3CS204ME24

Ethical Hacking and Vulnerability

Assessment
Ethical Hacking and Vulnerability Assessment
• Ethical hacking, also known as penetration testing or white-hat hacking,
refers to the practice of intentionally probing computer systems, networks,
and applications to find security vulnerabilities that could be exploited by
malicious hackers.
• The goal of ethical hacking is to identify and fix these vulnerabilities before
they can be used for unauthorized purposes.
• Vulnerability Assessment is the process of identifying, quantifying, and
prioritizing (or ranking) the vulnerabilities in a system.
• The goal is to determine the weaknesses that could be exploited by threats
and to assess the potential impact on the system.
• Key components: {Asset, Threat, Vulnerability} Identification, Risk
Assessment, Prioritization of Vulnerabilities, Reporting.
Quiz
• Which principle of the CIA triad ensures that data is not altered or
tampered with during storage or transmission?
• A. Confidentiality
B. Integrity
C. Availability
D. Authenticity
• Answer: B. Integrity
• Which aspect of the CIA triad is concerned with ensuring that
authorized users have reliable access to information and resources?
• A. Confidentiality
B. Integrity
C. Availability
D. Authentication

Answer: C. Availability
• Which of the following measures is primarily used to maintain
confidentiality?
• A. Redundant systems
B. Encryption
C. Checksums
D. Load balancing
• Answer: B. Encryption
• What is a common method to ensure the integrity of a file?
• A. Using a VPN
B. Employing firewalls
C. Implementing hash functions
D. Setting up multi-factor authentication

• Answer: C. Implementing hash functions

• Which of the following is the primary goal of information security?
• A. To prevent all unauthorized access to systems
B. To protect the confidentiality, integrity, and availability of
information
C. To ensure compliance with regulations
D. To monitor user activities
• Answer: B. To protect the confidentiality, integrity, and availability of
information
• What is a common type of attack that aims to disrupt the
availability of a system?
• A. Phishing
B. Man-in-the-middle attack
C. Denial-of-Service (DoS) attack
D. SQL injection
• Answer: C. Denial-of-Service (DoS) attack
• Which of the following is an example of a social engineering attack?
• A. Using a brute force attack to guess passwords
B. Exploiting a buffer overflow vulnerability
C. Sending phishing emails to trick users into revealing sensitive
information
D. Deploying malware to a network
• Answer: C. Sending phishing emails to trick users into revealing
sensitive information
• What is the primary purpose of a firewall in a network?
• A. To detect and remove malware
B. To encrypt network traffic
C. To prevent unauthorized access to or from a private network
D. To provide backup for data
• Answer: C. To prevent unauthorized access to or from a private
network
• Which of the following tasks is a primary responsibility of a
Cybersecurity Analyst?
• A. Designing and implementing security protocols
B. Monitoring network traffic for suspicious activity
C. Developing new encryption algorithms
D. Creating hardware security modules
• Answer: B. Monitoring network traffic for suspicious activity
• What is a key responsibility of a Cybersecurity Engineer?
• A. Conducting penetration testing and vulnerability assessments
B. Managing and configuring firewall settings
C. Monitoring compliance with security policies
D. Designing secure software architectures
• Answer: A. Conducting penetration testing and vulnerability
assessments
• Which role is most likely to be involved in the strategic planning of
network security infrastructure?
• A. Cybersecurity Analyst
B. Cybersecurity Engineer
C. Network Security Architect
D. Security Operations Center (SOC) Manager
• Answer: C. Network Security Architect
• A Cybersecurity Engineer is typically tasked with which of the
following activities?
• A. Writing detailed security policies and procedures
B. Implementing and maintaining security solutions such as firewalls
and IDS/IPS
C. Performing daily security log reviews and audits
D. Educating employees about cybersecurity best practices
• Answer: B. Implementing and maintaining security solutions such as
firewalls and IDS/IPS
• Which job role would most likely be responsible for designing the
overall security architecture of an organization’s network?
• A. Cybersecurity Analyst
B. Cybersecurity Engineer
C. Network Security Architect
D. IT Manager
• Answer: C. Network Security Architect
Ethical Hacking Framework
Dr Vipul Chudasama
Ethical Hacking Framework
• What is Ethical Hacking Framework?
• An Ethical Hacking Framework is a structured approach that ethical
hackers follow to systematically identify and exploit vulnerabilities in an
organization's systems, networks, or applications to improve their
security posture.

• This framework ensures that the process is conducted in a controlled

and authorized manner, aligning with legal and ethical standards.
Ethical Hacking Framework
• Key Components of an Ethical
Hacking Framework
1.Planning and Reconnaissance
2.Scanning and Enumeration
3.Gaining Access
4.Maintaining Access
5.Covering Tracks
6.Reporting and Remediation
Planning and Reconnaissance
• What is it??
• To gather information about the target to understand its structure, behavior,
and potential vulnerabilities.

• What are the techniques to do Reconnaissance?

• Passive Reconnaissance: Collecting data without directly interacting with the
target (e.g., using WHOIS databases, public records, social media).
• Active Reconnaissance: Collecting data directly interacting with the target to
gather information (e.g., network pinging, querying DNS).
Scanning and Enumeration
• What is it?
• The purpose of Enumeration is identify live systems, open ports, services,
and potential vulnerabilities.
• It servers as identifying entry point into the system.
• What are the techniques to do Enumeration?
• Network Scanning: Detecting active devices on a network.
• Port Scanning: Identifying open ports and services running on the target
system.
• Vulnerability Scanning: Using automated tools to detect known vulnerabilities
in the system.
Gaining Access
• What is it?
• The purpose of this process is to exploit identified vulnerabilities and gain
unauthorized access to the target system.
• Ethical hackers test the effectiveness of existing security measures and
understand the potential impact of a breach.
What are the techniques to do this process?
• Exploit Development: Creating or using existing exploits to take advantage of
vulnerabilities.
• Social Engineering: Manipulating individuals into exposing confidential
information or performing actions that compromise security.
Maintaining Access
• What is it?
• The phase where the hacker ensures they can continue to access the target
system over a prolonged period.
• The purpose is to assess the risk of prolonged unauthorized access and test
detection capabilities.
• What are the techniques??
• Rootkits: Software tools that enable continued access while hiding the
hacker’s presence.
• Backdoors: Hidden methods of bypassing authentication to regain access to a
system.
Covering Tracks
• What is it?
• The final phase where the hacker attempts to erase any evidence of their
presence and activities.
• The purpose of this phase also is to test the system's logging and monitoring
capabilities and to understand the ease of covering tracks.
• What are the techniques ??
• Log Manipulation: Altering or deleting log entries to remove evidence of
activities.
• Data Alteration: Modifying timestamps, metadata, or other information to
obfuscate actions.
Popular Ethical Hacking Tools
• Nmap: Network scanning tool used to discover hosts and services.
• Metasploit: Exploitation framework for developing and executing
exploit code.
• Wireshark: Network protocol analyser for network troubleshooting
and analysis.
• Burp Suite: Integrated platform for performing security testing of web
applications.
Ethical Considerations
• Authorization - Ethical hackers must have explicit permission from the
system owner before conducting any testing.
• Legal Compliance- Ensure adherence to relevant laws and regulations
(e.g., IT Act, Computer Fraud and Abuse Act, GDPR).
• Professional Conduct - Maintain integrity, honesty, and
professionalism throughout the process.