Pass Your ECCouncil CEH 312-50 Exam Easy!

ECCouncil 312-50 CEH Certified Ethical Hacker (312-50v9) exam dumps vce, practice test questions, study guide & video training course to study and pass quickly and easily. ECCouncil 312-50 CEH Certified Ethical Hacker (312-50v9) exam dumps & practice test questions and answers. You need avanset vce exam simulator in order to study the ECCouncil CEH 312-50 certification exam dumps & ECCouncil CEH 312-50 practice test questions in vce format.

Ethical Hacking Overview

4. The Evolving Threat

In the corner of our slide, we have the script kiddie. or some people may look at him as the vandal. They're primarily motivated by curiosity or personal fame. This is the largest area by volume. That's because of the time they have on their hands. You find from studies that the script kiddie ranges in age anywhere from about nine years old all the way to about 22 years old, with 99% being male. They're oftentimes looking for personal fame of that type of thing.The hobbyist and hacker is the individual who is also curious, very much of a trespasser, and so on. But moving up the list, the individual that's motivated by personal gain would be the thief—the individual who is actually the fastest-growing segment of the area. The reason that this is probably the fastest-growing segment of crime is because they have a very small chance of being caught. If a person was going to rob a bank, that individual would actually have a pretty good chance of getting caught. Now the individual who breaks into someone's computer to steal something actually has maybe a one in 99% chance of getting caught. And then even if they do get caught, they only have maybe a 1% chance of actually being convicted. And so this is one of the reasons it's such a popular crime. It's actually the fastest-growing segment, and at the top of our list is the area where we spend the most on defense. It's also the area where we lose the most amount of money. This is the area where nation-states are actually fighting each other, as we come across at the bottom. These are generally regarded as our experts, the individuals who do this for a living.

5. The Vulnerabilty Lifecycle

The next thing we're going to talk about is security vulnerability lifecycles. Now, as we know, we typically have a product that ships at some point in time. A vulnerability is discovered within that product. The component is modified by the vendor, and then, of course, a patch is released. Then what happens is that the patch is deployed to the customer site. Now, here's the problem. Most of the attacks actually happen between the time the patch is released and when it's deployed to the customer site. We all have this wonderful thing called change management that happens in most organizations. This is actually used because vulnerability management is the cyclical process of identifying, classifying, remediating, and then mitigating these vulnerabilities. The unfortunate problem is that it takes a bit of time because we have to get the nod from every business unit after we have done something, after they've checked something to make sure it doesn't affect them. So we have to get a sign-off on every one of these business units. And that takes time. Well, in this amount of time, we've just announced it to the whole world. This particular piece of software that we're using is vulnerable. And so from the amount of time that it's vulnerable to the amount of time that it's patched, we're actually completely vulnerable. Companies take, on average, about 100–120 days to patch vulnerabilities. In addition to that, if somebody does get in, it typically takes, on average, close to a year before they're actually caught. So they're actually in your organisation and doing things for that amount of time. Many companies actually have critical vulnerabilities that don't even get patched at all. So the probability of the vulnerability being exploited hits between 90% and 95% between 40 and 60 days after its discovery, after it's been announced. In most cases, there were about 2 billion successful exploits that were witnessed just in 2015 to date, compared to about 220,000,000 successful exploits in 2013 and 2014. This is an increase of 445%. So as you can see, this is definitely on the rise. Now. The source of this is Kenneth's security remediation gap.

6. Map.Norsecorp.com

The next thing we want to talk about is a website called Map Northcorp.com.And if you'll bear with me for just a second, I'm going to go ahead and slide a browser down and open this up and show you a live view of what this looks like. Now, on the very left-hand side of the slide, I want you to notice that it says Attack Origins. And for attack origins, we have approximately 500 or so that come from the United States, 324 from China, and so on and so forth. Now, the point I want to make here is that the attack origin is where the attack appears to be coming from. and let me explain. When I say that the attack appears to be coming from, I mean that it's entirely possible that someone has taken over by proxy. So, for example, if I use a VPN, which stands for Virtual Private Network, I can exit out of that VPN in any country that I want to. It's quite possible that the United States is the origin of these attacks. Or it's also possible that someone in another country is making people think the United States is the origin of these particular attacks because they come from a VPN. So that's important to understand. China itself is second on the list, and so on. Now, you notice the different types of attacks. We have SMTP and Telnet. You probably think that it would be more like an HTTP attack, like a Port 80 attack, or 80 80. and that's actually third on the list. The attack targets the United States at the very top. Then apparently, we have the United Arab Emirates. You can take a look at the various attack types and see this in real time, which is kind of interesting to take a look at.

7. Botnet Definition

The next thing we want to talk about is what exactly a botnet is. A botnet is typically slang or jargon for a collection of software robots, or bots, which can run autonomously all by themselves. Now, I don't want you to think that all bots or robots are evil. If all robots or bots were evil, then Google couldn't crawl our web pages because that's actually done via bot. It can also refer to the number of computers using a distributed computing software. This could also be known as a botnet getting into the background of exactly what's happening in this slide. The botnet-infected computers, or "bots," are actually programmes that are covertly installed in the user's machine to allow an attacker to gain control of the target machine, typically through a remote communication channel such as the Internet Relay Chat. These channels actually allow the remote attacker to control a large number of compromised computers over a single reliable botnet, which can then be used to launch coordinated attacks. They use IRC channels so that the cyber attacker or bot herder can lose control of the command and control server and continue to create bots on another day. Botnets allow for a large range of functionality, and most can be actually updated to assume new functionality by downloading new code and features. Attackers can use these bots to perform a variety of tasks such as setting up a distributed denial of service attack against an organization's website, distributing spam phishing attacks, distributing spyware and adware, and propagating malicious code, among a number of other things they can be used for. They can also be used to gather sensitive information, all of which can have serious financial and legal consequences. Attackers, like a bot herder, typically favour bot-infected computers with a decentralised command and control model because they're difficult to disable and allow the attackers to hide in plain sight among the huge amounts of unrelated traffic occurring over the same communication channel. Most importantly, botnet operations can be lucrative for their controllers because bots are also inexpensive and relatively easy to propagate. I oftentimes have arguments with my family because, more than likely, if you're taking this class, you are the It department for your family, whether that's your mom, your brother, your sister, or possibly a girlfriend, boyfriend, or whatever the case may be, you are that It department. I would be willing to say, "Why would they want my computer?" I don't really understand what they want my computer for. Well, they don't actually want your information that's on your computer; they want your computer itself. So for example, they actually want to be able to take control over your computer so that they have one more member in their botnet army. The big thing that bots are used for is launching what's called a Distributed Denial of Service attack. A distributed denial of service attack means that we are getting dosed or having our service denied from multiple different machines. And if that machine is actually used for takeaway service, we don't know which one of the quote-unquote customers is causing this if they're all doing something that a regular customer might do. So if you block one particular IP address, are you blocking a legitimate customer or are you blocking a member of this bot army? It's really difficult to tell, and there's not a really easy way to solve this problem. Now there are companies that have actually created different ways of solving the problem by adding a whole lot more bandwidth. There are a number of companies, such as Akamai Cloudflare and others, that can be used to try to mitigate. Think about it like this. Whenever we create a website, we're going to attempt to make sure that we have enough resources on that computer to take care of whatever might happen on the most heavily used day. A good example of this is when Kentucky Fried Chicken offered their new barbecue-roasted chicken. It was interesting because they decided to offer this on the Oprah Winfrey Show. Kentucky Fried Chicken didn't really understand what they called the power of Oprah. They directed viewers of the televised version of the Oprah Winfrey Show to the Kentucky Fried Chicken website. Well, unfortunately for Kentucky Fried Chicken, that actually crashed a number of their computers because Oprah Winfrey had such a large following. And when she comes out and says, "Do this; I want you to do this right now," a lot of people do exactly that, actually crashing a number of their computer systems.

8. Defense in Depth

In this lecture, we're going to be talking about defence in depth. This is a very important concept in the overall security of a network. It basically goes with the notion of having a well-designed network that uses multiple layers. Let me see if I can draw an analogy. Let's say that, for example, I wanted to protect the Queen of England's crown jewels. I might have bob wire and big angry dogs. I might have a palace moat. I might have the palace guard where I would have to go through each one of these individual pieces of security in order to get at the Queen's crown jewel. Each one of them would have to fail, very possibly alerting me that it has failed or possibly that it's been breached, giving me ample time to be able to do what I needed to do to protect the Queen's crown jewel. So let's give this a good definition. So defence in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise. So this strategy uses the military principle that it is more difficult for an enemy to defeat a complex, multilayered defence system than to penetrate a single barrier. Defense in depth helps to prevent direct attacks against an information system. And it's dated because a break in one layer leads the attacker only to the next layer, and the attacker doesn't necessarily know how many layers there are. He's either going to give up or try and breach all of these layers. So if an attacker gains access to a system, defense in depth minimises any adverse impact and gives administrators and engineers time to deploy or update countermeasures to prevent a recurrence of this intrusion. Defense in depth minimises the probability that the efforts of malicious attackers are actually going to succeed. A well-designed strategy of this kind can also help systems administrators and security personnel identify the people who attempt to compromise a computer, a server, or perhaps even a proprietary network or even your own ISP. If a hacker gains access to the system, defence in depth minimises the adverse impact and gives administrators and engineers time to deploy these new or updated countermeasures. So some of the components of the defence in depth could include things like antivirus software, firewalls, antispyrah programs, hierarchical passwords, intrusion detection, and biometric verification. Now, if you were to take a look at the diagram that I've drawn, I've drawn this in a very particular way. I want you to understand—if you look at the arrow that I have on here, at first glance, you'll see that one thing that encompasses everything is policies, procedures, and awareness. This basically means user education. I'm going to tell you right now, there is no patch for stupidity. You can't just slap a service pack on someone and tell them they can't do that anymore, because they don't. It just simply doesn't work that way. In today's information society, you almost have to prove to them why they shouldn't be doing it. Otherwise, they're going to try and figure out a way to get around it, and in most cases, they do. So it's very important for them to understand why they need to do something as opposed to just not doing it. The next level is physical security. Now, we've just gotten started with this particular course, and you may not believe me now, but by the time the course is over, you will believe me. If I can touch it, I can break into it, and there's very little that you can do to stop me. So physical security is another one of those things that is all encompassing.Then we have things like perimeters where we have firewalls and a VPN quarantine, so we have our internal network, like, for example, network segments and IPsec network intrusion detection systems. At our host, we have things like operating system hardening, patch management (we already discussed a little bit of authentication), and host intrusion detection systems. At the application level, we have things like application hardening and antivirus, but ultimately the thing we're trying to protect is our data. We have things like access control lists and encryption. Depending on how far we want to go, we can create this defence in order to make sure that our most important data is secure.

Go to testing centre with ease on our mind when you use ECCouncil CEH 312-50 vce exam dumps, practice test questions and answers. ECCouncil 312-50 CEH Certified Ethical Hacker (312-50v9) certification practice test questions and answers, study guide, exam dumps and video training course in vce format to help you study with ease. Prepare with confidence and study using ECCouncil CEH 312-50 exam dumps & practice test questions and answers vce from ExamCollection.