Scribd
Upload
2K views1 page

MindCert CEH Ethical Hacking MindMap

This document provides an overview of different types of security testing: - White box testing involves testing a network with prior knowledge of its infrastructure. - Black box testing involves testing a network without any prior knowledge of its infrastructure. - The document also summarizes different phases of a security assessment including reconnaissance, scanning, gaining access, and maintaining access. - Key terms related to security testing such as vulnerabilities, exploits, and ethical hacking are defined.

Uploaded by

garbett294
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
2K views1 page

MindCert CEH Ethical Hacking MindMap

This document provides an overview of different types of security testing: - White box testing involves testing a network with prior knowledge of its infrastructure. - Black box testing involves testing a network without any prior knowledge of its infrastructure. - The document also summarizes different phases of a security assessment including reconnaissance, scanning, gaining access, and maintaining access. - Key terms related to security testing such as vulnerabilities, exploits, and ethical hacking are defined.

Uploaded by

garbett294
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

Testing with no Prior Knowledge of the

network infrastructure Black Box Motivation and Study Techniques to help Cisco
you learn, remember, and pass your
Testing with knowledge of the Security Testing CISSP
network infrastructure technical exams!
White Box CEH
More coming soon...

Visit us [Link]
Also known as Footprinting
Preparatory Phase
Gather information on ToE A person who stretches the
Hacker capabilities of computer systems
Ping
ICMP
Traceroute Probing the network
Rapid or reverse engineering of
Active Hacking existing software to make it better
Detects accessible hosts Phase 1 - Reconnaissance
Detects open ports A person who uses his hacking skills
Phases
Cracker for offensive purposes
Sniffing
DNS Information
Passive A person who uses his hacking skills
Sam Spade Information Gathering Ethical Hacker for defensive purposes
RIPE/ARIN
Threat A potential violation of security
Pre Attack Phase Terms
Scans network with information Existence of a weakness within a
gathered during Phase 1 - Recon system that can lead to an exploit
Vulnerability
Subtopic
War Diallers Certified Ethical Hacker A system that is identified as requiring
Phase 2 - Scanning Elements of Security Target of Evaluation security evaluation
nMap Scanners Module 1 - Ethical Hacking
Use Technologies Attack An action that violates security
eEye
ISS Vulnerability Scanners The exploitation of a vulnerability to
GFI Exploit cause an attack

Start of the True Attack Phase


Exploit a vulnerability found in a Phase 3 - Gaining Access Also known as Crackers
resource identified in the scanning phase The Bad Guys
Black Hats
Retention of ownership Excellent Computing Knowledge
Important for the hacker to regain use of the system Use hacking for corrupt purposes
Phase 4 - Maintaining Access
Installation of Rootkits, Trojans, and
backdoors are common Hacker Classes White Hats
Security Analysts
Use Hacking for defensive purposes
Action taken to extend misuse of
systems without being detected Individuals who work both offensively
Gray Hats and defensively at different times
Steganography, tunneling Phase 5 - Covering Tracks
Altering log files

You might also like