Welcome back to the course in the last video, we did a brief introduction to who I am is your instructor. And then also we talked about the modules were to cover in this course. So if you haven't watched that video Yeah, go ahead. And Paul is this one. You just go back to it. Do you understand? Kind of where we're going with this
in this video? Where to start off our discussion with the basic information. So we're gonna talk about things like why you should even become a penetration tester. Different prerequisites says you want to know. And then also things like black versus white versus gray hats.
So, a quick pre assessment question for you, What's another name for unethical hacker? And I kind of gave it away with my last little video there.
All rights, if you guess penetration tester Answer bur correct. Ah, Black hat hacker and criminal Hackers Anonymous. And then gray hat is someone that's got on the shady border area there, Right? So they don't really have a criminal intent, But they might write software to fix systems that aren't their owner than my hack systems that aren't their own to find vulnerabilities.
So what is penetration testing? Well, it's commonly called ethical hacking by E. C Council, but everyone else and industry actually calls a penetration, testing or pen testing for short.
So why would you ever want to do this? Well, you see the screen shot here. This is kind of just an average salary for pen testers in the United States. And I can see that the people I know doing pen testing or making well above this number here And of course, that varies based on your area, You know, part of the country and even the country that you're in right some countries is very, very low pay.
So it just kind of depends on where you are
on what you might be able to make Now, keep in mind, though, that even if you live in a country where they don't make a lot of money or they don't pay well, you could still do things like bug bounty programs and potentially make a lot of money.
So penetration testing has a big job growth, right? So 11 figure found was 18 to 20%. I think that's pretty on the point. There There's a lot of organizations looking for consultants or penetration testers to go around and work with clients and customers. It will benefit you if you happen to be in the United States. If you're willing to get a security clearance,
that's gonna open up essentially the world to you, right as far as here in the U. S.
Of job opportunities so you could work at the federal level. So just keep that in mind if you're gonna work as a penetration tester and you're willing to do a security clearance, that's a really good rot to make a really good amount of money.
So get him into the salad. Arrange generally again. Everyone I know is making over six figures, but it depends on where you actually live at.
And then you also get some good, you know, feel good top of stuff, right? So you're gonna help protect companies and people
and the *** ability. Most of the time, you can work from home, or you can work remotely or you get to travel around and meet different people.
So some of the prerequisites you probably wanna have before you actually start this course. And even before you actually go to try to attempt the certified ethical hacker exam. But you understand the basic networking concept. So things like the oy, sy and TCP by P model a basic understanding of networking of you know what a switch is, what a router is. We're not gonna cover that stuff in this course
basic understanding of operating systems as well. So howto. How does so operating system work? How do you know when those machines work for us? Is Lennox versus Mac OS
basic security concepts will help you immensely, just understanding even just some of the terminology
and also a basic understanding of mobile because that's a lot of the exam stuff on different certifications now is focused on mobile, and even eventually it'll turn into like a R E or a Blockchain of that sort of stuff.
So the penetration testing methodology it is listed in the official Easy council material. But I don't know that they really hit this too hard on the exam again. I can't tell you what's on the exam, but basically we do reconnaissance. We're gathering information about our target. We then perform scanning, so we're trying to find some viable systems, right? Some servers, maybe maybe some weak workstations,
a Web server, that sort of stuff.
Then we gain access somehow. So we find a vulnerability, and we exploit that to gain access to the system. We want to maintain access. We drop a root kit or back door, and that allows us to stay there doing whatever we want to do. And most of the times that stealing dated.
And then, of course, we want extra trade and cover our tracks. So nobody knows we were actually there.
So black versus white Havers is gray hat on Dulcie gray spell with the like this or within a as well, depending on the thing you're looking at and the country you're in. But basically a black hat is gonna be our criminal hacker, right? So there's usually some kind of financial motivation and they don't really care about like who they're harming. They just want the money, right? You got your gray hat
and they're kinda that in between as I mentioned, you know, they were generally a good,
good hacker, but also they might touch systems that they don't actually have permission to. I mean, there was one example in the media a few years back, where he a gray hat, noticed a lot of home routers were vulnerable, right? So he wrote it. He or she wrote a script to fix that issue and then pushed it out on the Internet to fix a lot of devices.
Uh, but that's again. That's a great hat thing, right, because you technically didn't have permission from the owners to do that. But it was a good thing
the intent was good. And then you got your white out or your ethical hacker or your penetration tester have a lot of different hats on that one there. But essentially, that's your hacker that has permission to actually get into the system.
Some are different box testing. So we've got black box White box in gray box, so black boxes going to simulate that outside of the best. So your criminal hacker type of thing and it's gonna go through that entire process. You've got two white box testing that's gonna be more of a kind of your years. Your level. Excuse me? Not your usual level, but your insider threat level part of me on that.
And so you know someone that knows about some different servers in the network and maybe some other systems. Or maybe, you know, admin, passwords,
that sort of stuff. And then you're great boxes, more so of like your user level type of person that they got some access to the network, but they don't really know anything. You know, maybe it's that that janitor or something like that, so that's kind of what they are. And even though there were an insider threat, they just don't have a lot of information. So that kind of kind of weather, more so a great blocks.
So I didn't be an access management. What is going to touch on this real quick, just because it's something that you will see in the official material. So basically, in a nutshell, that's giving people the right people the right access at the right time, right? And so we do that through different management system so we can use a central depository like you might see, like, you know, active directory windows.
Basically, it allows us to
set by, you know, particular role. So this person's working as a network administrator. So they get this this and this or you know rule based. You know, anyone that is in this group could do this even different. Remote authorizations. If your remote worker you can only access these things, it also can offer things like single sign on. So we know it's actually you.
Stronger authentication methods
weaken use password management as well. So just a lot of features and identity access management.
So red versus blue. No, I'm actually a college football fan in here in the U. S s So American football. And I like the Michigan Wolverines and the Ohio State Buckeyes are like their biggest rival. So, uh, the Buckeyes are red color, and the Wolverines are actually blew. So I thought this was a good analogy and screech out here to use.
Explain this concept. So red versus blue team. You'll hear that out in penetration testing.
Essentially, your blue team is your defender right to your defense, and your red team is your offense or your offender. So they're the red team's trying to score that goal, that trying to get in your network and do something, whereas the blue team's trying to prevent them to come out. So in this football example here, you know Ohio State. The red color, they're they're trying to get a touchdown. They're trying to get points on the board and beat me.
But, you know, I'm on Michigan. I'm not trying to defend against that on the blue team there,
so I try to figure out ways to block their attacks. So, in a nutshell, that's what it is. You're got Attackers and defenders.
So the C I a tree. Odd, not thes CIA people. We don't want them coming after us for taking this course or anything, and I definitely don't want to be in a no fly list. It's no fun, but we we want confidentiality, integrity and availability. So confidentiality. We want to make sure only the people that need to know about this information can access it
integrity. We want to make sure the information's actually valid and not altered it anyway.
And then availability. We want to make sure that the people that need this information connected sit whatever they need to
authentication and non repudiation. So authentication, basically three concepts that deal you'll know want to know in industry something you are. So that's something like, you know, your fingerprint, your you know your iris scan, whatever that is. Some kind of biometric, usually something you have like a badge. Did you scan that? Your workplace? And there's something, you know, like your password.
And then we got none repudiation. So basically, I can prove, you know, I or whoever can prove that you actually did see that send that email and then it came from this person.
So physical security on Basically, this is the plan steps and procedures to protect your assets. A lot of people think it's just like putting up a fence or a security camera, but it's actually procedures as well. Like, you know, do we? We stop people at the door and question them before they just walk in here. Do we allow piggybacking or tailgating, which will cover later, and social engineering? You know those types of things,
So if it is, it's got three components, physical measures,
so things like we can touch it, weaken, taste it, you know, we can basically feel it essentially technical measures for physical security like smart cars
and an operational measures. So are that's our policies and procedures
and then we wrap up here with artificial intelligence to cybersecurity. So this is not so much the newer thing has been talked about for several years now. But basically the concept, at least with this screen shot here, is we're trying to make it easier on our analyst, right. So our cyber security analyst or information security analyst,
we're trying to make it easier on them. So all you know, there's literally thousands, if not millions of logs coming in.
And so I I will do what it can potentially do is it can look at different behavior indicators that we program into it. And then it it, you know, essentially says Okay, well, it's flagging these, and then it adapts to those, right? So it notices like, Well, this doesn't look right either. Let me, you know, PFLAG, best et cetera. And so, basically, eventually,
certain things get back to the analyst of you, so they don't have to look at, you know, thousands of logs they could just drunk at the data and look at the things that are flagged by I.
Now, whether this is going to actually work properly or not, I'm kind of kind of let it needs to be determined because some organizations do have some components of this and use, but But from what I hear, it's not the greatest yet. So so do so. I'm gonna take some time to get those kinks worked out.
So in this video, we covered a lot of different things. We talked about why you should become a penetration tester. Some of the prerequisites you'll want to know. We talked about the difference between a black hat, white hat and gray hat. We also talked about things like the C I a tree out, an authentication and non repudiation.
So in the next video, we're gonna jump into the different laws that you're gonna need to know if you decide to work as a penetration tester and definitely if you decide to take the certified ethical hacker examination.