ETHICAL HACKING Module 01: Introduction to Ethical HackingEthical Hacking and Countermeasures ‘eam 31250 Cerfied thea ker Introdction to tical Hacking Module Objectives o Understanding the Elements of information Securty . Understanding information Security Attacks and information Warfare (Overview of Cyber Kil Chain Methodology, TTP, and lots (Overview of Hacking Concepts, Types, and Phases Understanding Ethical Hacking Concepts and its Scope (Overview of information Security Controls ‘Overview of information Security Acts and tau Module Objectives Attackers break into systems for various reasons and purposes. Therefore, it is important to understand how malicious hackers attack and exploit systems and the probable reasons behind those attacks. As Sun Tzu states in the Art of War, “If you know yourself but not the enemy, for every victory gained, you will also suffer a defeat.” System administrators and security professionals must guard their infrastructure against exploits by knowing the enemy—the malicious hacker(s)—who seeks to use the same infrastructure for illegal activities. This module starts with an overview of the current security scenario and emerging threat vectors. It provides insight into the different elements of inform: . Later, the module discusses hacking and ethical hacking concepts and ends with a brief discussion on information security controls and information security laws and acts. At the end of this module, you will be able to: "Describe the elements of information security + Explain information security attacks and information warfare "Describe cyber kill chain methodology, TTPs, and loCs "Describe hacking concepts, types, and phases = Explain ethical hacking concepts and scope Understand information security controls (defense-in-depth, risk management, cyber threat intelligence, threat modeling, incident management process, and Al/ML) * Know about the information security acts and laws Module 04 Page? Ethical Making and Countermeasures Copyright © by E-Cauncil ‘Al Rights Reserved. Reproduction Sel ProhiatedEthical Hacking and Countermeasures ‘eam 31250 Cerfied thea ker Introdction to tical Hacking Module Flow ¢ © ermatonsooiy Cyber Hm Chain © tacxing Concepts @ mame © Bermationsecuety razed x BS Information Security Overview Information security refers to the protection or safeguarding of information and information systems that use, store, and transmit information from unauthorized access, disclosure, alteration, and destruction. Information is a critical asset that organizations must secure. If sensitive information falls into the wrong hands, then the respective organization may suffer huge losses in terms of finances, brand reputation, customers, or in other ways. To provide an understanding of how to secure such critical information resources, this module starts with an overview of information security. This section introduces the elements of information security, classification of attacks, and information warfare. Module 04 Page 3 Ethical Making and Countermeasures Copyright © by E-Cauncil ‘Al Rights Reserved. Reproduction Sel ProhiatedEthic! Hacking and Countermeasures ‘eam 31250 Cerfied thea ker Introdction to tical Hacking Elements of Information Security € Information secu estate of wel-being of information and infrastructure in which the possibilty of thet, tampering, nd disuption of information and services sow or tolerable Contidentiatity || sian tet heinlrmation secession to tote muthorned to hw ccnes Integrity. ‘The trustworthiness of dat resources inerms of preventing improper or unauthores changes ezurance that tne asteme responsible for devering, string, and rocesng infomation are ‘Availability accessible when required by the authorized users Refers tothe characterise ofa communication, document, or any dsta that ensures the quality of Authonticity ines a Ser ‘guarantee thatthe sender ofa message cannot later deny having sent the messageand thatthe ‘eepiem cannot deny hang rece the message Elements of Information Security Information security is “the state of the well-being of information and infrastructure in which the possibility of theft, tampering, or disruption of information and services is kept low or tolerable.” It relies on five major elements: confidentiality, integrity, availability, authenticity, and non-repudiation, Confidentiality Confidentiality is the assurance that the information is accessible only to authorized. Confidentiality breaches may occur due to improper data handling or a hacking attempt. Confidentiality controls include data classification, data encryption, and proper disposal of equipment (such as DVDs, USB drives, and Blu-ray discs). Integrity Integrity is the trustworthiness of data or resources in the prevention of improper and unauthorized changes—the assurance that information is sufficiently accurate for its Purpose. Measures to maintain data integrity may include a checksum (a number produced by a mathematical function to verify that a given block of data is not changed) ‘and access control (which ensures that only authorized people can update, add, or delete data). Availability Availability is the assurance that the systems responsible for delivering, storing, and processing information are accessible when required by authorized users. Measures to maintain data availability can include disk arrays for redundant systems and clustered machines, antivirus software to combat malware, and distributed denial-of-service (0005) prevention systems. Module 04 Pages Ethical Making and Countermeasures Copyright © by E-Cauncil ‘Al Rights Reserved. Reproduction Sel Prohiatedethic Hacking and Countermeasures ‘eam 31250 Cerfied thea ker Introdction to tical Hacking = Authenticity Authenticity refers to the characteristic of communication, documents, or any data that ensures the quality of being genuine or uncorrupted. The major role of authentication is to confirm that a user is genuine. Controls such as biometrics, smart cards, and digital certificates ensure the authenticity of data, transactions, communications, and documents. * Non-Repudiation Non-repudiation is a way to guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message. Individuals and organizations use digital signatures to ensure non-repudiation. Module 04 Pages Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel ProhiatedEthical Hacking and Countermeasures ‘eam 31250 Cerfied thea ker Introdction to tical Hacking Motives, Goals, and Objectives of Information Security Attacks Attacks = Motive (Goal) + Method + Vulnerability |& Amotive originates out of the nation thatthe target system stores or processes something valuable, and this leads tothe tveat ofan attack ante system (a. Attackers try various tools and attack techniques to exploit vulnerabilities ina computer system orits security policy and coatrols in order to ful the menives, Motives behind Information security attacks © Disrupting business contiolty © ‘Stealing information and manipulating data Propagating religious or political belles Achieving state's itary objectives Damaging the reputation of the target Taking revenge Demanding ensom cresting fear and chaos by disrupting eal Infrastructures © Causing Francia! oss othe target Motives, Goals, and Objectives of Information Security Attacks Attackers generally have motives (goals), and objectives behind their information security attacks. A motive originates out of the notion that a target system stores or processes something valuable, which leads to the threat of an attack on the system. The purpose of the attack may be to disrupt the target organization’s business operations, to steal valuable information for the sake of curiosity, or even to exact revenge. Therefore, these motives or goals depend on the attacker's state of mind, their reason for carrying out such an activity, as well as their resources and capabilities. Once the attacker determines their goal, they can employ various tools, attack techniques, and methods to exploit vulnerabilities in a computer system or security policy and controls. Attacks = Motive (Goal) + Method + Vulnerability Motives behind information security attacks * Disrupt business continuity * Propagate religious or political beliefs = Perform information theft * Achieve a state’s military objectives "Manipulating data "Damage the reputation of the target Create fear and chaos by disrupting "Take revenge critical infrastructures @ Demandeancon = Bring financial loss to the target Module 04 Pages Ethical Making and Countermeasures Copyright © by E-Cauncil ‘Al Rights Reserved. Reproduction Sel Prohiated