Due 24/06/2021 Case study
Study & evaluate the extract below and answer the following questions.
â€œToday more and more softwares are developing and people are getting more and more options in their present softwares. But many are not aware that they are being hacked without their knowledge. One reaction to this state of affairs is a behaviour termed â€œEthical Hacking” which attempts to pro-actively increase security protection by identifying and patching known security vulnerabilities on systems owned by other parties. A good ethical hacker should know the methodology chosen by the hacker like reconnaissance, host or target scanning, gaining access, maintaining access and clearing tracks. For ethical hacking we should know about the various tools and methods that can be used by a black hat hacker apart from the methodology used by him. From the point of view of the user one should know at least some of these because some hackers make use of those who are not aware of the various hacking methods to hack into a system. Also when thinking from the point of view of the developer, he also should be aware of these since he should be able to close loopholes in his software even with the usage of the various tools. With the advent of new tools, the hackers may make new tactics. But at least the software will be resistant to some of the tools. Ethical hacking also known as penetration testing or whitehat hacking, involves the same tools, tricks, and techniques that hackers use, but with one major difference that Ethical hacking is legal. Ethical hacking is performed with the targetâ€™s permission. The intent of ethical hacking is to discover vulnerabilities from a hackerâ€™s viewpoint so systems can be better secured. Itâ€™s part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendorsâ€™ claims about the security of their products are legitimate.â€
1. Evaluate the above extract and state at least three reasons with examples why this extract is relevant to todayâ€™s cybersecurity landscape? [6 marks]
2. State at least one reason with an example why the above statement would not be relevant to todayâ€™s cybersecurity landscape? [4 marks]
Please give detail explanation as it worth 6 marks and 4 marks.