Introduction
This lesson introduces you to the world of ethical hacking. Ethical hacking is a form of legal hacking that is done with the permission of an organization to help increase its security. This lesson discusses many of the business aspects of penetration (pen) testing. Information about how to perform a pen test, what types can be performed, what are the legal requirements, and what type of report should be delivered are all basic items that you will need to know before you perform any type of security testing. However, first, you need to review some security basics. This lesson starts with a discussion of confidentiality, integrity, and availability. Finally, the lesson finishes up with the history of hacking and a discussion of some of the pertinent laws.
Note
Nothing learned in this class is intended to teach or encourage the use of security tools or methodologies for illegal or unethical purposes. Always act in a responsible manner. Make sure that you have written permission from the proper individuals before you use any of the tools or techniques described within. Always obtain permission before installing any of these tools on a network.
Security Fundamentals
Security is about finding a balance, as all systems have limits. No one person or company has unlimited funds to secure everything, and we cannot always take the most secure approach. One way to secure a system from network attack is to unplug it and make it a standalone system. Although this system would be relatively secure from Internet-based attackers, its usability would be substantially reduced. The opposite approach of plugging it in directly to the Internet without any firewall, antivirus, or security patches would make it extremely vulnerable, yet highly accessible. So, here again, you see that the job of security professionals is to find a balance somewhere between security and usability. Figure 1.1 demonstrates this concept.
To find this balance, you need to know what the goals of the organization are, what security is, and how to measure the threats to security. The next section discusses the goals of security.
we will continue our study of Hacking basics on NETWORK SOLUTION TIPS
No comments:
Post a Comment