Be sure to post an initial, substantive response by Thursday at 11:59 p.m. MST and respond to 2 or more peers with substantive responses by Sunday at 11:59 p.m. MST. Be sure you write a substantive initial post, answer the question presented completely and/or ask a thoughtful question pertaining to the topic. Also ensure your substantive peer responses has a thoughtful question pertaining to the topic and/or has answers to a question (in detail) posted by another student or the instructor.
Response 1
Types of Attacks There is so much to say about various types of attacks the most common ones are virus attacks. In information security there is a saying and in general “knowledge is power,” When it comes to IT security this is great advice and good knowledge, we have Denial of service (DoS), Trojan horse, and buffer overflow (Easttom, 2018). Such a significance in hacking there is a difference you have your hackers, and they are generally known as Black hat Hackers- The intent and end game are to use their skills with malicious intent, this group of hackers are not “Ethical hackers”. Then you have the second type of hacker and that is the White-hat hacker- An ethical hacker having innovative computing skills and use the skills for defensive purpose. The third type of hacker is the gray hat hacker with advanced computer user that work both offensively and defensively generally they are recruited as consultants often known as white hats who moonlight as black hat hackers (Arora, 2022). What is ethical hacking? Ethical hacking is an intentional penetration of a network or an operating system with the sole purpose of learning vulnerabilities and evaluate security systems or networks. The business organization allows the ethical hacker to make the necessary steps or actions to do the job. Organization generally hires an outsider or outside organization; this enables the ethical hacker to take a natural approach and an unknown. There is many variable Pros and Cons, they have to endure legal risks, and yes, there is a Code of Ethics or Conduct (Johansen, 2017). I may have gone many steps forward; I’m really looking to learn much more from this course. My personal experience is having the opportunity to listen to one of my previous professors tell us some stories of how easy it is to hack a business. They must carry a legal document in the event the associates call law enforcement that proves they have been hired by an executive within the organization to determine the risk and the vulnerability the business is facing. That is my experience. My end game is to finish studying my course in Penetration testing, get certified and be able to do this professionally.
Response 2
Great post, please explain why you believe that Pen Test approach is safe? We do know that it is a technique of testing and a security assessment. This helps organizations balance background investigations and social engineering along with network safety. However, if I have learned anything being in IT is that nothing is 100% safe or secure. As much as we have the good hackers, the Red Hat hackers or the bad hackers are right there at least 2 steps ahead of the good guys. We do know that Pen testing is crucial, yet there is the fear of third party people that will play an essential role for security breaches, this has to be done in stages in order to maintain any disasters to the organizations. We also have learned that Pen testing can be done internally, yet that is not the best decision for an organization due to backlash from the associate especially if they become disgruntled.