One single vulnerability is all an attacker needs — Window Snyder, Chief Security Officer, Fastly
Firstly, let us learn about security zone and then move on to the Network Security Zone.
Security Zone is an area within a network that consists of a group of systems and other components with…
Now-a-days, most of the people are fascinated about the word Ethical Hacking and to pursue their career in Ethical Hacking. Ethical Hacking is the perfect choice to those who are interested in field of IT security.
I have been working in the field of cybersecurity since 2 years. Many of…
The following are the phases of Ethical Hacking which has five phases
Reconnaissance:- Reconnaissance is the phase where “an attacker seeks to gather information of a particular target prior to launch attack” on that target. It is also called as foot-printing. …
Now, Let us learn about the following
Hacking:- Hacking can be defined as “exploiting the vulnerabilities to gain unauthorized access to the system” and involves “modifying system or application features” to pilfer the information from the systems.
Before discussing different types of attacks on a system, let us define the following
Attack:- An Attack is defined as “any attempt that made on a network to gain unauthorized access”. …
Here, we will discuss about the categories of information security threats. Now let us define the following terms
Information Security:- Information Security is defined as “the protection of information from unauthorized access”. …
Level of Security in any system can be defined by the strength of three components:
The relationship between these three components is demonstrated by using a triangle because “increase or decrease in any one of the component automatically effects the other two components.”
Information Security is defined as “a state of well-being of information and infrastructure in which the possibility of theft, tampering, and disruption of information and services is kept low or tolerable.” It relies on 5 major elements : confidentiality, integrity, availability, authenticity, and non-repudiation.
Confidentiality:- Assurance that the information is accessible only to those “authorized to have access.”
Integrity:- The “trustworthiness of data or resources” in terms of preventing improper and unauthorized changes.
Availability:- Assurance that the systems responsible for delivering, storing, and processing information are accessible when “required by the authorized users.”
Authenticity:- Authenticity refers to the characteristic of a communication, document or any data that ensures the “quality of being genuine.”
Non-Repudiation:- “Guarantee” that the sender of a message cannot later deny having sent the message and that the recipient cannot deny received the message.
Following are the list of top information security attack vectors through which an attacker can gain access to a computer or network server to deliver a payload or malicious outcome.
Hack Value:- It is the notion among hackers that “something is worth doing” or is interesting.
Vulnerability:- Existence of a “weakness, design, or implementation error” that can lead to an unexpected event compromising the security of the system.
Exploit:- A “breach” of IT system security through vulnerabilities.
Payload:- Payload is…