CHAPTER 1: INTRODUCTION
understanding terminologies
cyber security is a field that is evolving every day, as technology keep’s on evolving the more the digital crimes keep on get more popular and growing. As systems keep on getting more sophisticated the more the cyber criminals keep on finding various ways to get to the sensitive information. The motive of each hacker varies from one hacker to another some are motivated by the money they get paid to hack a system, others are just motivated because of the ego and others are motivated by the act of protecting the wellbeing of the people.
Cyber security is the process of protecting organization’s assets from unauthorized access but also from potential damages which might be caused by potential security breaches.
In cyber security there are terminologies that need to be understood by various individual’s in-terms of careers in this field.
(a)
Penetration testing – is the process of looking for
weakness in the systems before they are
being exploited by hackers
(b)
Ethical hacking – is the process of trying to exploit
a network by covering all hacking methodologies
with other similar hacking techniques as a black hat hacker would do according
to EC-COUNCIL
(c)
Cyber security – is the process of defending an
organization’s network from various threats. The cyber security
is divided into two teams
(i)
Blue team – they are the individuals who are
responsible for implementing the security of the organization and ensuring the security controls
are put into place
(ii)
Red team – they are the individuals who are responsible
for testing the security that have
been implemented by the blue team by trying to hack there way through
the system
Understanding the open system interconnection (OSI) model
is an important part of
hacking, you need to know and understand how application and systems communicate and function over the system.
OPEN SYSTEM INTERCONNECTION (OSI) LAYER
Is a reference model on how applications communicate on the network. There are 7 layers of the 0SI model where layer 1 is has a far relationship with the user and layer 7 has a close relation to the user.
Layer 7: Application layer
This is the layer which involves the user, this is the layer where the user interacts with the systems example applications like the web browsers, email applications like outlook etc. Layer 6: Presentation layer
This is the layer where you interact with the operating system example trying to boot your system, or trying to change or add your drivers etc
Layer 5: Session layer
This is the layer where by when two computers interact with each other successfully they create a session among each other
Layer 4: Transport Layer
This is all about the transfer of data from one point to, how much amount of data can be sent and received from one point to another
Layer 3: Network Layer
This is the layer that involves how devices communicate with each other example TCP/IP Layer 2: Data-link layer
This layer involves the physical addressing of network devices example mac address Layer 1: Physical layer
It’s all about how devices are connected to each other physically
in penetration testing there are various areas of specialties that an individual could get into and these include:
(a)
web penetration testing
(b) Network penetration testing
(c) Application penetration testing
(d) Mobile penetration testing
(e) Wireless penetration testing (f) IoT penetration testing
0 মন্তব্যসমূহ