You might find yourself asking what sets this course apart from the others out there. The truth
is that no single courseware can address all the issues of information security in a detailed
manner. Moreover, the rate at which exploits, tools, and methods are being discovered by the
security community makes it difficult for one program to cover all the necessary facets of
information security. This doesn't mean that this course is inadequate in any way as we have
worked to cover all major domains in such a manner that the reader will be able to appreciate
the way security has evolved over time as well as gain insight in to the fundamental workings
relevant to each domain. It is a blend of academic and practical wisdom supplemented with
tools that the reader can readily access in order to obtain a hands-on experience.
What is ethical hacking? When it comes to cybersecurity, hacking comes in many colors: white, grey, black, and shades in between. White hat hackers use their skills for good. They practice ethical hacking: involved testing to see if an organization's network is vulnerable to outside attacks. Ethical hacking is key to strengthening network security, and it's one of the most desired skills for any IT security professional. If you're interested in becoming an ethical hacker, or getting started securing your own network, this introduction is for you. Security expert Lisa Bock explores today's threat landscape, dissecting the top attack vectors and motives for attacks. Lisa identifies a variety of ways to secure an organization, explores policies that help enforce security objectives, and more.
A penetration test begins before penetration testers have even made contact with the victims' systems. Rather than blindly throwing out exploits and praying that one of them returns a shell, a penetration tester meticulously studies the environment for potential weaknesses and their mitigating factors. By the time a penetration tester runs an exploit, he or she is nearly certain that it will be successful. Since failed exploits can in some cases cause a crash or even damage a victim's system, or at the very least make the victim un-exploitable in the future, penetration testers won't get the best results or deliver the most thorough report to their clients if they blindly turn an automated exploit machine on the victim network with no preparation.
After footprinting and reconnaissance, scanning is the second phase of information gathering that hackers use to size up a network. Scanning is where they dive deeper into the system to look for valuable data and services in a specific IP address range. Network scans are also a key tool in the arsenal of ethical hackers, who work to prevent attacks on an organization's infrastructure and data.This course investigates the scanning tools and techniques used to obtain information from a target system, including specially crafted packets, TCP flags, UDP scans, and ping sweeps. Lisa Bock discusses how hackers can identify live systems via protocols, blueprint a network, and perform a vulnerability scan to find weaknesses.
Enumeration is defined as a process which establishes an active connection to the target hosts to discover potential attack vectors in the system, and the same can be used for further exploitation of the system.Enumeration is often considered as a critical phase in Penetration testing as the outcome of enumeration can be used directly for exploiting the system.Enumeration is defined as the process of extracting user names, machine names, network resources, shares and services from a system. In this phase, the attacker creates an active connection to the system and performs directed queries to gain more information about the target. The gathered information is used to identify the vulnerabilities or weak points in system security and tries to exploit in the System gaining phase.