Computer Science, asked by ROSEMARIE001, 11 days ago

HACKING CAN ALSO BE USED BY LEGITIMATE FIGURES IN LEGAL SITUTATIONS....WHAT IS THE MEANING OF THIS....PLEASE ANSWER FOR MY EXAM....

Answers

Answered by rupeshpoudel277
0

Answer:Definition: Hacking is an attempt to exploit a computer system or a private network inside a computer. Simply put, it is the unauthorised access to or control over computer network security systems for some illicit purpose.

Explanation:

Answered by bakrihullisantosh
0

Explanation:

When it comes to legal forms of hacking, there are generally several kinds, including:

Research – This type of hacking consists of passive techniques, which means (without being too granular) conducting activity that does not actively impact on a computer, system or service. Online reconnaissance, researching only data and viewing websites encryption details could be seen as passive. Honeypots are another form of research and can be very useful in understanding how hackers conduct attacks and what type of techniques they are utilising.

Bug Bounty – Many organisations such as Twitter and Facebook offer monetary rewards for vulnerabilities found in their systems. Hackers often have careers trying to find vulnerabilities known as Zero Days and once found they submit them to the relevant company and subsequently get rewarded.

Professional Penetration Testing – Working as a penetration tester is one of the best legal ways for security professionals to apply their skills and make a career out of hacking. Bridewell has a number of penetration testers who conduct this form of hacking, dedicated to checking our customers’ systems and finding vulnerabilities before malicious hackers do We do this with the full permission of our customers and the scope of what to test and for how long is generally agreed beforehand. The types of penetration testing include:

Web Application Penetration Testing

This is where a company requires their website or web applications tested and many testers use the OWASP Top 10 vulnerabilities to assess the systems against.

Infrastructure Penetration Testing

This is where company may have a network consisting of servers, routers, switches, firewalls and PCs. A company or individual will be procured to conduct penetration testing on all of this equipment

Mobile Device and Mobile Application Penetration Testing

Mobile device penetration testing can be the act of performing a security assessment against devices that access or hold sensitive information and their physical security, as well as performing penetration tests against applications that are created specifically for mobile devices such as applications on the iOS and Android platforms. This type of testing is similar to a web application test.

Red Team

Red team engagements are full attack simulations of what a real-world attack would look like. Penetration tests are normally scoped with only a portion of the infrastructure available to test with everything else being out-of-scope. Red team assessments can take weeks and even months to complete as the team performing the engagement will perform a hefty amount of reconnaissance against the target before slowly progressing into active testing and attempting to be as quiet and undetected as possible. In this type of testing everything can be in scope including social engineering and physical entry assessments.

There is often a perceived fine line between operating within the law and outside of it. Hackers are generally very inquisitive by nature; it is a key trait of being a good hacker/penetration tester. But ultimately organisations need to be prepared for the illegal kind and invididuals should have approval prior to commencing any testing. This is why proactive penetration testing of your systems is critical to protecting your data and business when operating online. Vulnerability scanning, and web application scans are a good way of checking for vulnerabilities, but they only provide part of the process a real hacker would go through in order to get access to your system and data and in some scenarios your premises.

Penetration testing involves several additional stages and techniques, which can go way beyond simple scans of your network. If this is something you are interested in, Bridewell is a CREST Registered penetration testing service company and one of our expert penetration testers can discuss your requirements and provide you with some sound advice on protecting your systems and data.

Similar questions