bab 1: Introduction to hacking,ethic & legality

1. Types of hacker class

1.1. -Black Hat  also known as a cracker  type of hacker that has malicious intent whenever he goes about breaking into computer security systems with the use of technology such as a network, phone system, or computer and without authorization -Gray hat  someone who exhibits traits from both white hats and black hats  this is the kind of hacker that isn't a penetration tester but will go ahead and surf the Internet for vulnerable systems he could exploit -White Ha  is someone who has non-malicious intent whenever he breaks into security systems and whatnot  a large number of white hat hackers are security experts themselves who want to push the boundaries of their own IT security ciphers and shields or even penetration testers specifically hired to test out how vulnerable or impenetrable (at the time) a present protective setup

2. Testing Type

2.1. -White box  Full knowledge test : the team has as much knowledge – network and computing resources to be evaluate -Gray box  Partial knowledge test: has knowledge that might be relevant to a specific type of attack by a person internal to the organization - Black box  Zero knowledge test : no information

3. Ethical hacker skill

3.1.  Infosec  Routers  Communication & report writing  Knowledge of threat sources  Project manager  Problem mngmt  Network protocols  Firewall

4. what is ethical hacking

4.1. Ethical hacking and ethical hacker are terms used to describe hacking performed by a company or individual to help identify potential threats on a computer or network

4.2. Ethical hacker: security professional who uses his or her computing capabilities for defensive purposes and to increase the security posture of information systems.

5. Hacking Terminologies

5.1. - Threat -Exploit - Vulnerability - Target of Evaluation (toe) - Attack - Remote

6. Why ethical hacking is necessary

6.1.  It allows the countering of attacks from malicious hackers by anticipating methods they can use to break into a system  To prevent hackers from gaining access to information breaches  To fight against terrorism and national security breaches  To build a system that avoids hackers from penetrating  To test if organization’s security setting are in fact secure