SIZ-APPROVED COURSE|Cyber Security and Ethical Hacking| LECTURE 02| Ethical Hacking Terminologies and Penetration Testing| 20% reward to @siz-official

in hive-181430 •  3 years ago  (edited)

Assalam O Alikum!
My name is Safa Rizwan. As I told you before that I am making a course series on “Cyber Security and Ethical Hacking” on #SIZ. This is lecture 02. The motive of course is to educate people about what type of hacking is good and can be done professionally because whenever we listen a word Hacking it gives negative impression on our mind. To understand Cybersecurity and Ethical hacking and its types, you can read lecture 01 by following giving link:
CYBERSECURITY AND ETHICALHACKING||SIZ-Course by @safarizwan

IMG-20211008-WA0014.jpg


First understand that hackers are divided in 3 categories with respect to their work and attitude. These types are :

Types Of Hackers:

White Hats:
This hacker uses their skills for defensive purposes and can be consider as a good guy or we may call them Ethical hacker.
Black Hats:
This hacker uses their skills for malicious and illegal purposes and can be consider as a bad guy or sometime we may call them malicious attacker.
Gray Hats:
This hacker uses their skills for defensive and malicious purpose depending on the situatons and can be consider a good and bad guy both. Mostly interesting in a hacker tool for curiosity standpoint. Typically, called a self-proclaimed ethical hacker.

1633699005959.jpg
https://mnsgroup.com/ethical-hacking-color-hackers-hat/amp/

FOUR ELEMENTS OF SECURITY:

• All attacks are an attempt to breach a computer system security. It consists of four elemets.

  1. Confidentiality
  2. Availability
  3. Integrity
  4. Authenticity
    Stealing password or other data is a confidentiality attack, because it allows someone other than the intended recipient to gain access.
    with denial of service (DoS) attack, a hacker attacks the availbility elements of systems and networks.
    Bit-flipping attacks are considered integrity attacks because the data may have been tampered with in transit or within the original system.
    MAC address spoofing is an authentication attack because it allows an unauthorized device to connect to a network such as on a wireless one.

IMG-20211008-WA0015.jpg

ETHICAL HACKING TERMINOLOGIES :

We often listen some terms related to the field of security. lets understand these terms :
Threat :
A situation that could lead to potential breach of security.
Exploit :
A piece of software or technology that takes advantage of a bug, glitch or vunerability, leading to unauthorized access of a system.
Vulnerability :
The existence of a software flaw, design or implementation error that can lead to an unexpected and undesirable event executing bad or damaging instructions to the system.
Target Of Evaluation(TOE) :
A system, program, or network that is the subject of a security analysis or attack.
Remote :
The exploit is sent over a network and exploits security vulnerabilities without any prior access to the vulnerable system.
Local :
The exploit is delivered directly to the computer system or network, which requires prior access to the vulnerable system to increase privileges.
Attack :
An attack occurs when a system is compromised based on a vulnerability.

Penetration Testing :

It is important to know that Ethical Hacking and Pentration testing typically refer to the same thing and can be used interchangeably.
Ethical Hackers conduct Penetration tests for their clients or employers.

IMG-20211008-WA0016.jpg

Types Of Penetration Testing :

It includes 3 types
INTERNAL PENATRATION TESTING :
This type of penetration testing is typically done to simulate what an attacker that has made their way into your network can gain access.
Tester will typically be on site and connected to the network or remotely connected and be given rights to break into as many machines as possible and find valuable information.
EXTERNAL PENETRATION TESTING :
This type of penetration testing is typically done from outside of a network and tests the ability for hackers to break in from the outside.
Tester will typically conduct these kinds of tests with public IP addresses for the network and try to break in.
WEBSITE PENRTRATION TESTING :
This type of Penetration testing focuses on attempting to exploit vulnerabilities in a web application or a website to see where it may be vulnerable.
It is important because if a company is offering an application online that collects private information to people, they need to know that their application is safe.
*** The End ***


Hope, I described it to you well. Meet you in next lecture. Thanks for reading it.

I am very thankful to
@cryptokraze
@vvarishayy
for providing a this great opportunity on @siz-official, that helps me to improve my writing skill.

Your regards:
@safarizwan

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Good one Post dear friend you make a very good post thanks for sharing a good information with us my best wishes for you.

Regards, Faran Nabeel

Thanks, your appreciation boost my confidence!

edit the title kindly

i did it, Thank you for guiding.

Your post content is plagiarised. Please try to post unique content within community guidelines.

IMG_20211014_193350.jpg

IMG_20211014_193402.jpg