks on a system  There are several an attacker can access to a system . The attacker must be able to exploit a weakness or vulnerability in a system .  There are four types attacks on a system :- 1) Operating system attack , 2) Application level attack , 3) Mis-configuration attack and 4) Shrink wrap code attack .
Created By :- Raiyani Namrata H. 18  Operating System Attack  Attackers search for operating system vulnerabilities and exploit them to gain access to a network system .  Some of the system vulnerabilities :- buffer overflow vulnerabilities , bugs in operating system , and unpatched operating system .
Created By :- Raiyani Namrata H. 19  Application Level Attack  Software applications come with tons of functionalities and features .  There is a dearth of time to perform complete testing before releasing products .
Created By :- Raiyani Namrata H. 20  Mis-Configuration Attack  If a system is misconfigured , such as change in made in the file permission , it can no longer be considered as secure .  The administrators are expected to change the configuration of the device before they are deployed in the network .  In order to optimize the configuration to the machine remove any redundant service or software .
Created By :- Raiyani Namrata H. 21 6. Why an ethical hacking is needed ? Ethical hacking Defense in depth strategy Counter the attacks  Ethical hacking is needed because it allows the countering of attacks from malicious hacker by anticipating method they can use to break into a system .
Created By :- Raiyani Namrata H. 22  Defense in Depth Service  There are seven types of defense in depth layers .  Data , Application , Host , Internal Network , Perimeter , Physical , Policies , Procedures and awareness  Defense in depth is a security strategy in which several protection layers are placed throughout an information system .
Created By :- Raiyani Namrata H. 23 7. Scope and Limitation Of Ethical Hacking  Scope of ethical hacking  Ethical hacking is a crucial component of risk assessment , auditing , counter fraud , best practice , and good governa- nce .  It is used to identify risks and highlight the remedial actions , and also reduce information and communication technology (ICT) costs by resolving those vulnerabilities .
Created By :- Raiyani Namrata H. 24  Limitations Of Ethical Hacking  However , unless the business first know what it is at that they are looking for and why they are hiring an outside vendor to hack the system in the first place , chances there would not be much to gain from the experience.  An ethical hacker thus can only help the organization to better understand their security system , but it is up to the organizati- on to place the right guards on the network .
Created By :- Raiyani Namrata H. 25 8. What an ethical hacker do ?  Ethical hackers are hired by an organization to attack their infor- mation system and networks in order to discover vulnerabilities and verify that security measures are functioning correctly .  Their duties may include testing systems and networks for vulne- rabilities and attempting to access sensitive data by breaking se- curity .
Created By :- Raiyani Namrata H. 26 9. Skills of an ethical hacker  There are five skills of an ethical hacker :- - Platform Knowledge - Network Knowledge - Computer Expert - Security Knowledge - Technical Knowledge
Created By :- Raiyani Namrata H. 27  Platform Knowledge  Has-In-Depth knowledge of target platform , such as UNIX , LINUX , WINDOW .  Network Knowledge  Has exemplary knowledge of networking and related hardware and software  Computer Experts  Should be a computer experts adept at technical domains .
Created By :- Raiyani Namrata H. 28  Security Knowledge  Has knowledge of security areas and related issues .  Technical Knowledge  Has high technical knowledge to launch the sophisticated attacks .
Created By :- Raiyani Namrata H. 29 10 . What is a penetration testing ?  Penetration testing is a method of actively evaluating the security of an information system or network by simulating an attack from a malicious source .  Security measures are actively analyzed for design weakness , tech- nical flaws and vulnerabilities .  The results are delivered comprehensive in a report to executive , management and technical audience .
Created By :- Raiyani Namrata H. 30 11 . Summery of an ethical hacking  An ethical hacking enables organization to counter attacks from malicious hacker by anticipating certain attack by which they can break into the system .  Ethical hacking is a crucial component of risk assessment ,audi- ting , counter frauds , best practice and good governance .  An ethical hacker helps in evaluating the security of a computer system or network by simulating an attack by a malicious user .
Created By :- Raiyani Namrata H. 31
Created By :- Raiyani Namrata H. 32

More Related Content

PPTX
ETHICAL HACKING PRESENTATION
Yash Shukla
 
PPTX
Ethical hacking
VipinYadav257
 
PPT
Ethical Hacking
Keith Brooks
 
PPTX
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
PPTX
Ethical Hacking
Nitheesh Adithyan
 
PPT
Ethical hacking presentation
Georgekutty Francis
 
PPTX
Ethical hacking
arohan6
 
PPTX
ETHICAL HACKING PPT
Sweta Leena Panda
 
ETHICAL HACKING PRESENTATION
Yash Shukla
 
Ethical hacking
VipinYadav257
 
Ethical Hacking
Keith Brooks
 
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
Ethical Hacking
Nitheesh Adithyan
 
Ethical hacking presentation
Georgekutty Francis
 
Ethical hacking
arohan6
 
ETHICAL HACKING PPT
Sweta Leena Panda
 

What's hot (20)

PPT
Ethical hacking
Monika Deswal
 
PPTX
Ethical hacking
Institute of Information Security (IIS)
 
PPT
Ethical Hacking Powerpoint
Ren Tuazon
 
PPTX
Ethical hacking/ Penetration Testing
ANURAG CHAKRABORTY
 
PPTX
Ethical hacking Presentation
AmbikaMalgatti
 
PPTX
Ethical hacking
Alapan Banerjee
 
PPTX
Ethical Hacking
Tharindu Kalubowila
 
DOCX
Final report ethical hacking
samprada123
 
PPTX
Hacking
Asma Khan
 
PPTX
Introduction to ethical hacking
Vikram Khanna
 
PPTX
Presentation on Ethical Hacking ppt
Shravan Sanidhya
 
PPTX
Ethical hacking
Ganesh Vadulekar
 
PPT
Cyber Crime and Security
Dipesh Waghela
 
ODP
Ethical hacking ppt
himanshujoshi238
 
PPTX
Introduction To Ethical Hacking
Raghav Bisht
 
PPTX
Ethical Hacking
Aditya Vikram Singhania
 
PPT
Ethical hacking a licence to hack
Dharmesh Makwana
 
PPTX
Cyber security with ai
Burhan Ahmed
 
PPTX
Ethical hacking presentation
Suryansh Srivastava
 
PPT
Ethical hacking
A Raheem Ansari
 
Ethical hacking
Monika Deswal
 
Ethical hacking
Institute of Information Security (IIS)
 
Ethical Hacking Powerpoint
Ren Tuazon
 
Ethical hacking/ Penetration Testing
ANURAG CHAKRABORTY
 
Ethical hacking Presentation
AmbikaMalgatti
 
Ethical hacking
Alapan Banerjee
 
Ethical Hacking
Tharindu Kalubowila
 
Final report ethical hacking
samprada123
 
Hacking
Asma Khan
 
Introduction to ethical hacking
Vikram Khanna
 
Presentation on Ethical Hacking ppt
Shravan Sanidhya
 
Ethical hacking
Ganesh Vadulekar
 
Cyber Crime and Security
Dipesh Waghela
 
Ethical hacking ppt
himanshujoshi238
 
Introduction To Ethical Hacking
Raghav Bisht
 
Ethical Hacking
Aditya Vikram Singhania
 
Ethical hacking a licence to hack
Dharmesh Makwana
 
Cyber security with ai
Burhan Ahmed
 
Ethical hacking presentation
Suryansh Srivastava
 
Ethical hacking
A Raheem Ansari
 

Similar to Ethical Hacking (20)

PPTX
Ethical hacking
Prabhat kumar Suman
 
PPTX
Ethical hacking
AKSHAY KHATRI
 
PDF
Hacking and Ethical Hacking
Masih Karimi
 
PPTX
Ethical hacking
Devendra Yadav
 
DOCX
Ethical hacking
Nitheesh Adithyan
 
RTF
Hacking and its types
Rishab Gupta
 
PPTX
Cse ethical hacking ppt
shreya_omar
 
PPTX
ethical hacking
samprada123
 
PPTX
Summer training in jaipur
cyber cure
 
PPTX
Ethical Hacking Overview
Subhoneel Datta
 
PPTX
CSE-Ethical-Hacking-ppt.pptx
AnshumaanTiwari2
 
PPTX
Ethical hacking
Anumadil1
 
PPTX
Ethical hacking
Vishesh Singhal
 
DOCX
Ethical hacking
Asaduzzaman Kanok
 
PPTX
CSE-Ethical-Hacking-ppt.pptx
VishnuVarma47
 
PPT
Ethi mini - ethical hacking
Being Uniq Sonu
 
PPTX
Ethical Hacking
Bharat Sabne
 
PDF
ANS_Ch_05_Handouts.pdf
MeymunaMohammed1
 
PDF
ANS_Ch_05_Handouts.pdf
MeymunaMohammed1
 
PPTX
Ethical hacking
Ritwick Mukherjee
 
Ethical hacking
Prabhat kumar Suman
 
Ethical hacking
AKSHAY KHATRI
 
Hacking and Ethical Hacking
Masih Karimi
 
Ethical hacking
Devendra Yadav
 
Ethical hacking
Nitheesh Adithyan
 
Hacking and its types
Rishab Gupta
 
Cse ethical hacking ppt
shreya_omar
 
ethical hacking
samprada123
 
Summer training in jaipur
cyber cure
 
Ethical Hacking Overview
Subhoneel Datta
 
CSE-Ethical-Hacking-ppt.pptx
AnshumaanTiwari2
 
Ethical hacking
Anumadil1
 
Ethical hacking
Vishesh Singhal
 
Ethical hacking
Asaduzzaman Kanok
 
CSE-Ethical-Hacking-ppt.pptx
VishnuVarma47
 
Ethi mini - ethical hacking
Being Uniq Sonu
 
Ethical Hacking
Bharat Sabne
 
ANS_Ch_05_Handouts.pdf
MeymunaMohammed1
 
ANS_Ch_05_Handouts.pdf
MeymunaMohammed1
 
Ethical hacking
Ritwick Mukherjee
 

Recently uploaded (20)

PPTX
QR Codes Qr codecodecodecodecocodedecodecode
SRMediaZone
 
PPTX
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
 
PDF
The Internet -By the Numbers, Sri Lanka Edition
APNIC
 
PPTX
SAP Ariba Sourcing PPT for learning material
NKKumar16
 
PPTX
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
PPTX
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
 
PPTX
artificial intelligence overview of it and more
yafotin445
 
PPTX
Funds Management Learning Material for Beg
NKKumar16
 
PPTX
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
 
PPT
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
 
PDF
Best Practices for Testing and Debugging Shopify Third-Party API Integrations...
CartCoders
 
PDF
WebRTC in SignalWire - troubleshooting media negotiation
Giacomo Vacca
 
PDF
Vigrab.top – Online Tool for Downloading and Converting Social Media Videos a...
Vigrab Top
 
PDF
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
 
PDF
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
 
PPTX
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
 
PPTX
Introduction to Information and Communication Technology
AkmadArzieAyao1
 
PPTX
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
PDF
Triggering QUIC, presented by Geoff Huston at IETF 123
APNIC
 
PDF
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 
QR Codes Qr codecodecodecodecocodedecodecode
SRMediaZone
 
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
 
The Internet -By the Numbers, Sri Lanka Edition
APNIC
 
SAP Ariba Sourcing PPT for learning material
NKKumar16
 
international classification of diseases ICD-10 review PPT.pptx
naveenithkrishnan
 
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
 
artificial intelligence overview of it and more
yafotin445
 
Funds Management Learning Material for Beg
NKKumar16
 
Module 1 - Cyber Law and Ethics 101.pptx
anantyakhrisna1
 
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
 
Best Practices for Testing and Debugging Shopify Third-Party API Integrations...
CartCoders
 
WebRTC in SignalWire - troubleshooting media negotiation
Giacomo Vacca
 
Vigrab.top – Online Tool for Downloading and Converting Social Media Videos a...
Vigrab Top
 
Slides PDF The World Game (s) Eco Economic Epochs.pdf
Steven McGee
 
RPKI Status Update, presented by Makito Lay at IDNOG 10
APNIC
 
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
 
Introduction to Information and Communication Technology
AkmadArzieAyao1
 
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
 
Triggering QUIC, presented by Geoff Huston at IETF 123
APNIC
 
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 

Ethical Hacking

  • 1. Guided By :- Miss Sangita Makhija Created By :- Name :- Raiyani Namrata Himmatbhai Exam No :- 973 1
  • 2.  What is an ethical hacking?  Who is a hacker ?  Classes of hacker.  Process of ethical hacking.  Types of attacks on a system .  Why ethical hacking is needed?  Scope and limitations of ethical hacking.  What ethical hacker do?  Skills of an ethical hacker.  What is penetration testing?  Module summery. Created By :- Raiyani Namrata H. 2
  • 3. Ethical hacking is an assessment to test and check an information technology environment for possible weak links and vulnerabilities.  Ethical hacking describes the process of hacking a network in an ethical way.  Ethical hacking is , what it can do , an ethical hacking methodology as well as some tools which can be used for an ethical hack . 1. What is an ethical hacking ? Created By :- Raiyani Namrata H. 3
  • 4. 2. Who is a hacker?  Intelligent individuals with excellent computer skill with the ability to create and explore into the computer software & hardware.  For some hackers , hacking is a hobby to see howmany comp- uters or networks they can compromise.  Their intension can either be to gain knowledge or to poke ar- ound to do illegal things.  Hackers can hack business data , credit card information , etc. Created By :- Raiyani Namrata H. 4
  • 5. 3. Classes of hackers. Class of hackerr Black Hats White Hats Gray Hats Suicide Hackers Created By :- Raiyani Namrata H. 5
  • 6.  Black Hats  Individuals with extraordinary computing skills , resorting to malicious or destructive activities and are also known as crackers or dark -side hackers.  The term “black hat” comes from old westerns where the bad guys usually wore black hats and the good guys wore white ones.  hackers build things, crackers break things. - Good technical skill - Involved malicious and illegal activities. Created By :- Raiyani Namrata H. 6
  • 7.  White Hats  Individuals professing hacker skill and using them for defensive purpose and are also known as security analyst .  who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems. - Use of knowledge and skills for defensive purpose , rather offensive Created By :- Raiyani Namrata H. 7
  • 8.  Gray Hats  Individuals who work both offensive and defensively at various times . - Individuals who work both side :- ethical and malicious.  a grey hat hacker discovers a vulnerability, instead of telling the vendor how the exploit works, he or she may offer to repair it for a small fee. When one successfully gains illegal access to a system or network, he or she may suggest to the system administrator that one of his or her friends be hired to fix the problem; however, this practice has been declining due to the increasing willingness of businesses to prosecute. Created By :- Raiyani Namrata H. 8
  • 9. Created By :- Raiyani Namrata H. 9 Suicide Hacker  Individuals who aim to bring down critical infrastructure for a“cause” and are not worried about facing 30 years in jail for their actions. - Suicide hacker can be good as well as bad .
  • 10. 4 . Process of Hacking Reconnaissance Scanning Gaining Access Maintaining Access Clearing Tracks Created By :- Raiyani Namrata H. 10
  • 11.  Reconnaissance  Reconnaissance refer to the preparatory phase where an attacker seeks to gather information about a target prior to launching an attack.  There are two types reconnaissance :- 1) Passive Reconnaissance and 2) Active Reconnaissance . Created By :- Raiyani Namrata H. 11 1) Passive Reconnaissance Passive reconnaissance is an attempt to gain information about targeted computers and networks without actively engaging with the systems.
  • 12. Created By :- Raiyani Namrata H. 12 2) Active Reconnaissance Active reconnaissance is a type of computer attack in which an intruder engages with the targeted sy- stem to gather information about vulnerabilities.
  • 13. Created By :- Raiyani Namrata H. 13  Scanning  Scanning refers to the pre-attack phase when the attacker scans the network for specific information on the basis of information gathered during reconnaissance .  Scanning can include use of dialers , port scanner , network mapping vulnerability scanner , etc .  Attacker extract information such as computer names , IP address , and user account to launch attack .
  • 14. Created By :- Raiyani Namrata H. 14  Gaining Access  Gaining access refers to the points where the attacker obtains access to the operating system or applications on the computer or networks .  The attacker can gain access at the operating system level , application level , or network level .  for example , password cracking , buffer overflows , denial of service , session hijacking , etc .
  • 15. Created By :- Raiyani Namrata H. 15  Maintaining Access  Maintaining access refers to the phase when the attacker tries to retain his or her ownership of the system .  Attacker may prevent the system from being owned by other attacker by securing their exclusive access with backdoors , roolkits , or trozens .  Attacker use the compromised system to launch further attacks .
  • 16. Created By :- Raiyani Namrata H. 16  Covering Tracks  Covering tracks refers to the activities carried buy an attacker to hide malicious acts .  The attacker overwrites the server , system and application logs to avoid suspicion .  The attacker’s intension include continuing access to the victim’s system , deleting evidence that might lead to his prosecution .
  • 17. Created By :- Raiyani Namrata H. 17 5 . Types of attacks on a system  There are several an attacker can access to a system . The attacker must be able to exploit a weakness or vulnerability in a system .  There are four types attacks on a system :- 1) Operating system attack , 2) Application level attack , 3) Mis-configuration attack and 4) Shrink wrap code attack .
  • 18. Created By :- Raiyani Namrata H. 18  Operating System Attack  Attackers search for operating system vulnerabilities and exploit them to gain access to a network system .  Some of the system vulnerabilities :- buffer overflow vulnerabilities , bugs in operating system , and unpatched operating system .
  • 19. Created By :- Raiyani Namrata H. 19  Application Level Attack  Software applications come with tons of functionalities and features .  There is a dearth of time to perform complete testing before releasing products .
  • 20. Created By :- Raiyani Namrata H. 20  Mis-Configuration Attack  If a system is misconfigured , such as change in made in the file permission , it can no longer be considered as secure .  The administrators are expected to change the configuration of the device before they are deployed in the network .  In order to optimize the configuration to the machine remove any redundant service or software .
  • 21. Created By :- Raiyani Namrata H. 21 6. Why an ethical hacking is needed ? Ethical hacking Defense in depth strategy Counter the attacks  Ethical hacking is needed because it allows the countering of attacks from malicious hacker by anticipating method they can use to break into a system .
  • 22. Created By :- Raiyani Namrata H. 22  Defense in Depth Service  There are seven types of defense in depth layers .  Data , Application , Host , Internal Network , Perimeter , Physical , Policies , Procedures and awareness  Defense in depth is a security strategy in which several protection layers are placed throughout an information system .
  • 23. Created By :- Raiyani Namrata H. 23 7. Scope and Limitation Of Ethical Hacking  Scope of ethical hacking  Ethical hacking is a crucial component of risk assessment , auditing , counter fraud , best practice , and good governa- nce .  It is used to identify risks and highlight the remedial actions , and also reduce information and communication technology (ICT) costs by resolving those vulnerabilities .
  • 24. Created By :- Raiyani Namrata H. 24  Limitations Of Ethical Hacking  However , unless the business first know what it is at that they are looking for and why they are hiring an outside vendor to hack the system in the first place , chances there would not be much to gain from the experience.  An ethical hacker thus can only help the organization to better understand their security system , but it is up to the organizati- on to place the right guards on the network .
  • 25. Created By :- Raiyani Namrata H. 25 8. What an ethical hacker do ?  Ethical hackers are hired by an organization to attack their infor- mation system and networks in order to discover vulnerabilities and verify that security measures are functioning correctly .  Their duties may include testing systems and networks for vulne- rabilities and attempting to access sensitive data by breaking se- curity .
  • 26. Created By :- Raiyani Namrata H. 26 9. Skills of an ethical hacker  There are five skills of an ethical hacker :- - Platform Knowledge - Network Knowledge - Computer Expert - Security Knowledge - Technical Knowledge
  • 27. Created By :- Raiyani Namrata H. 27  Platform Knowledge  Has-In-Depth knowledge of target platform , such as UNIX , LINUX , WINDOW .  Network Knowledge  Has exemplary knowledge of networking and related hardware and software  Computer Experts  Should be a computer experts adept at technical domains .
  • 28. Created By :- Raiyani Namrata H. 28  Security Knowledge  Has knowledge of security areas and related issues .  Technical Knowledge  Has high technical knowledge to launch the sophisticated attacks .
  • 29. Created By :- Raiyani Namrata H. 29 10 . What is a penetration testing ?  Penetration testing is a method of actively evaluating the security of an information system or network by simulating an attack from a malicious source .  Security measures are actively analyzed for design weakness , tech- nical flaws and vulnerabilities .  The results are delivered comprehensive in a report to executive , management and technical audience .
  • 30. Created By :- Raiyani Namrata H. 30 11 . Summery of an ethical hacking  An ethical hacking enables organization to counter attacks from malicious hacker by anticipating certain attack by which they can break into the system .  Ethical hacking is a crucial component of risk assessment ,audi- ting , counter frauds , best practice and good governance .  An ethical hacker helps in evaluating the security of a computer system or network by simulating an attack by a malicious user .
  • 31. Created By :- Raiyani Namrata H. 31
  • 32. Created By :- Raiyani Namrata H. 32