Graduates of GCU’s BS in Information Technology with an Emphasis in Cybersecurity degree program practice their skills through ethical hacking. This is the act of penetrating networks to find threats and vulnerabilities in those systems. Ethical hackers conduct these penetration tests with the permission, and usually at the request, of businesses who want to ensure that malicious attackers cannot exploit their computer systems.
An ethical hacker has the technical skills and knowledge to identify issues within a target system. That hacker works within the rules of the business and law and does not exploit their findings. Their goals are to assess the security of a system and report on their findings.
GCU’s own Hackers with Halos works diligently with the Cyber Center of Excellence to provide the knowledge and tools needed to prepare would-be security professionals with an arena to practice in. This ethical, state -of-the-art environment was created in conjunction with GCU’s cyber degree programs to prepare students for the world of offensive and defensive cyber warfare.
Steps within the Ethical Hacking Penetration Test
Planning and Reconnaissance
An ethical hacker will begin by making a plan for how to hack their target system. They will study the technology used by the business or owner and consider ways into the system. They may specifically look through search engines, web services, email systems, social networking sites and local network tech.
Once the target point is identified more active measures are used to gain insights on potential weak points in the target system. Scanning the target system provides the attacker with technical knowledge that would otherwise not be available by passive means.
When the hacker gets an idea of how the application or program or system runs both while it is down and while it is functioning, they will begin to attack it using various methods such as SQL injections, scripting and finding back doors. They will use the vulnerabilities they detected during scanning and exploit them. Sometimes this means they will steal or intercept traffic to the site or application. Other times, they can interfere with privileges in order to assess how much damage could be caused by a malicious hacker.
Once the hacker is into the system or application, they will test to see how persistent they can be and for how long. This allows them to assess what it would take to steal sensitive information. They may also time how long they can stay within a system in order to spread a virus inside the network or to gain access to a larger level of information such as a server.
Finally, the ethical hacker will analyze the results. They will put together a report about the vulnerabilities they discovered and what they were able to access. This report will let the owner of the targeted application or system know how long it took to gain access, as well as how long they were able to remain unnoticed in the system. All of this information can be used in creating a plan to upgrade and the application or system.
If ethical hacking is a career path you’d like to follow, check out GCU’s Bachelor of Science in Information Technology with an Emphasis in Cybersecurity. To learn more about our flexible and affordable online degree programs offered through the College of Science, Engineering and Technology, visit our website or click the Request More Information button on this page.
The views and opinions expressed in this article are those of the author’s and do not necessarily reflect the official policy or position of Grand Canyon University.