100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
edX BCT-Ethical Hacking is a comprehensive online course designed to equip learners with the knowledge and skills necessary to identify and mitigate security vulnerabilities in networks and systems. This course provides a solid foundation in ethical hacki CA$9.96   Add to cart
Quickly navigate to
Preview
  2.  
  3. EdX BCT-ethical-hacking Try It: Ethical Hacking
  4.  
  5. EdX BCT-ethical-hacking Try It: Ethical Hacking
  6.  
  7. EdX BCT-ethical-hacking Try It: Ethical Hacking

Class notes

edX BCT-Ethical Hacking is a comprehensive online course designed to equip learners with the knowledge and skills necessary to identify and mitigate security vulnerabilities in networks and systems. This course provides a solid foundation in ethical hacki
 10 views  0 purchase

Start your cybersecurity journey by building a strong foundation in ethical hacking theory. Learn about the principles, techniques, and tools used to identify and mitigate security vulnerabilities. These foundational notes will equip you with the knowledge needed to embark on practical hands-on tra...

[Show more]

Preview 2 out of 6  pages

Document information

  • August 22, 2024
  • 6
  • 2024/2025
  • Class notes
  • Edx
  • All classes

Subjects

Written for

All documents for this subject (1)

Seller

avatar-seller
thalia123

Content preview

Ethical Hacking
By Thalia
Ethical hacking is a type of hacking done for good reasons. It's also known as offensive security because
it tests security by using attacking tactics instead of defensive ones.

There are different types of ethical hacking:

Types of Ethical Hacking Description
Network Penetration Network penetration testing is like getting someone to hire you (an ethical hacker)
Testing to try and break into your computer system. Your job is to look for holes in their
computer's defenses and tell them how to patch them up. This way, real hackers
can't steal their important stuff. It's usually known in advance and often assisted by
the defensive side.


Web Application Web Application Penetration Testing Is a more focused type of network penetration
Penetration Testing testing, like instead of checking the foundation of a house it checks and focuses just
on one room AKA It looks for weaknesses in the software that runs an online store,
like finding bugs in the code or ways to trick the software into doing something it
shouldn't.

Cloud Penetration Imagine your house is stored in a big, secure storage facility (the cloud, Microsoft
Testing Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP)). Cloud
penetration testing is like hiring someone to try to break into that storage facility
and your house inside it. They're checking for weaknesses in the facility's security,
as well as the security of your house while it's there.

Red Teaming Red Teaming aims to simulate a real-world attack to test the overall security
posture. It’s more creative and adaptive in assessing the organization's ability to
detect, respond, and recover from an attack. This is like penetration testing but
without giving prior notice to the defensive team.

Blue Teaming Blue teaming is the defensive counterpart to red teaming. Acts as the first line of
defense, protecting the organization's network infrastructure and data from the red
team / hackers by implementing and maintaining security controls.

Purple Teaming Purple teaming is like combining the skills of a hacker (red team) and a security
guard (blue team). The goal is to improve the organization's overall security posture
by learning from simulated attacks and strengthening defenses.


Vulnerability Auditing vulnerability auditing is the process of scanning a system or network for weaknesses
that could be exploited by hackers. It's like looking for holes in your computer's
armor. By identifying these vulnerabilities, you can fix them before they're used to
attack your system.

Exploit Development exploit development is actually the process of creating a tool or technique to take
advantage of a known vulnerability.

Ex. Imagine you're a locksmith hired to test the security of houses you might find a
house with a door that can be opened with a paperclip. That's a vulnerability. Your
job as a locksmith is to figure out exactly how to open that door with a paperclip.
Once you know how, you can inform the homeowner about the problem so they
can replace the lock.

, • Client: This is YOU: your computer or device (like your phone or tablet). It sends
requests for retrieving data, submitting a form or updating info along with anything it
wants to be done to the server with clicks or using links.
• Server: This is a powerful computer that stores information and runs applications. It
responds to requests from clients.

(Traditionally, these servers were located
within a company's physical building. However,
with the rise of cloud computing, many
businesses now store their servers on remote
computers managed by cloud service
providers.)




When you do something on a website (like clicking a
link or submitting a form), your computer sends a
message to the website's computer asking for
something to happen.



The website's computer gets your message and figures
out what to do. It checks its information, does any
necessary calculations, and gets ready to send you a
reply.



Server sends a response: Once the server has processed
the request, it generates a response containing the
requested data or the outcome of the operation. The
response is typically formatted using standard protocols
such as HTTP (Hypertext Transfer Protocol).



Your computer gets the answer and shows it to you.
When your computer receives the information from the
website, it displays it on your screen. This could be a
new page, an updated page, or an error message.




And you do it all over again
with every click

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller thalia123. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for CA$9.96. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

76799 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
CA$9.96
  • (0)
  Add to cart