Basics of Ethical Hacking Training

Basics of Ethical Hacking Training

Hacking is a very common word now a day. Every other day we have attacks on cyberspace. According to studies, there is one cybercrime in India every 10 minutes. Ethical hacking is a concept where the Ethical Hacker (Security professional) performs penetration testing to find out the vulnerabilities and patch them before any black hat hacker exploits them. CEH Training of EC Council Certified Courses is the best certification to learn CEH – Ethical Hacking.

Terms of Ethical Hacking

These is Specific terms that are used in Ethical Hacking in CEH Training :

  • Hack Value
  • Vulnerability
  • Exploit
  • Payload
  • Zero Day Attack
  • Daisy Chaining

Mobile Hacking – How to Hack an Android Phone?

Elements of Information Security

Confidentiality, Integrity, Availability, Authenticity, Non-Repudiation

The level of security in any system can be defined by the strength of three components

Security(Restriction), Functionality(Features), Usability(GUI)

How does an Information Security attack happen?

Attack=Goal+Method+Vulnerability

Different Category of Information Security Threats

  • NETWORK THREATS: Information Gathering, Sniffing and Eavesdropping, Spoofing, DOS, Password-Based Attack, ARP Poisoning, etc.
  • HOST THREATS: Footprinting, Malware Attack, Unauthorized Access, DOS Attack, Privilege Escalation.
  • APPLICATION THREAT: Input Validation, Security Misconfiguration, Buffer Overflow, Cryptography Attack.

What is Hacking?

It is the process of finding out the system vulnerabilities and then exploiting them by getting unauthorized access to the system resources.

 Hacker Class

  • White Hat
  • Black Hat
  • Grey Hat
  • Suicide Hackers
  • Script Kiddies
  • Cyber terrorists
  • State-sponsored Hackers
  • Hacktivist 

How to Become a Cyber Security Expert?

Hacking Phases:

1. RECONNAISSANCE: It’s the preparatory phase also known as Information gathering about the target network before launching an attack.

Types

Active and Passive

2. SCANNING: The attacker scans the networks of the target on the basis of information gathered in the Reconnaissance phase using the port scanner, and ping tools and tries to get information about the live system details etc.

3. GAINING ACCESS: The attacker can gain access at the operating system, network, or application level using open ports, session hijacking, password cracking, etc.

4. MAINTAINING ACCESS: In this phase, the attacker tries to retain his ownership of the system by using back doors, rootkits, and Trojans.

5. CLEARING TRACKS: In this phase cover the tracks to hide his identity.

Types of Security Policy

  • Promiscuous Policy
  • Permissive Policy
  • Prudent Policy
  • Paranoid Policy

Penetration Testing

Penetration Testing Training is the method of evaluating the security of an information system or any network by simulating an attack to find out vulnerabilities that an attacker could exploit.

Types

White Box, Black Box, Grey Box

Top 10 Popular Certified Ethical Hacking (CEH) Tools

Phases of Penetration Testing

  • PRE-ATTACK PHASE: Planning and Preparation, Methodology Designing, Network Information Gathering
  • ATTACK PHASE: PenetratingPerimeter, acquiring the target, escalating privilege, execution, implantation, retracting
  • POST-ATTACK PHASE: Reporting, CleanUp, Artefact destruction

Security Testing Methodology

  • OWASP
  • OSSTMM
  • ISSAF
  • EC Council LPT Methodology

Information Security Standards

  • PCI DSS
  • HIPPA
  • ISO 27001:2013
  • SOX

About

Codec Networks provides IT Trainings from EC Council CEH ECSA, LPT, CHFI, Network Security, Penetration Testing, ISACA, ISC2, PECB ISO 27001LA LI, Cisco Networking CCNA CCNP, Linux Administration RHCE, Prog Languages JAVA, Advanced Java, android development. We also offer B2B Industry Solutions and Services in IT | Information|Cyber Security in Delhi NCR India.

View all posts by