provided by the International Council of E-Commerce Consultants
(EC-Council.) An Ethical Hacker is one name given to a Penetration
Tester. An ethical hacker is usually employed by an organization who
trusts him or her to attempt to penetrate networks and/or computer
systems, using the same methods as a hacker, for the purpose of finding
and fixing computer security vulnerabilities. Illegal hacking (i.e.;
gaining unauthorized access to computer systems) is a crime in most
countries, but penetration testing done by request of the owner of the
targeted system(s) or network(s) is not.
A Certified Ethical Hacker has obtained a certification in how to look
for the weaknesses and vulnerabilities in target systems and uses the
same knowledge and tools as a hacker. The certification is in Version 6
as of August 2008. The EC-Council offers another certification, known
as Certified Network Defense Architect (C|NDA). This certification is
designed for United States Government Agencies, and is available only
to members of selected agencies. Other than the name, the content of
the course is exactly the same. The exam code for CNDA is 312-99.
Certification coursework
The coursework consists of 67 modules, which range from 30 minutes to
five hours or more, depending on the depth of the information provided.
Some training centers and universities in Asia and Europe include EC
Council's CEH program in one of their course modules. A white hat is
the hero or good guy, especially in computing slang, where it refers to
an ethical hacker or penetration tester who focuses on securing and
protecting IT systems. White hat hackers are computer security experts,
who specialize in penetration testing, and other testing methodologies,
to ensure that a company's information systems are secure. White hat
hackers are also called "sneakers", red teams, or tiger teams. These
security experts may utilize a variety of methods to carry out their
tests, including social engineering tactics, use of hacking tools, such
as Metasploit, which exploits known vulnerabilities, and attempts to
evade security to gain entry into secured areas.
Read PDFs
http://www.twincling.org/twincling/slides/ethicalhacking.pdf
http://media.wiley.com/product_data/excerpt/4X/07645578/076455784X.pdf
http://www.certconf.org/presentations/2003/Wed/WM4.pdf
http://pdf.textfiles.com/security/palmer.pdf
http://www.centroatlantico.pt/titulos/tecnologias/imagens/e-book-ca-corporate-security-excerpt.pdf
http://www.koenig-solutions.com/training/EthicalHacker.pdf
http://www.mavensecurity.com/documents/Maven-CISO-Guide-to-Ethical-Hacking.pdf
http://infosecwriters.com/text_resources/pdf/Ethical_Hacking_RHartley.pdf
--
No comments:
Post a Comment
enter your comments here. your comments are valuable.