Name: Valdez, Andrea Marie R.

SCORE
Section: BFR 90

Carefully analyze the Phases of Unethical Hacking and fill out the summary table below.
TECHNIQUES POSSIBLE DEFENSE
PHASE OBJECTIVES (5) EMPLOYED (5) STRATEGY (5)
1. Performing A systematic Dumpster Diving – Good Security Policies are the
Reconnaissa attempt to locate, act of going number one defense against
nce gathers, identify, through the reconnaissance attack.
and record victim’s trash.
information about War Diving –
the target. A hackers may drive
hacker seeks to around the
find out as much neighborhood in
information as order to scan the
possible about area for active Wi-
the victim. Fi in order to sniff
out the IP address
of their target to
set up their entry
into the system
later on.
Sniffing – act of
surreptitiously
monitoring data
streams so as to
intercept and
capture exploited
information.
2. Scanning Scanning is the Injecting packets “Deny All Rule” – applying this
and active step on – they will inject can help reduce the effectiveness
Enumeration attempting to the packets to the of the hacker’s activities at this
connect to network and start step.
systems to elicit scanning tools
response. such as Nmap.
Enumeration is The reason why
used to gather in- they must open
depth information the ports and
about the target, application is to
such as open get a good idea of
shares and users what type of
account version of software
information. applications you
 are running and
keep a sharp eye
out for down-level
software and
applications that
have known
vulnerabilities
such as Windows
XP.
3. Gaining The hackers A hacker might The network needs a better and
Access move from simply find an open double security because the
probing the wireless access hackers can connect into the
network to point that allows network. To prevent them from
actually attacking him a direct gaining an access into the
it. After the connection or the network you must secure all the
hacker has help desk might time your network.
gained access, have given him the
he can begin to phone number for
move from a modem used for
system to system, out-of-band
spreading his management.
damage as he
progresses.
Access could be
gained by finding
vulnerability in
web application.
Access can be
achieved in many
different ways.
4. Escalation of The goal of the The attacker will You need to assign access rights
Privilege hacker is to attempt to in accordance with the least-
become system escalate himself to privilege principle and make sure
administrator & domain that all the access rights are
have full access administrator or regularly reviewed. You also need
and control; hold root privilege. After to keep a close eye on privileged
the network for all, these are the accounts to promptly respond to
ransom; control individuals who signs of suspicious activity
databases control the performed by these accounts.
/information. network, and that Change passwords of
is the type of administrative accounts regularly
power the hacker and enforce strong password
sees. policy. You should also evaluate
the risks to your sensitive files
 and take steps to secure data in
accordance with its value.
5. Maintaining They will attempt Rootkits are one
Access to pull down the option for hackers. Monitor network traffic
password file or A rootkit is a set of
Network traffic monitoring
steal other tools used to help
techniques analyze network
passwords so the attacker
packets in order to identify
that they can maintain his
potentially malicious network
access other access to the
traffic.
user’s accounts. system and use it
for malicious To counter their progress, you
purposes. Rootkits should use antivirus
have the capability programs that leverage modern
to mask the security techniques, like machine
hacker, hide his learning-based anomaly detection
presence, and and behavioral heuristics. This
keep his activity type of antivirus can determine
secret. Sometimes the origin of the rootkit based on
hackers might its behavior, detect the malware,
even fix the and block it from infecting your
original problem system.
that they used to
gain access where Ongoing software updates are
they can keep the essential for staying safe and
system to preventing hackers from infecting
themselves. you with malware. Keep all
programs and your operating
system up-to-date, and you can
avoid rootkit attacks that take
advantage of vulnerabilities.
6. Covering Criminal hackers a. Using rootkits or In order to stay ahead of hackers,
Tracks and are much like other tools to regularly test your connected
Planting other criminals in cover their tracks devices and systems for any
Backdoors that they would b. Hunt down log vulnerabilities and weaknesses.
like to be sure to files and attempt In the face of transparency, no
remove to alter or erase device is actually 100 percent
all evidence of them secure, 100 percent of the time.
their activities. c. Utilize file-hiding The only way to patch up
techniques, such vulnerability before it invites the
as hidden wrong kind of house guest into
directories, hidden your drive is to catch it yourself.
attributes, and Backing up your data in case of
alternate data an emergency is a must, first be
streams (ADS) sure to encrypt it yourself as a
d. Creation of stronger approach to data
backdoors to protection. You can make your
reenter the own data unreadable (thus
computer at will unusable) to hackers, by
encrypting the entire hard drive, a
e. Insertion of section of your hard drive, or a
programs or singular file by file process.
malicious codes
for future Antivirus software is an absolute
activation in necessity. It does help stress the
hidden importance of making sure your
files/directories- software is as up to date as
botnet & zombie possible. Install spyware
scanners to search for malicious
spyware. Spyware includes
programs that monitor your
Internet habits. Install a firewall to
protect your home network.
Firewalls can be part of a
software package or even
incorporated into some hardware
like routers or modems. You
should also make sure that your
passwords are difficult or
impossible to guess, and you
shouldn't use the same password
for multiple applications.