I found chapter 1 very informative right from the start. The
text explains the nuances between an ethical hacker and a hacker. The purpose
of an ethical hacker also called a security tester or a penetration tester is
to find weaknesses in the security infrastructure of a company. In a security
test testers not only attempt to break into a company’s security system they
also do an in depth analysis of the security policy and procedures and report
out accordingly. Whereas in a penetration test an ethical hacker attempts to
break into the company’s network. The chapter continues by going into greater
detail about the role of a Security and Penetration tester. Words like
crackers, script kiddies, and packet monkeys are defined as they relate to hackers.
The three types of Penetration Testing that an ethical
hacker performs are discussed. It reviews the methodologies between the White,
Black, and Gray models.
It also goes into the “Law of the Land”, “Federal Laws’, and
briefly what you can do legally. I did not realize how many different certifications’
there are for an ethical hacker. In a nutshell the world of hacking or ethical
hacking is a very serious business and may not be for everyone.
