CEH V11

module 1:

Information security is well being of information and infrastructure where the possibility of theft, etc is less.

Major five:

Confidentiality, integrity, availability, non-repudiation, authentication

1. Confidentiality: information is accessible to correct person. Breach (breaking/failing) can occur due to improper handling of data and hacking. Includes data classification, data encryption and proper disposal of equipment.

2. Integrity: information is safe from unauthorized changes or prevention from improper changes. Has an assurance that information is sufficiently accurate. To check the integrity, checksum is used(mathematical way to check the given block is not changed) and the access(right person can add or delete the content)

3. Availability: The page is accessible to the authorized people when in need. Measures to maintain: disk arrays for redundant systems and clustered machines, antivirus software to combat malware, and distributed denial-of-service (DDoS) prevention systems.

4. Authenticity: check user is genuine or not. Measures are: biometrics, smart cards, and digital certificates ensure the authenticity of data, transactions, communications, and documents

Attacks = Motive (Goal) + Method + Vulnerability

The first chapter of the CEH v11 course serves as a foundational overview of ethical hacking and sets the stage for the more technical and detailed chapters that follow. Here's a detailed explanation of this chapter:

Overview

Ethical hacking is the practice of intentionally probing systems, networks, or applications to discover vulnerabilities that could be exploited by malicious hackers. Ethical hackers use the same skills and techniques as malicious hackers, but with the aim of improving security and protecting systems from attacks.

Key Topics Covered:

1. Information Security Overview

• Information Security Goals:

• Confidentiality: Ensures that information is not disclosed to unauthorized individuals, entities, or processes. Techniques such as encryption, access controls, and authentication mechanisms are used to maintain confidentiality.

• Integrity: Ensures that information remains unaltered during storage, transmission, and processing. Integrity is maintained using hashing, checksums, and digital signatures to detect any changes to the data.

• Availability: Ensures that information and resources are available to authorized users when needed. Measures like redundant systems, backups, and disaster recovery plans help maintain availability.

• Information Security Threats and Attack Vectors:

• Threats: Various types of threats include malware (viruses, worms, ransomware), phishing, social engineering, insider threats, and advanced persistent threats (APTs).

• Attack Vectors: Common methods through which threats exploit vulnerabilities include email attachments, drive-by downloads, unsecured Wi-Fi networks, and unpatched software.

2. Elements of Information Security

• Confidentiality:

• Techniques like encryption (AES, RSA), secure socket layer (SSL)/transport layer security (TLS), and access control lists (ACLs) help maintain confidentiality.

• Integrity:

• Methods to ensure integrity include using hash functions (MD5, SHA-256), digital signatures, and public key infrastructure (PKI).

• Availability:

• Strategies to ensure availability involve implementing redundant systems, using load balancers, conducting regular backups, and establishing comprehensive disaster recovery plans.

3. Ethical Hacking Concepts

• Definition and Scope:

• Ethical hacking is the authorized practice of bypassing system security to identify potential data breaches and threats in a network. The goal is to identify weaknesses before malicious hackers can exploit them.

• Roles and Responsibilities:

• Ethical hackers are responsible for performing security audits, vulnerability assessments, penetration testing, and providing recommendations for securing systems.

• Types of Ethical Hackers:

• White Hat: Ethical hackers who work with organizations to improve their security posture.

• Black Hat: Malicious hackers who exploit vulnerabilities for personal gain.

• Gray Hat: Individuals who may cross ethical lines but without malicious intent, often disclosing vulnerabilities they find.

4. Phases of Ethical Hacking

• Reconnaissance:

• Passive Reconnaissance: Gathering information without interacting with the target directly (e.g., public records, social media).

• Active Reconnaissance: Direct interaction with the target to gather information (e.g., network scanning, ping sweeps).

• Scanning:

• Identifying live systems, open ports, and services running on the target network. Tools like Nmap, Nessus, and OpenVAS are commonly used.

• Gaining Access:

• Exploiting vulnerabilities to enter the system. This could involve using exploits for software vulnerabilities, password cracking, or social engineering attacks.

• Maintaining Access:

• Ensuring persistent access to the target system, often using backdoors, rootkits, or trojans.

• Covering Tracks:

• Erasing evidence of the attack to avoid detection. Techniques include deleting logs, using anti-forensic tools, and obscuring the origin of the attack.

5. Information Security Controls

• Preventive Controls:

• Measures such as firewalls, intrusion prevention systems (IPS), and secure coding practices that are designed to prevent security incidents.

• Detective Controls:

• Tools and practices like intrusion detection systems (IDS), security information and event management (SIEM) systems, and regular audits to detect and alert on security incidents.

• Corrective Controls:

• Actions taken to repair damage caused by a security breach, such as data restoration from backups, applying patches, and implementing incident response plans.

6. Legal and Ethical Issues

• Laws and Regulations:

• Understanding relevant laws and regulations such as the Computer Fraud and Abuse Act (CFAA), General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), and Payment Card Industry Data Security Standard (PCI DSS).

• Professional Ethics:

• Adhering to ethical guidelines and standards, including obtaining proper authorization before conducting tests, respecting privacy, and ensuring responsible disclosure of vulnerabilities.

7. Hacking as a Career

• Skills Required:

• Key skills include proficiency in networking, programming (Python, C, Java), familiarity with operating systems (Linux, Windows), and experience with security tools (Metasploit, Wireshark).

• Certifications:

• Important certifications for ethical hackers include CEH (Certified Ethical Hacker), CISSP (Certified Information Systems Security Professional), OSCP (Offensive Security Certified Professional), and CompTIA Security+.

• Job Roles:

• Various career paths in ethical hacking include roles like penetration tester, security analyst, security consultant, vulnerability assessor, and security auditor.