Employment for Certified Ethical Hackers
Jobs available for Certified Ethical Hackers, want one?
Have you ever had thoughts of becoming a hacker, an ethical one that is the key question? The EC-Council has released a certification called Certified Ethical Hacker (CEH). Its goal is to certify security practitioners in the methodology of ethical hacking. This vendor neutral certification covers the standards and language involved in common exploits, vulnerabilities, and countermeasures.
If you have been to a bookstore in 2017, you’ve most likely seen that there is an abundance of books on hacking and “how to hack.” Until now, few organizations have worked toward quantifying ethical hacking, defining its legalities, or specifying its useful role in modern organizations. This is what the EC-Council is attempting to do with this certification. Keep reading if you want to learn more about this exciting opportunity.
Is port scanning legal?
Port scanning remains a questionable, legal subject. There is little debate that it’s usually the first step in any cyber-attack penetration. By itself, it may not constitute an attack. It’s not very different than going from house to house knocking on doors. As a question of its legality, the Georgia District Court case of “Moulton vs. VC3,” the judge declared a port scan in the case legal because it did not “impair the integrity or availability of the network.” The judge ruled that since there was no damage to the target, it could not be illegal.
Not all states, service providers, or organizations share that view. Some ISP’s will terminate the service of individuals performing port scans. Prudence is the best course of action. It’s best not to perform a port scan without the consent of the network owner. It’s interesting to note that if you search on “port scanning,” the popup ads displayed tend to be those of law firms and legal aid providers!
Why Must We Have Ethical Hackers?
Organizations must secure their IT infrastructure and networks. Just as corporations employ auditors to routinely examine financial records, so should corporations audit security policy. We have all seen the havoc that a lack of real financial audits can cause. Just as accountants perform bookkeeping audits, ethical hackers perform security audits. Without security audits and compliance controls, no real security exists. This is a big problem.
There are plenty of individuals waiting to test and probe your organization’s security stance. These individuals range from government and corporate spies, to hackers, crackers, script kiddies, or those who write and release malicious code into the wild. Their presence in your network is not a great thing!
Who Are Ethical Hackers?
An ethical hacker is most similar to a penetration tester. The ethical hacker is an individual who is employed or contracted to undertake an attempted penetration test. These individuals use the same methods employed by hackers. In case you were unsure; hacking is a felony in the United States. Ethical hackers have written authorization to probe a network. Only then is this attempted hack legal, as there is a contract between the ethical hacker and the organization. In 1995, long before today’s more stringent guidelines, one individual received 3 felony counts, 5 years’ probation, 480 hours of community service, and a $68,000 legal bill for failing to insure proper authorization. Don’t let this happen to you!
How is Ethical Hacking Performed?
Primarily, ethical hackers are employed in groups to perform penetration tests. These groups are commonly referred to as “Red Teams.” These individuals are being paid by the organization to poke, prod, and determine the overall level of security. Again, what is important here is that they have been given written permission to perform this test and have detailed boundaries to work within. Don’t be lulled into believing that the penalties for illegal penetration are low, it is a serious felony!
What is on the Test?
The Certified Ethical Hacker exam consists of 21 domains covered in 50 questions. It has a two-hour time limit. These questions are multiple choice. During the test, you are allowed to mark questions if you’re not sure of an answer and return for a later review. The format of the questions is choose one or choose all that apply. The domains were compiled to evaluate the full range of security testing. One must also demonstrate how hacker tools work and demonstrate knowledge of professional security tools, as well as how these tools are utilized. The 21 domains are as follows:
1. Ethics and Legal Issues
2. Foot printing
3. Scanning
4. Enumeration
5. System Hacking
6. Trojans and Backdoors
7. Sniffers
8. Denial of Service
9. Social Engineering
10. Session Hijacking
11. Hacking Web Servers
12. Web Application Vulnerabilities
13. Web Based Password Cracking Techniques
14. SQL Injection
15. Hacking Wireless Networks
16. Virus and Worms
17. Hacking Novell
18. Hacking Linux
19. IDS, Firewalls, and Honeypots
20. Buffer Overflows
21. Cryptography
These domains comprise a full body of ethical hacking knowledge. It’s good that the exams first domain is centered on ethics and legal issues. This is an important domain. Always make sure you have written consent to perform any type of penetration test or security audit.
Want to Learn More?
There is not an all in one study guide online or review for this test at the current time. ABCO Technology offers a complete certification course, which will prepare you for this exam. ABCO Technology presents this material in a practical manner so you will acquire the needed skills to succeed in this field. If you live outside of Los Angeles, there are many ways to start obtaining the knowledge needed to pass the exam. One point of review is the National Institute of Standards and Technology (NIST). NIST-800-42 is a good foundational document on ethical hacking. It even includes recommendations for tools intended for self-evaluation. NIST breaks penetration testing down into 4 primary stages:
Security Testing Methodologies
All security-testing methodologies have similar elements. These include: Plan, Organize, Gather Information, Test, Analyze, and Report. To learn more about security testing, review the following documents.
Octave – Operationally Critical Threat, Asset, and Vulnerability Evaluation
OSSTMM – Open Source Testing Methodology Manual
NIST sp800-26 – Self assessment guide for information technology
NIST sp800-42 – Security Testing
TRAWG – Threat and Risk Assessment Working Guide
•Planning – As the old saying goes, success is 90% preparation and 10 % perspiration. What’s the point? Good planning is the key to success. Know where you are going, what your goals are, what the time frame is, and what the limits and boundaries are!
•Discovery – This stage is broken down into two distinct phases: •Passive – During this stage, information is gathered in a very covert manner. Examples of passive information gathering include (1) surfing the organization’s Web site to mine valuable information and (2) reviewing their job openings to gain a better understanding of the technologies and equipment used by the organization.
•Active – This phase of the test is split between network scanning and host scanning. As individual networks are enumerated, they are further probed to discover all hosts, determine their open ports, and attempt to pinpoint their OS. Nmap is a popular scanning program.
•Attack – At this point, the ethical hacker will attempt to (1) Gain Access, (2) Escalate Privilege, (3) Browse the system, and finally (4) Expand influence.
•Reporting – This may be the final step listed, but it is not least in importance. Reporting and documentation should be carried out through each step of the process. This documentation will be used to compile the final report. This report will serve as the basis for corrective action. Corrective action can range from nothing more than enforcing existing policies to closing unneeded ports and adding patches and service packs.
Final Thoughts
I am glad to see the EC-Council release this certification. This is an area where continuing education is needed. Several ABCO Technology students recently took this exam, they passed, and believe the test is adequately challenging for a baseline of skills. The bottom line is that if you have some security experience, have taken the CompTIA Security + or the TICSA exam, and have an interest in penetration testing, this would be a solid career next step.
ABCO Technology offers the Certified Hacker class. If you are interested in working in a fast growing field of cyber security, it’s time to contact ABCO Technology. You can reach our campus by telephone at: (310) 216-3067 from 9 AM to 6 PM Monday through Friday.
We are located at:
11222 South La Cienega Blvd. STE # 588,
Los Angeles, Ca. 90304.
Email your questions to: info@abcotechnology.edu
Financial aid is available to all qualified students
Become a certified ethical hacker today!