Ethical Hacking is also known as Penetration Testing or white-hat hacking. Search for a research paper published in the years between 2010 - 2020. Discuss the paper and the findings the researcher has mentioned. Use 100-150 words for this.
Answers
Answer:
Hi buddy
Explanation:
What is penetration testing?
Penetration testing is a specific type of ethical hacking, in which an organisation hires a certified professional to assess the strength of its cyber security defences.
These are usually performed via on-site audits of the organisation in question. The penetration tester will be given access to a certain amount of privileged information and attempt to use it until they find some sensitive information.
Different types of penetration tests focus on specific aspects of an organisation’s logical perimeter. These include:
External network tests;
Internal network tests;
Web application tests; and
Wireless network tests.
White hats, black hats and grey hats
Hackers are divided into three categories. White-hat hackers (i.e. ethical hackers) help organisations strengthen their defences by disclosing their findings.
Black-hat hackers, on the other hand, are purely in it for criminal gain. They’re usually motivated by money, but their attacks could also be political or vengeful (such as doxing someone – maliciously publishing their personal information).
In between those categories, you have grey-hat hackers. These are people who sometimes hack organisations in good faith but also conduct malicious attacks.
If this makes you worry about whether you can trust an apparent white-hat hacker, fear not. It’s extremely unlikely that anyone would conduct a malicious attack against an organisation they’ve been hired to probe, because it would jeopardise their career.
What is ethical hacking?
The goal of ethical hacking – like criminal hacking – is to find security vulnerabilities in an organisation’s systems. However, as the word ‘ethical’ suggests, the person conducting the attack must have the organisation’s approval before proceeding.
Why would an organisation ask someone to hack them? Simple: they understand that one of the best ways to identify the flaws that a cyber criminal might exploit is to think like a cyber criminal themselves.
Ethical hackers are often hired before a new system or major updates goes live. They test the systems, looking for weaknesses that they can exploit and keeping notes of their findings.
Similarly, organisations can call on ethical hackers as part of a ‘bug bounty’ scheme. These offer financial rewards to people who provide evidence of an exploitable flaw in the organisation’s systems.
Bug bounties aren’t simply a way of helping organisations identify weaknesses, though. They also incentivise recreational hackers to stay on the right side of the law.
Whether they’re being offered a bounty or not, many hackers will probe organisations’ systems in their spare time because they enjoy the challenge. But once they make a breakthrough, they might find it tempting to use their discovery for criminal gain – moving from ‘white-hat’ hacker to ‘black-hat’.
Offering them a reward for sharing their findings means it’s not simply a case of money vs ethics.
The terms ‘ethical hacking and ‘penetration testing’ are often used interchangeably when referring to the process of probing an organisation’s systems, but they’re actually slightly different.
Knowing where they deviate is essential as they’re each a core component of cyber security.
You don’t want to call for an ethical hacker when you want a penetration tester or vice versa, because you’ll end up with a service that doesn’t meet your requirements.
Let’s take a look at what each process involves and how you can decide which one is right for you.
Ethical Hacking is also known as Penetration Testing or white-hat hacking. Search for a research paper published in the years between 2010 - 2020. Discuss the paper and the findings the researcher has mentioned. Use 100-150 words for this.
hope helpful for you
please mark as brainliest answer
GABRU