Ethical Hacking

Introduction

What is Ethical Hacking?Types of Ethical HackingResponsibilities of a ethical hackerCustomer ExpectationsSkills of the hacker

Overview

Ethical

What is it?

Hacking

Art and Science ofUnderstanding and determining vulnerabilities inside the information infrastructure

Art and Science of understanding and determining vulnerabilities inside the information infrastructure

Ethical

Types of Ethical Hacking

Hacking

Types

Types BLACK BOX

GREYBOX

WHITEBOX

Knowledge ofinformation

infrastructure

Ethical

Responsibilities of Ethical Hacker

Hacking

Responsibilities

• Use your knowledge & tools only for legal purposes.

• Only hack to identify security issues with goal of defense.

• Get management approvals.

Ethical

Customer Expectations

Hacking

Customer Expectations

• Define Goals and expectations• Confidentiality• Who owns the resultant data- the company• Full disclosures

EthicalHacker’s

skills Hacking

Hacker’s skills

Network/SystemsAdministrator

Security expertise

Extensive Knowledge

Ethical

Laws and Preparation

Hacking

Preparation

• Get signed approvals for all test• Sign confidentiality agreements (NDA) • Get approval from collateral parties• Put together teams and tools• Define Goals

Ethical

Types of Attacks

Hacking

Types of Attacks

• Full Penetration• Denial of Service• Specific Information ( theft or disclosure)• Social Engineering