Understand the concept of hacking. Lisa Bock covers the different types of hackers, the deep web and the dark web, and the difference between a vulnerability scan and Penetration Testing. Evaluate the value of the human factor in Ethical hacking, and what additional steps are taken to ensure a defensive posture.
- [Instructor] When talking about hackers,…not all hackers are treated alike.…Hacking, in itself, is the ability to gain entry…without appropriate permission.…Hackers can be black hats.…Black hat hackers use their talent for criminal…or malicious activity.…Gray hat hackers tend to be more mischievous…than malicious and push the envelope…to see if they can gain access into a system.…White hat hackers are security specialists…who look for vulnerabilities and then mitigate risks.…
There is also the concept of hacktivism,…which is using legal and illegal tools…to attack computer systems, steal information,…deface websites, protest, promote political ideology,…or other causes.…Hacktivists are willing to take the fall for their activity,…yet, do not want to risk exposing themselves,…so many hang out in the Dark Web,…where they can communicate in a secure manner.…Where is the Dark Web?…Let's take a look at this diagram.…
Up on the top is the Public Web.…The Public Web is visible to anyone.…Content is easily found using search engines…
Security expert Lisa Bock starts with an overview of ethical hacking and the role of the ethical hacker. She reviews the kinds of threats networks face, and introduces the five phases of ethical hacking, from reconnaissance to covering your tracks. She also covers penetration-testing techniques and tools. The materials map directly to the "Introduction to Ethical Hacking" competency from the CEH Body of Knowledge, and provide an excellent jumping off point for the next courses in this series.
Note: Our Ethical Hacking series will map to the 18 parts of the EC-Council's certification exam. Find more courses in the series on Lisa's author page.
- Ethical hacking principles
- Managing incidents
- Creating security policies
- Protecting data
- Conducting penetration testing
- Hacking in phases