Ethical Hacking

Hi everyone today I am going to share about cyber security and ethical hacking. Before I attend Mr. Harsha kalutarage online session I don’t have meaning of these terms. After the session I thought I got some knowledge about Ethical hacking and Cyber security.

Now a days when we look at news there are frequently occurrences of data leaking digital attacks and cyber espionage. All of these are happen by some group of people. These activities in the comfort of their homes, from behind a computer screen with the widespread access to the Internet across the world.

Hacking is one of the biggest shortcomings with regards to computer technology. Ethical Hacking or penetration testing has come up as a profession to counter this.

Ethical hacking is explicitly implied that we are talking about hacking that is based on ethical or moral values, without any ill intent. Ethical Hacking is defined as any form of hacking that is authorized by the owner of the target system. It can also refer to the process of taking active security measures to defend systems from hackers with malicious intentions.

Following the pictures shows how hackers interact on our system.

Adversaries mean someone or a group that intends to perform malicious actions against other cyber resources. Cyber criminals, Government, and Law enforcement are example for adversaries.

Next Threats mean Anyone who uses a computer connected to the Internet is susceptible to the threats that computer hackers and online predators pose. Hacker use malware Ransomware to hack you are assets.

Security controls are very important in the world. because every data is important for organization so owner of the organization must follow the security controls. Fire wall HTTPS are well known user security controls

Hackers break out our security controls to access the assets. assets mean data or file in our system.

CIA Traid is basic security goals. The CIA Triad is a well-known, venerable model for the development of security policies used in identifying problem areas, along with necessary solutions in the arena of information security.

Confidentiality

It’s crucial in today’s world for people to protect their sensitive, private information from unauthorized access.

Protecting confidentiality is dependent on being able to define and enforce certain access levels for information. In some cases, doing this involves separating information into various collections that are organized by who needs access to the information and how sensitive that information actually is — i.e. the amount of damage suffered if the confidentiality was breached.

Some of the most common means used to manage confidentiality include access control lists, volume and file encryption, and Unix file permissions.

Integrity

Data integrity is what the “I” in CIA Triad stands for. This is an essential component of the CIA Triad and designed to protect data from deletion or modification from any unauthorized party, and it ensures that when an authorized person makes a change that should not have been made the damage can be reversed.

Availability

This is the final component of the CIA Triad and refers to the actual availability of your data. Authentication mechanisms, access channels and systems all have to work properly for the information they protect and ensure it’s available when it is needed.

High availability systems are the computing resources that have architectures that are specifically designed to improve availability. Based on the specific HA system design, this may target hardware failures, upgrades or power outages to help improve availability, or it may manage several network connections to route around various network outages.

Access control

Access control is a method of restricting access to sensitive data. Only those that have had their identity verified can access company data through an access control gateway.

What are the components of access control?

At a high level, access control is about restricting access to a resource. Any access control system, whether physical or logical, has five main components:

1. Authentication: The act of proving an assertion, such as the identity of a person or computer user. It might involve validating personal identity documents, verifying the authenticity of a website with a digital certificate, or checking login credentials against stored details.
2. Authorization: The function of specifying access rights or privileges to resources. For example, human resources staff are normally authorized to access employee records and this policy is usually formalized as access control rules in a computer system.
3. Access: Once authenticated and authorized, the person or computer can access the resource.
4. Manage: Managing an access control system includes adding and removing authentication and authorization of users or systems. Some systems will sync with G Suite or Azure Active Directory, streamlining the management process.
5. Audit: Frequently used as part of access control to enforce the principle of least privilege. Over time, users can end up with access they no longer need, e.g. when they change roles. Regular audits minimize this risk.

Intrusion Detection

An Intrusion Detection System (IDS) is a system that monitors network traffic for suspicious activity and issues alerts when such activity is discovered. It is a software application that scans a network or a system for harmful activity or policy breaching. Any malicious venture or violation is normally reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system integrates outputs from multiple sources and uses alarm filtering techniques to differentiate malicious activity from false alarms.

Thank you!