Skills you need to become a ethical hacker
Download as PPTX, PDF0 likes77 views
An ethical hacker should have expertise in various domains including routers, Microsoft systems, Linux, firewalls, programming, mainframes, and network protocols. Certifications in areas like Cisco CCNA, CCNP, Check Point CCSA, and CompTIA are beneficial. When establishing ethical hacking goals, an organization should consider its strategic intent, unique objectives, budget, scope of test plans, core project deliverables, and customer communication approach. Additional reading resources are provided on topics such as US hacker laws, penetration testing methodologies, quantitative risk assessment, PCI compliance, major data breaches, incident response, and cybersecurity teams.
Skills you need to become a ethical hacker
- 2. Ethical Hackers Skills Ethical Hackers should have expertise in the following domain: • Routers: broad understanding of routers, routing protocols, and access control lists (ACLs). Additional certifications such as Cisco Certified Network Associate (CCNA), Cisco Certified Internetworking Expert (CCIE). • Microsoft: posses skills in the operation, configuration and management of Microsoft systems.
- 3. Ethical Hackers Skills • Linux: Posses comprehensive understanding of Linux/UNIX OS, which encompasses security, setting, configuration and services. Fedora or Linux+ certification is beneficial. • Firewalls: Maintain knowledge of firewall configuration, Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). Cisco Certified Network Associate Security Professional (CCNA) or Check Point Certified Security Administrator (CCSA) are advantageous • Programming: Knowledge of programming, including SQL, programming languages such as C++, Ruby, C#, and C, and scripting languages such as PHP and Java
- 4. Ethical Hackers Skills • Mainframes: Understanding of Mainframes • Network Protocols: Understanding of Transmission Control Protocol/Internet Protocol (TCP/IP). Possess CompTIA Network+, Security+, or Advanced Security Practitioner (CASP) certification.
- 5. Establishing Ethical Hacking Goals The following types of questions that can help you establish goals 1. What is the strategic intent of the organisation? 2. What unique objectives does the organization want to achieve 3. What is the budget size 4. What is the scope of the test plans and when will they be implemented ? 5. What are they core project deliverables ? 6. How will customers be informed ? etc
- 6. Additional Reading • http://www.hackerlaw.org/?page_id=55: U.S. hacker laws • https://tools.ietf.org/html/rfc1087: Ethics and the Internet • https://www.owasp.org/index.php/Main_Page: The Open Web Application Security Project • https://www.owasp.org/index.php/Penetration_testing _methodologies: Various pen testing methodologies • http://blogs.getcertifiedgetahead.com/quantitative- risk-assessment/: Quantitative risk assessment • https://www.pcisecuritystandards.org/documents/PCI% 20SSC%20Quick%20Reference%20Guide.pdf: A guide to PCI-DSS
- 7. Additional Reading • http://www.informationisbeautiful.net/visualizations/ worlds-biggest-data-breaches-hacks/: Top IT security breaches • http://searchnetworking.techtarget.com/tutorial/Netw ork-penetration-testing-guide: Guide to penetration testing • https://www.rapid7.com/resources/how-to-respond-to- an-incident/: Incident response methodologies • http://securityaffairs.co/wordpress/49624/hacking/cyb er-red-team-blue-team.html: Description of hacking teams including pen testers, blue teams, and red teams