Scribd Logo
Загрузить

Добро пожаловать в Scribd!

  • 1-Introduction Ethical Hacking

    Загружено:

    Ha Mza
    416 просмотров16 страниц
    h

    Авторское право

    © © All Rights Reserved

    Доступные форматы

    PDF, TXT или читайте онлайн в Scribd

    Этот документ был вам полезен?

    Это неприемлемый материал?

    Пожаловаться на этот документ
    h

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    416 просмотров16 страниц

    1-Introduction Ethical Hacking

    Загружено:

    Ha Mza
    h

    Авторское право:

    © All Rights Reserved
    Скачайте в формате PDF, TXT или читайте онлайн в Scribd
    Отметить как неприемлемый контент
    из 16

    Introduction Ethical Hacking

    Understanding Ethical Hacking Terminology

    Threat
    Vulnerability
    Exploit
    Target Of Evaluation
    Zero-Day Vulnerability

    www.eduors.com www.facebook.com/eduors
    Identifying Different Types of Hacking Technologies

    Operating systems
    Applications
    Shrink-wrap code
    Misconfigurations

    www.eduors.com www.facebook.com/eduors
    Understanding the Different Phases Involved in Ethical
    Hacking and Listing the Five Stages of Ethical Hacking

    Reconnaissance
    Scanning
    Gaining Access
    Maintaining Access
    Covering Tracks

    www.eduors.com www.facebook.com/eduors
    Hacker Classes

    White hats
    Black hats
    Grey hats
    Hacktivism

    www.eduors.com www.facebook.com/eduors
    Security consists of four basic elements

    Confidentiality
    Authenticity
    Integrity
    Availability

    www.eduors.com www.facebook.com/eduors
    Security, Functionality, and Ease of Use Triangle

    www.eduors.com www.facebook.com/eduors
    Penetration Testing

    penetration test, occasionally pen test, is a method of evaluating the


    computer security of a computer system or network by simulating an
    attack from malicious outsiders (who do not have an authorized means
    of accessing the organization's systems) and malicious insiders (who
    have some level of authorized access). [1] The process involves an
    active analysis of the system for any potential vulnerabilities that could
    result from poor or improper system configuration, both known and
    unknown hardware or software flaws, or operational weaknesses in
    process or technical countermeasures. [citation needed] This analysis is
    carried out from the position of a potential attacker and can involve
    active exploitation of security vulnerabilities

    www.eduors.com www.facebook.com/eduors
    Testing Types

    Black box
    White box
    Grey box

    www.eduors.com www.facebook.com/eduors
    Types of Ethical Hacks

    Remote network
    Remote dial-up network
    Local network
    Stolen equipment
    Social engineering
    Physical entry

    www.eduors.com www.facebook.com/eduors
    Types of Vulnerabilities

    Network Service Vulnerabilities


    Web Application Vulnerabilities
    Mobile Application Vulnerabilities
    Local Service Vulnerabilities
    System Vulnerabilities
    Physical Vulnerabilities

    www.eduors.com www.facebook.com/eduors
    Vulnerability Research web sites

    http://www.securityfocus.com/
    http://nvd.nist.gov/
    http://www.securitytracker.com/
    http://www.securiteam.com/

    www.eduors.com www.facebook.com/eduors
    Exploits Type

    Remote Exploit
    Local Exploit

    www.eduors.com www.facebook.com/eduors
    Exploits Research web site

    http://www.exploit-db.com
    http://www.securitytube.net/

    www.eduors.com www.facebook.com/eduors
    Penetration Test Report

    http://www.offensive-security.com/penetration-testing-sample-
    report.pdf
    http://www.vulnerabilityassessment.co.uk/report%20template.html
    http://www.besnard.org/biometrics/2BIO706_business_report.pdf

    Вам также может понравиться