Road to CEH Masters Week 4: Introduction to Ethical Hacking

Introduction to Ethical Hacking (CEH): A Comprehensive Overview

Information Security Fundamentals

Information security involves safeguarding information and information systems against unauthorized access, disclosure, alteration, and destruction. It’s crucial for organizations to protect sensitive information to avoid financial losses, reputation damage, and other potential harms.

Key Elements of Information Security

• Confidentiality: Ensures only authorized individuals can access information. Implementing data classification, encryption, and proper disposal methods helps maintain confidentiality.
• Integrity: Maintains the accuracy and trustworthiness of data, preventing unauthorized alterations. Techniques like checksums and access controls are essential.
• Availability: Ensures resources are accessible when needed. This includes using redundant systems, antivirus software, and DDoS prevention measures.
• Authenticity: Confirms that data and communications are genuine. Controls include biometrics and digital certificates.
• Non-Repudiation: Guarantees that the sender and recipient cannot deny sending or receiving a message, often achieved using digital signatures.

Motives Behind Attacks Attackers have various motives, including disrupting business continuity, stealing information, manipulating data, creating chaos, causing financial loss, propagating beliefs, achieving military objectives, damaging reputations, seeking revenge, and demanding ransom.

Types of Attacks

• Passive Attacks: Involve monitoring network traffic without tampering with data (e.g., footprinting, sniffing, network traffic analysis).
• Active Attacks: Include tampering with data and disrupting communications (e.g., DoS attacks, malware, spoofing, SQL injection).
• Close-in Attacks: Conducted by attackers in physical proximity to the target (e.g., social engineering, dumpster diving).
• Insider Attacks: Executed by trusted individuals within the organization (e.g., data theft, wiretapping).
• Distribution Attacks: Involve tampering with hardware or software before installation (e.g., creating backdoors).

Information Warfare Information warfare encompasses protecting oneself while attacking adversaries. Key categories include command and control warfare, intelligence-based warfare, electronic warfare, psychological warfare, and hacker warfare.

CEH Hacking Methodology The CEH hacking methodology (CHM) involves:

1. Footprinting: Gathering information about the target.
2. Scanning: Identifying open ports and services.
3. Enumeration: Extracting detailed information.
4. Vulnerability Analysis: Identifying security weaknesses.

Cyber Kill Chain Methodology Developed by Lockheed Martin, this seven-step process includes reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on objectives.

Tactics, Techniques, and Procedures (TTPs) TTPs describe the patterns of activities and methods used by attackers. Understanding these helps in predicting and detecting threats early, identifying vulnerabilities, and implementing defensive measures.

Adversary Behavioral Identification Identifying common methods used by attackers helps security professionals anticipate and mitigate threats. Techniques include monitoring unusual commands, detecting misuse of tools like PowerShell, and identifying suspicious network traffic.

Indicators of Compromise (IoCs) IoCs are clues that indicate potential intrusions. Categories include email indicators (e.g., malicious attachments), network indicators (e.g., suspicious URLs), host-based indicators (e.g., file hashes), and behavioral indicators (e.g., unexpected activities).

MITRE ATT&CK Framework This knowledge base categorizes adversary tactics and techniques, aiding in the development of threat models and methodologies. It includes collections for Enterprise, Mobile, and PRE-ATT&CK scenarios.

Diamond Model of Intrusion Analysis This framework helps identify and correlate events in an intrusion, focusing on adversary, victim, capability, and infrastructure to predict and mitigate attacks.

Understanding Hacking and Hackers Hacking involves exploiting system vulnerabilities for unauthorized access. Hackers are skilled individuals who break into systems to steal data or perform malicious activities. Ethical hacking uses similar methods but aims to improve security rather than compromise it.

With my study notes I have create a set of 20 flashcards that can be accessed here: Module 1: Introduction to Ethical Hacking Flash Cards

I have also created this visual Mind map: Module 1 – Mindmap

If you have any questions or any feedback feel free to comment or leave a message on the homepage as that will send directly to me!

Thanks for reading!