Computer Science
Please find attached tasks for Ethical Hacking & Information Assurance.
Note.: Incomplete work is not acceptable.
Week2
#1. Given the rich and diverse skills and mindset of an ethical hacker (technical, administrative, and physical measures), which characteristics do you believe to be the most important in this role? Please explain your choice.
An initial post must be between 250-300 words and please be sure safe assign score (plagiarism) is less than 25%.
#2. Write a paragraph response to below discussion posted
#Posted by Naresh
A hacker is an individual who uses computer, networking or other skills to gain unauthorized access to systems or networks. There are different types of hackers like black-hat hackers, white-hat hackers and gray-hat hackers. Among them a white-hat hacker is also known as an ethical hacker as he/she is the security professional. Ethical hackers know how to find and exploit vulnerabilities and weaknesses in various systems just like a black hat hacker, however, an ethical hacker uses those skills in a legitimate, lawful manner to try to find vulnerabilities and fix them before the bad guys can get there and try to break in. An Ethical hacker must have rich and diverse skills, mindset of black-hat hacker and technical, administrative, and physical measures to perform job duties.
As discussed earlier an ethical hacker often gets access to confidential information, so must maintain their job ethics and completely trustworthy and never download or damage any sensitive data. Another skill is patient and persistent, as they breaking into a system doesn’t just happen. It takes time and effort to successfully plan and carry out an attack. At times, they work long hours. Ethical hackers think outside the box, as they break into a system by thinking differently. They experiment tirelessly, discarding conventional wisdom to reach their end goal. Ethical hacker technically sounds good, as when performing job duties they need to have knowledge of various technologies like computer systems, networking, and database, application servers and strong programing skills.
Among the all characteristics and skills i believe technical skills to be the most important in Ethical hacking role. Ethical hacking follows standard procedures with step by step process; first step is conducting network reconnaissance followed by exploiting software, including web and mobile apps. Next step is hacking into wireless networks and launching Denial of Service (DoS) attacks and final step is evading firewalls and intrusion detection systems with detailed documentation including findings and recommendation to fix known security vulnerabilities. To perform all this tasks he/she must technically sound with skills including computer programing, networking with scripting and virtualization techniques, SQL database concepts to better perform job duties to help client business organization who hired to assess and recommend security vulnerabilities fixes.
Week 1
Review the required reading material and summarize one of the scholarly articles listed on the selected websites. In 2-3 paragraphs, and using your own words (250-300), explain why ethical hacking is necessary in today’s complex business environment.
The Benefits of Learning Ethical Hacking (Posted in
Penetration Testing
on August 29, 2018)
https://resources.infosecinstitute.com/the-benefits-of-learning-ethical-hacking/
When Ethical Hacking Can’t Compete
https://www.theatlantic.com/technology/archive/2015/12/white-hat-ethical-hacking-cybersecurity/419355/
Week 2
Go online and search for information that relates to ethical hacking (white hat or gray hat hacking). Choose one of these areas explain why a company might benefit from hiring someone to hack into their systems.
Your assignment should be 3-4(250-300 words) paragraphs in length.
Note:-Safe Assign is software that verifies the originality of your work against on-line sources and other students. Please make sure safe assign score is less than 25%
Topic: What is the weakest link in the security of an IT infrastructure? What are some of the strategies for reducing the risks?
Read and respond to below two student’s discussions. (5-6 lines would be more sufficient) reflecting on your own experience, challenging assumptions, pointing out something new you learned, offering suggestions
#1. Posted by Bhavya
Humans are the weakest link in the security of an organization, In people’s organization people are the weakest link because most of the threats to an organization happen due to the negligence of the employees, where there is also certain percentage of small threats inside any Organization. We are all humans and we make small mistakes, but small mistakes can cause major financial loss and however advanced the technology is it is maintained by humans. So however strong your Organization firewall is or however strong Anti-virus Software is people are very vulnerable than computers. Most common human mistakes are opening Spam emails and attachments and clicking on unnecessary emails which makes easy for the hackers to interpret human behavior and hit on a network or an organization.
Most of the data breaches are due to the human behavior. Outside perpetrators target employees to get information of Client details, Confidential Information, source code and blackmails, to demand large amount to encrypt the data. To reduce the risk and damage is to train employees on how to look after the attacks by outsiders. Also, regular risk assessment of employees can reduce the Cyber risk. Also Vulnerability assessment and penetration testing reduces the risk of any organization. Most important security is to eliminate the human intelligence because how many trainings are given they still do not match to the intelligence of the hackers.
#2. Posted by Himakar
As humans, we all commit mistakes at some point or the other. But the problem here is that, there are plenty of people who are trying to take advantage of a single silly mistake which can cost your business tremendous financial loss. Advanced security practices, no matter how sophisticated will always be constrained by our human factor. Perpetrators target employees to demand ransom by encrypting the data and files, to malign the public image of the firm, or to disrupt some service thereby causing substantial damages on large scale.
Attackers tend to go after low-hanging fruit. If a malicious hacker targets a system for whatever reason, they’re going to follow the path of least resistance. That means they’ll try to attack the parts of the system that look the weakest, and not the parts that look the strongest. Often, the weakest part of your system will be administrators, users or tech support people who fall prey to social engineering. Hackers generally use the means of social engineering to target various verticals like healthcare and e-commerce. Hackers tend to capitalize on the negligence of employees. It can be said that people are more vulnerable than computers in some situations. In fact, more than 50 percent of businesses got trapped in a social engineering attack in 2016.
Some of the strategies for reducing the risks should involve, conducting Regular People Risk Assessment of employees which can reduce the cyber risk considerably, to use incentive mechanism to foster the Employee for attention towards security aspect. Periodic Vulnerability Assessment and Penetration Testing reduces threat-posture of the organization.
Week1
What is the weakest link in the security of an IT infrastructure? What are some of the strategies for reducing the risks?
An initial post must be between 250-300 words and please be sure safe assign score (plagiarism) is less than 25%.
Week2
Explain in your own words why businesses must have an Internet and IoT marketing strategy.
An initial post must be between 250-300 words and please be sure safe assign score (plagiarism) is less than 25%.