Ethical hacking: what is it, and why would I need it?

Ethical hacking or penetration testing refers to the exploitation of an IT system with the permission of its owner in order to determine its vulnerabilities and weaknesses. It is process of testing and validating an organisation’s information security posture and maturity. The results of ethical hacking are typically used to recommend preventive and corrective countermeasures that mitigate the risk of a cyber attack.

An ethical hacker is an individual who is trusted to attempt to penetrate an organisation’s networks and/or computer systems using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner.

Attacking and defending

Protecting current systems and networks requires a broad understanding of attack strategies, and in-depth knowledge of the hacker’s tactics, tools and motivations. Effective ethical hacking is based on knowledge of the system network, equipment, user interaction, policies, procedures, physical security and business culture. The increasing use of social engineering attack methodologies demands that every tester is also aware of the organisation and habits of its IT users (staff).

Part mystery, part challenge, part creativity and part risk

Ethical hacking captures the imagination and sparks the interest of many people. Despite this slightly glamorous image, an ethical hacker is a highly skilled and qualified information security professional who works systematically, and within national and international laws.

Launched in 2003 by the EC-Council, the Certified Ethical Hacker (CEH) certification is globally recognised as the vendor-neutral qualification of choice for developing a senior career as an ethical hacker or penetration tester. Most individuals will learn how to perform ethical hacking and prepare to take the difficult CEH exam by attending an authorised Certified Ethical Hacker training course.

The exam (312-50 VUE) consists of 125 multiple-choice questions, and can be taken at any Pearson VUE exam centre in the UK.

CEH training now available at IT Governance

IT Governance Ltd is pleased to announce that it can now offer its customers the Certified Ethical Hacker (CEH) training course. Delivered by an experienced penetration tester, this five-day classroom training session introduces the five testing phases:

  1. Reconnaissance
  2. Gaining access
  3. Enumeration
  4. Maintaining access
  5. Avoiding detection

In 18 comprehensive modules, the course covers more than 270 commonly used attack technologies and software tools, and demonstrates how they can be used in real-life scenarios.

Our next Certified Ethical Hacker (CEH) training course is in London on 12-16 December 2016.

ceh-training-banner-image