Wear the Black, White, and Gray Hat with Ethical Hacking Training

May 14th 2015 at 2:56 AM

Ethical hacking training is one of the wisest moves for someone who has the interest and aptitude in web security and allied areas. As per Forbes, ethical hacking is among the highly paying jobs of the future. Companies hire these professionals to purposefully hack into their network systems and find vulnerabilities, which are subsequently plugged. These professionals command a median salary of $92000. With experience, they lead a comfortable life. The career is professionally challenging and filled with new paradigms.

Certified ethical hacking – not an everyday job

Aspirants can prepare for the CEH (Certified Ethical Hacker) certification. They can progress to take up advanced certifications from the International Council of E-Commerce Consultants (EC-Council). CEH holders are employed by private and public sector organizations. They can also work as consultants. The defence always looks for talented and highly-versatile ethical hacking professionals. Security professionals perform a range of activities on a daily basis. It could be as complex as analysing binaries to understand the extent of damage that a virus caused to doing a simple penetration testing to understand if the network has not been compromised. Professionals can continue to update their knowledge by taking up information security courses on varied technology areas.

A hacker may work with the technical support team to analyse the following infrastructure touch-points.

· Physical topology and critical network access points

· Logical topology and network protocols used.

· Network operating systems

· Firewalls, routers ,switches, IDS, and several other devices and their configurations.

· RAS and VPN

· Modems, wireless networks, PBX, Intranet, extranet, web, e-mail server, DNS, DHCP

· Authentication methods

· Antivirus software

What is the gray box approach?

Many penetration testers have heard about white hat and black hat ethical hacking. But they may not have come across the gray approach. This is a hybrid approach which incorporates white box and black box penetration testing methods. The scenario is built on the premise that the untrusted outside user is working with the trusted and validated inside user to sabotage the network. This testing model outputs many possibilities. One of them is when the outsider is planning the attack, while the insider is providing this person the relevant information.

Solving this scenario requires the management to specify rules of engagement. They will decide as to the levels of knowledge available to the hacking team members. This mechanism controls outsider-insider combined sabotage of the system. All of this and more can be learnt at an ethical hacking training. It is surely very interesting!

Please to comment

sign in

Remember Me

New to IM faceplate? join free!

Lost Password? click here