Difference between revisions of "SANS 560 Notes"
Jump to navigation
Jump to search
(New page: '''Sans 560: Network Penetration and Ethical Hacking''' ==Definitions== * Threat: Agent That can Cause harm * Vulnerability: A flaw that can be exploited * Risk: Overlap of Vulnerability a...) |
|||
| Line 4: | Line 4: | ||
* Vulnerability: A flaw that can be exploited | * Vulnerability: A flaw that can be exploited | ||
* Risk: Overlap of Vulnerability and threat | * Risk: Overlap of Vulnerability and threat | ||
* Exploit: Code/Technique used by a threat on a vulnerability | |||
* Active attack: manipulates target | |||
* Passive Attack: Does not manipulate target | |||
* Ethical Hacking: Using attack techniques to find flaws with permission, to improve security ( aka white hat hacker ) | |||
* Penetration testing: An attempt to gain entry to a network | |||
* Security Assessments/Vulnerability Assessment: Finding vulnerabilities | |||
* Security Audit: Comparing findings against a set of standards | |||
* Phases of an attack | |||
** Recon | |||
** Scanning | |||
** Exploitation | |||
* Pentesting limitations: | |||
** Scope | |||
** Time | |||
** Methods | |||
Revision as of 16:21, 30 July 2008
Sans 560: Network Penetration and Ethical Hacking
Definitions
- Threat: Agent That can Cause harm
- Vulnerability: A flaw that can be exploited
- Risk: Overlap of Vulnerability and threat
- Exploit: Code/Technique used by a threat on a vulnerability
- Active attack: manipulates target
- Passive Attack: Does not manipulate target
- Ethical Hacking: Using attack techniques to find flaws with permission, to improve security ( aka white hat hacker )
- Penetration testing: An attempt to gain entry to a network
- Security Assessments/Vulnerability Assessment: Finding vulnerabilities
- Security Audit: Comparing findings against a set of standards
- Phases of an attack
- Recon
- Scanning
- Exploitation
- Pentesting limitations:
- Scope
- Time
- Methods