X

Download Hands-On Ethical Hacking and Network Security PowerPoint Presentation

SlidesFinder-Advertising-Design.jpg

Login   OR  Register
X


Iframe embed code :



Presentation url :

Home / Computers & Web / Computers & Web Presentations / Hands-On Ethical Hacking and Network Security PowerPoint Presentation

Hands-On Ethical Hacking and Network Security PowerPoint Presentation

Ppt Presentation Embed Code   Zoom Ppt Presentation

PowerPoint is the world's most popular presentation software which can let you create professional Hands-On Ethical Hacking and Network Security powerpoint presentation easily and in no time. This helps you give your presentation on Hands-On Ethical Hacking and Network Security in a conference, a school lecture, a business proposal, in a webinar and business and professional representations.

The uploader spent his/her valuable time to create this Hands-On Ethical Hacking and Network Security powerpoint presentation slides, to share his/her useful content with the world. This ppt presentation uploaded by worldwideweb in Computers & Web ppt presentation category is available for free download,and can be used according to your industries like finance, marketing, education, health and many more.

About This Presentation

Slide 1 - Hands-On Ethical Hacking and Network Defense Chapter 1 Ethical Hacking Overview
Slide 2 - Hands-On Ethical Hacking and Network Defense 2 Objectives Describe the role of an ethical hacker Describe what you can do legally as an ethical hacker Describe what you cannot do as an ethical hacker
Slide 3 - Hands-On Ethical Hacking and Network Defense 3 Introduction to Ethical Hacking Ethical hackers Employed by companies to perform penetration tests Penetration test Legal attempt to break into a company’s network to find its weakest link Tester only reports findings, does not solve problems Security test More than an attempt to break in; also includes analyzing company’s security policy and procedures Tester offers solutions to secure or protect the network
Slide 4 - Hands-On Ethical Hacking and Network Defense 4 The Role of Security and Penetration Testers Hackers Access computer system or network without authorization Breaks the law; can go to prison Crackers Break into systems to steal or destroy data U.S. Department of Justice calls both hackers Ethical hacker Performs most of the same activities but with owner’s permission
Slide 5 - Hands-On Ethical Hacking and Network Defense 5 The Role of Security and Penetration Testers Script kiddies or packet monkeys Young inexperienced hackers Copy codes and techniques from knowledgeable hackers Experienced penetration testers write programs or scripts using these languages Practical Extraction and Report Language (Perl), C, C++, Python, JavaScript, Visual Basic, SQL, and many others Script Set of instructions that runs in sequence
Slide 6 - It Takes Time to Become a Hacker This class alone won’t make you a hacker, or an expert It might make you a script kiddie It usually takes years of study and experience to earn respect in the hacker community It’s a hobby, a lifestyle, and an attitude A drive to figure out how things work Hands-On Ethical Hacking and Network Defense 6
Slide 7 - Hands-On Ethical Hacking and Network Defense 7 The Role of Security and Penetration Testers Tiger box Collection of OSs and hacking tools Usually on a laptop Helps penetration testers and security testers conduct vulnerabilities assessments and attacks
Slide 8 - Hands-On Ethical Hacking and Network Defense 8 Penetration-Testing Methodologies White box model Tester is told everything about the network topology and technology Network diagram Tester is authorized to interview IT personnel and company employees Makes tester’s job a little easier
Slide 9 - Network Diagram From ratemynetworkdiagram.com (Link Ch 1g) Hands-On Ethical Hacking and Network Defense 9
Slide 10 - Hands-On Ethical Hacking and Network Defense 10 This is a Floor Plan
Slide 11 - Hands-On Ethical Hacking and Network Defense 11 Penetration-Testing Methodologies Black box model Company staff does not know about the test Tester is not given details about the network Burden is on the tester to find these details Tests if security personnel are able to detect an attack
Slide 12 - Hands-On Ethical Hacking and Network Defense 12 Penetration-Testing Methodologies Gray box model Hybrid of the white and black box models Company gives tester partial information
Slide 13 - Hands-On Ethical Hacking and Network Defense 13 Certification Programs for Network Security Personnel Certification programs available in almost every area of network security Basics: CompTIA Security+ (CNIT 120) Network+ (CNIT 106 or 201)
Slide 14 - Take Certification Tests Here CNIT is a Prometric Vue testing center Certification tests are given in S214 CompTIA and Microsoft The next tests will be in the second week of April, right after Spring Break Email sbowne@ccsf.edu if you want to take a test Hands-On Ethical Hacking and Network Defense 14
Slide 15 - 15 Certified Ethical Hacker (CEH) But see Run Away From The CEH Certification Link Ch 1e on my Web page
Slide 16 - 16 OSSTMM Professional Security Tester (OPST) Designated by the Institute for Security and Open Methodologies (ISECOM) Uses the Open Source Security Testing Methodology Manual (OSSTMM) Test is only offered in Connecticut and outside the USA, as far as I can tell See links Ch 1f and Ch 1h on my Web page
Slide 17 - 17 Certified Information Systems Security Professional (CISSP) Issued by the International Information Systems Security Certifications Consortium (ISC2) Usually more concerned with policies and procedures than technical details Web site www.isc2.org
Slide 18 - Hands-On Ethical Hacking and Network Defense 18 SANS Institute SysAdmin, Audit, Network, Security (SANS) Offers certifications through Global Information Assurance Certification (GIAC) Top 20 list One of the most popular SANS Institute documents Details the most common network exploits Suggests ways of correcting vulnerabilities Web site www.sans.org (links Ch 1i & Ch 1j)
Slide 19 - Hands-On Ethical Hacking and Network Defense 19 What You Can Do Legally Laws involving technology change as rapidly as technology itself Find what is legal for you locally Laws change from place to place Be aware of what is allowed and what is not allowed
Slide 20 - Hands-On Ethical Hacking and Network Defense 20 Laws of the Land Tools on your computer might be illegal to possess Contact local law enforcement agencies before installing hacking tools Written words are open to interpretation Governments are getting more serious about punishment for cybercrimes
Slide 21 - Hands-On Ethical Hacking and Network Defense 21 Recent Hacking Cases
Slide 22 - Hands-On Ethical Hacking and Network Defense 22 Is Port Scanning Legal? Some states deem it legal Not always the case Federal Government does not see it as a violation Allows each state to address it separately Read your ISP’s “Acceptable Use Policy” IRC “bots” may be forbidden Program that sends automatic responses to users Gives the appearance of a person being present
Slide 23 - Hands-On Ethical Hacking and Network Defense 23 CCSF Computer Use Policy www.ccsf.edu/Policy/policy.shtml (link Ch 1k)
Slide 24 - Hands-On Ethical Hacking and Network Defense 24 Federal Laws Federal computer crime laws are getting more specific Cover cybercrimes and intellectual property issues Computer Hacking and Intellectual Property (CHIP) New government branch to address cybercrimes and intellectual property issues
Slide 25 - Hands-On Ethical Hacking and Network Defense 25
Slide 26 - Hands-On Ethical Hacking and Network Defense 26 What You Cannot Do Legally Accessing a computer without permission is illegal Other illegal actions Installing worms or viruses Denial of Service attacks Denying users access to network resources Be careful your actions do not prevent customers from doing their jobs
Slide 27 - Anti-Spam Vigilantes: Lycos Ch 1l1: Lycos starts anti-spam screensaver plan: Dec 2, 2004 Ch 1l2: Lycos Pulls Anti-Spam 'Vigilante' Campaign -- Dec 3, 2004 Ch 1l3: Lycos's Spam Attack Network Dismantled -- Spammers sent the DOS packets back to Lycos -- Dec 6, 2004 Hands-On Ethical Hacking and Network Defense 27
Slide 28 - Anti-Spam Vigilantes: Blue Frog Ch 1m: Blue Frog begins its "vigilante approach" to fight spam -- July, 2005 Ch 1n: Russian spammer fights back, claims to have stolen Blue Frog's database, sends threating email -- DOS attack in progress -- May 2, 2006 Ch 1o: Blue Frog compromised and destroyed by attacks, urgent instructions to uninstall it, the owners have lost control -- May 17, 2006 Hands-On Ethical Hacking and Network Defense 28
Slide 29 - Anti-Spam Vigilantes: The Future Ch 1p: Call for help creating distributed, open-source Blue Frog replacement -- May 17, 2006 Not in textbook, see links on my page (samsclass.info) Hands-On Ethical Hacking and Network Defense 29
Slide 30 - Hands-On Ethical Hacking and Network Defense 30 Get It in Writing Using a contract is just good business Contracts may be useful in court Books on working as an independent contractor The Computer Consultant’s Guide by Janet Ruhl Getting Started in Computer Consulting by Peter Meyer Internet can also be a useful resource Have an attorney read over your contract before sending or signing it
Slide 31 - Hands-On Ethical Hacking and Network Defense 31 Ethical Hacking in a Nutshell What it takes to be a security tester Knowledge of network and computer technology Ability to communicate with management and IT personnel Understanding of the laws Ability to use necessary tools