This is part 2 of Ethical Hacking For Beginners Course.
Security Professionals follow four key protocol concepts:
Stay legal: Obtain proper approval before accessing and performing a security assessment.
Define the scope: Determine the scope of the assessment so that the ethical hacker’s work remains legal and within the organization’s approved boundaries.
Report vulnerabilities: Notify the organization of all vulnerabilities discovered during the assessment. Provide remediation advice for resolving these vulnerabilities.
Respect data sensitivity: Depending on the data sensitivity, ethical hackers may have to agree to a non-disclosure agreement, in addition to other terms and conditions required by the assessed organization.
An ethical hacker, also referred to as a white hat hacker, is an information security (infosec) expert who penetrates a computer system, network, application or other computing resource on behalf of its owners -- and with their authorization. Organizations call on ethical hackers to uncover potential security vulnerabilities that malicious hackers could exploit.
The purpose of ethical hacking is to evaluate the security of and identify vulnerabilities in target systems, networks or system infrastructure. The process entails finding and then attempting to exploit vulnerabilities to determine whether unauthorized access or other malicious activities are possible.
What do ethical hackers do?
Mainly they perform following tasks:
1. Finding vulnerabilities: Ethical hackers help companies determine which of their IT security measures are effective, which need updating and which contain vulnerabilities that can be exploited.
2. Demonstrating methods used by cybercriminals: These demonstrations show executives the hacking techniques that malicious actors could use to attack their systems and wreak havoc on their businesses.
3. Helping to prepare for a cyber attack: Cyber attacks can cripple or destroy a business -- especially a smaller business -- but most companies are still unprepared for cyber attacks. Ethical hackers understand how threat actors operate, and they know how these bad actors will use new information and techniques to attack systems.
