Ethical Hacking Fundamentals Introduction to ethical hacking
Hacker Types
| Type | Intent | Description |
|---|
| White Hat | Authorized | Ethical hackers, security professionals |
| Black Hat | Malicious | Criminals, unauthorized access |
| Gray Hat | Mixed | May violate laws, but no malicious intent |
| Script Kiddie | Low skill | Uses pre-made tools without understanding |
| Hacktivist | Political | Hacking for social/political causes |
| State-Sponsored | Nation-state | Government-backed cyber operations |
Hacking Phases
1. Reconnaissance
Gather information about target
2. Scanning
Discover live hosts, ports, services
3. Gaining Access
Exploit vulnerabilities
4. Maintaining Access
Persistence, backdoors
5. Covering Tracks
Clear logs, hide evidence
Legal Framework
- Written Authorization: Always have permission in writing
- Scope: Stay within defined boundaries
- Rules of Engagement: What's allowed and not allowed
- NDA: Protect discovered information
Exam Focus Areas
- CEH focuses on methodology and tools
- Know the five phases of hacking
- Understand legal requirements for pen testing
- Defense in depth: multiple security layers
