CEH Appendix B: Ethical Hacking Essential Concepts - IIthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts 3 | Module Objectives CEH o ‘Overviewof information Security Controls . UndestanangNetworsegmentatonan Network SecuntySolutens ” | overiewot DataLesiage and ata nackup Understancing Risk Management, Susiness Continuity, and DisasterRecovery Concepts | nderstandingcyberThreatinteligence and Threat Modeling Understanding Penetration Testing Concepts | understandingsecurty Operationsand arensisinvestigation | Understandingsofware Development Sccurityand asset Management Information Security Controls Appendix Page 3323 Ethical Making and Countermeasures Copyight © by E-Caunedl "A RightsReserved. Reposition Sty Prothea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Information Security Management Program CEH | Programs that are designed to enable a business to operate ina state of reduced risk |G Encompasses all organizational and operational processes, and participants relevant to information security Information Security ‘Management Framework combination of well-defined policies, processes, procedures, standards, and guidelines to establish the required levelof information seaurty |] EISAIsasetof ‘an organization 12 _Helpsan organiztion detect nd recover from security bresehes Nelpsto pire he reiourcerl a orgerizaion an monitor various threats 3 anf paige en prepa on te pcm oer ]) recovery eventcoreation nd other secur provsions S 6 Helpstoanahze the procesureneedesfor the "department function propery and ident assets ‘Hepe to pertrm ik stesiment ofan orgonicntons I ascets wth te cooperation fT sta Appendix Page 3324 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Information Security Controls 5 [sia secuty Technica Secuty controls controls | ‘ 8 bythe management to | | @ reeviarory Framework Compliance | asteaton | © tormationsecurty Policy | © seoaration of utes | @ Employee Monitoring and Supervising | © Principie of Least Privileges | Secunty Awareness ond Taing Appendix Page 3325 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘A RightsReserved, Reproduction Sty Prthea Hacking and Countermeasures ‘eam 31250 Cerin thea Her Ethical Hacking Essential Concepts Regulatory Frameworks Compliance CEH |G Complying with regulatory rameworks isa collaborative effort between governments and private hocies to encourage voluntary improvements to cybersecurity Role of regulatory frameworks compliance in an organization's administrative security eatery ross 4 rocsues, races, and ules \ mcrae Lael Information-S@eurity Policies CE H seat pots yeMion Aart irastrcure (© information secu policy defi the Basic security requirements andes to Be implemented in order to pratect nd secure an organ nore ystems Goals of Secury Ply attain ant tore mangement || | @ serinstatcn ot etwot sear ] : | © Peeters motes of ta | © rentmeemnoriamimesne | | | @ lsyveowmamnietmen | fe szrzcemneniemne | | @ oxen ae rth patie: @ Meera ncampany coming 1 | @ mesantset apy wtomaton resources t ‘tom ter misuse, and wnowtrored dclosre Notes: - Appendix ® Page 3326 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Types of Security Policies CEH everything logged Paranoid | |. ttforbids everything. There i either severely limited internet usage or no Internet connection | No vestiionson usage o stem rescues | |S Policy begins wide open and only known dangerous services, attacks, and Permissive | behevors ae blocked Policy (© Policy shouldbe updated raglsrly tobe effective |G provides marimum security while allowing own but necessary dangers Pradent reset | Se Saswete peommenseccyeruensnamoveot ceton cen, cat tao "ens ae epoace ens wi cht rst on he tk po | Notes: Appendix Page 3327 Ethical Making and Countermeasures Copyight © by E-Caunedl “Al RightsReserved. Reproductions Sty Prohbsedthea Hacking and Countermeasures ‘eam 31250 Cerin thea Her Ethical Hacking Essential Concepts “Employers wil have access to employees’ personal information that may be confidential and that they wish to eep penate ‘Basie Ralos for Privacy Policies at te Workplace Intimate employees about whatintormationyou Keep employees personal information scaurate, fale wry, and wat you wil gow t complete sndupto ate Umit the collation of information and colect Provide employees with accesso ther personal ‘rough ar and lawl means Information Informemployees about the potential colection, use, snd daconureal personalisation i sia te: Employee pracy ues a workplaces may fle rom eounuy to courtey Privacy Policies at the Workplace ¢ IE Includesenior management tne statfin pliey ‘evelopment andther organizations entity sk to Set clear ponaliesand enforce ‘Makethefinal version ‘ne tery poly Seveopment eam man eatin seca cos fifemten Sct Tem Schl We) Teme etm el Canss ona est, aces Cameos tam, aa Ut capt Ensureovery member of your them avalableto alltaffinthe staffreads, signs, and organization Understands the policy Deploytoolstoenforcepolices ‘Talnemployeesandedueste eguiartyreview and update them aboutthe policy the palioy Notes: Appendix 8 Page 3328 tical Macking Countermeasures Copyright © by EC-Counel ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures Ethical Hacking Essential Concepts ‘am 31250 Ceri Ethie Hocker HR Implications of Security Policy Enforcement |S The HRGepartment is responsible for making employees aware of security policies and taining them inthe best practices defined inthe policy “a. The HRedepartment works with ‘management to monitor policy Implementation and address any policy oistion issues HR or Legal Implications of Security Policy Enforcement |EH ‘Legal Implications of Security Policy Enforcement |& Enterprise information policies should be developed in consultation with log experts and must comply with relevant local iaws “Enforcement ofa seeurty policy that may violate users’ rights in contravention to loal laws may result In lawsuits against the organization anicon be parol senna (eo sity pice an procter waking ‘tn ormacon eco | Koow orto contact thay Bicover a scat vent 1 Arle toiennty the nature arabes on dat ‘acaeation | protect te physical andintrmatonalasets ofthe orananton 18 oro they want to comply ith cain regular ‘rarewors ofan tonsils rouse seu ‘oranes wang to amloyes tomes auatny recurement 1 Provdehinte (6 Mae hort fis Appendix Page 3329 Ethical Making and Countermeasures Copyight © by E-Caunedl “Al RightsReserved. Reproductions Sty Prohbsedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Security Awareness and Training: Security Policy CE H 1 securty Poly Training teaches employeeshowto || Ravantages: tert Ua dts sd to cory wth meh eri © fecve implementation of secur poley 2 Oganzaionssovitain new employes ttore | | © estesawarenssof compliance sues ‘ranting them access to the network or only Provide limited access unt thee taining Is complete Helps a organization enhance their network searity e nig cc ela 7 © How to minimize breaches © How to identity the elements that are more prone to hardware theft (© How to asses the risks when handling sensitive data © Howto ensure physical security atthe workplace Appendix Page 3330 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hacker Ethical Hacking Essential Concepts Employee Awareness and Training: Social Engineering |EH | = sven oti semen na honoree | fern attack Teebnique Tran Employee or Help Desk on: Phone Impersonation |© Not providing any confidential information © Not throwing sensitive documents inthe thrash Dumpsters Dumpster Diving 1 Shredding document before throwing out © Erasing magnetic data before throwing out Differentiating between legitimate emails and a nel Phishing or Malicious ‘targeted phishing email Attachments © Not downloading malicious attachments ‘Typical Information classification levels: “e Secunty stele te usede mark ne secu eet arte ate ‘requirements fotaformation assets and contol, secret, a icc: (organzations use sec labels to manage access ene ‘dearanceta ther nformatonazete © fast © Undated og © lesrnce © Compartmentedinformation Appendix Page 3331 Ethical Making and Countermeasures Copyight © by E-Caunedl “Al RightsReserved. Reproductions Sty Prohbsedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Separation of Duties (SoD) and Principle of Least Privileges CEH (POLP) SES Separation of Duties (S0D) Principle of Loat Privileges (POLP) (© Conicting responses createumwanted ris | | & elevesin providing employes wit the sucha secrty beaches, informant, an tihleeem euroewy roves they ed Pe, Sircurwetion secur controls, oles (@ succesful security breach sometimes nuires | | Hepstheovgantation protect against rom the oleon two or more parties Insuch cae, imalcous behavior, and achieve beter system separation of dts woks wall to reduce the Stability ond syste seat iano of ere |e Regulations such as GOPR insist on paying attention tothe roles and duties of your security team Administrative Security Controls Physical Security Controls Technical Security Controls Appendix Page 3332 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Physical Security Controls ie im ix |G Aset of security measures taken to prevent unauthorized access to physical devices Examples of Physical Aecose Controls age ystems Secuty gars Mantap dows |a@imle| ri ¢ emetic sts me | Physical secu | involves the: a= |G Envitonmental treats © To prevent any unauthorized access tothe systems resources 1] rocdsandeartqutes © Toproventhe tampering or stealingofdota =| | 8 Fe from the computer systems ' oe | | ean made threats (© To safeguard against espionage, sabotage, “Wisin damage, an theft | Se © To protect personne and preven social 1] © exsoson engineering attacks 1) oompsteratng ander: L)e vend Notes: Anpendin Page 2333 Ethical Hacking aed Countermeasures Coit © by -Comnedd ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hacker Ethical Hacking Essential Concepts Types of Physical Security Controls | | 16 Prevent security soltions and enforce vations access controlmechansos \& Examples include door loc, security guard nd other measures |a Examples include motion detects, lam systems and sensors, vide suvellance, and other | | Detect secur vations and record any ntuson attempts ethos attemots | |@ Used to ciscourage attackers an send warning messagesto the attaclesto ciscourage intrusion 18 Examples inchide various types of warning signs a | |& Uses torecove tram security Woiaton and estore information and systemston persistent state Controls (2 Examples include dastr recovery, business continty pans, backup systems, and other processes Compensating | © Useéasanalternative control when the intended controlled or cannot be used ‘Controls 1s Examples include nat sts, backup power systems, and ater means Lockton machines when notin use fe receed fxs propery disable modems! sto answer mode, donot lace removabiemedi pub places, ar gyn dusty comptes rmovate meds “Seperate wor stem rpm omc scent cont ol Sngeprating, retinal caring caning in Poetry ‘Srutre recog fata fection vie recognition, my eas man Was, culy Sah recat, ‘eration band the means = Apolo prion tolook ater computer equipent mamerance ‘owtna nec ies caving dt, toteethe wre ung led cables, ona never eave ay wes posed uriityand aircon, MUA, espe, EM shang nat cb ne Appendix ® Page 3334 Ethical Making and Countermeasures Copyight © by E-Caunedl "AU RightsReserved. Repradcton Sly Prothea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts ie im ix Information Security Controls D> [technical security ‘controls Administrative ‘Security Controls ces Corts ahoreaton SecurtyPreteat ‘Ausnertation using Network Security Devies Appendix 8 Page 3335 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Access Control ie im ix “a Access controls the selective estrietion af access to aplaceor other system or networkresource a Protects information assets by determining whocan and cannot access them “a Involves user identification, authentication authorization andaccountabiity ‘Rovess Control Terminology ‘eforsto a parla usr or process Salbjoet ich wants to access the esource feferstoaspecticresoucethat he Gijecd feet eeog ch arn fiecr [Reference che:ts the sees control ru for ‘Montior specticresicions Represents the action taken bythe |@ Permits the user Jers can be assigned acess to sranted access to ride who can ystems, les, and flds on 2 Infocation wo decide how Dees the Information ne bone bass, whereby to protect the information decestsgraed to the ver for ad determine the desired © Possnt emt nest a parcuar fle orsytem ‘ pas prvleges on to other eas users, as system access could @ Can simplify the assignment of 1@ Accesso les is retneted then bececumverted pleges and ensure that tousersand groups based Indus have al the pon ther ident ad the prilges necessary to perform loupe to which he users thelr duties belong Appendix Page 3336 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Identity and Access Management (IAM) CEH feameworttha consists of users procedures and Software producto manage ser gal derives and reese the resources ofan rganzten “oteencurestnat the nant users ‘tian access tothe nant information othe righ tine” “a Te series provided by ate recanted ts for dat “components: (Ginter separ) usemame, acount aumber, | Auteatcatin | ana Neel commen {nvolvescontrolingan indvidua’s acess of information for(.g.auser can read the fle bbutcannotoverwriteor delete) casendinanibiamammmmeane sein | etntaeatntes ect te. Appendix Page 3337 Fthical Making and Countermeasures Copyright © by "A RightsReserved. Reposition Sty Prothea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Types of Authentication: Password Authentication ¢ |EH Password Authentication uses a combination of sername and password to authenticate network © | memes: ‘Password authentication can be vulnerable to possword cracking attacks such as brute force ‘or dictionary attacks ‘Combinatlonsof two-factor authentication: password and smart sword andbiometis, passwordandOTR,smartcardor token and biometrics, other combinations tobe the hardestto forge or epoot “Themost widely used physicalor behavioral characteristic to establsh or vrifyan identity indude fingerprints palm pattern, voicear face pattere, isfeatures, keyboard dynamics, and signature dares, hace natu bes compen ove feo ahon sitcoms Senge | Appendix Page 3338 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts ie im ix Types of Authentication: Biometrics |© Biometrics refersto the identification of individuals based on their physical characteristics ‘Bioemric Hontiication Yockaiyucs Fingerprinting ‘Retinal Scanning Iie Soanning © Ridges andfurcows on the (Anais the tye of ood (© Anaiyns the colored pactot surface the finger, which vesesat te Bac of her ees theeye ‘xesncnacuntyunaque Vein Structure Recognition Face Recognition ‘Voce Recognition 1 Analyzes the thickness and 1 Roates the patern of aca ‘© Anatyaes an inviduats vos! teeaten ot wana cae patter (© Usersmust inset thele Smartcard into readers and thelr Personal identification Number (PIN) to complete authentication (a. Smartcard Authentication is aeryptography-based authentication method that provides stronger security than password authenteation Appendix Page 3339 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures Ethical Hacking Essential Concepts ‘am 31250 Ceri Ethie Hocker password without re-entering it every time Advantages 1 Reduces the te needed forentrings usename ard pasword ( Relces te ntwork trict the cera server | Userony need to enter credentias once for muti applications Types of Authentication: Single Sign-on (SSO) |G 550 allows user to authenticate themselves to multiple servers on a network with single 1 Useradonct need to remember pasword for multiple aplcationsor system © An cary and incepensive authorization approach © autnarzston for network aces cone throu * ‘Sage conrad authorization unit © inainsa single database for authoring ine e u quested resource on shat of others “The acess request qnes through primary resource to aces the requested resource Decentralized Authorisation Andie perorme authorisation © tea network resource malaise authorsation unit e 1 Maintains ow dotsbateforouthorston ° Explicit Authorization nike impr authoraation, equi separate utnoration fran requestaresource xpety maintainsauthorzatonforench requested oven Appendix ® Page 3340 tical Macking Countermeasures Copyright © by EC-Counel ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Accounting CEH “&: Accounting sa method of keepingtrackof user actionsanthe netwark.t keepstrackof the who, when andhow of ser accesstothenetwork “© Ithelpsinidentiyingauthorzed and unauthorized actions ‘a. Theaccountdatacanbe used for wend analysis data breach detection, forensics investigations and other purposes Ge => bone . Identity Network Segmentation Appendix Page 3381 Ethical Making and Countermeasures Copyight © by E-Caunedl “Al RightsReserved. Reproductions Sty Prohbsedthea Hacking and Countermeasures Ethical Hacking Essential Concepts ‘am 31250 Ceri Ethie Hocker Network Segmentation a meron Segmeinon lah races af pling reo emer rena grey on Senegal tense acts em 18 el ne anc te train at eth ere ‘tna esos th ssees ae worsen] pes! Oem sosor fan sas cn matape ounce eager {ee thy ean ee cn have ny aes et et (e inasgmerts soto poupat ts of splestos st ave ne Itireton ahcah hero be eed cif rterk segment (2 te ca ne an tac enage pant parte coy ay on ota eh sc om ater STR a ey berets of ee Seenatnon fe meroeascrty meres eterna ore | tema | zones Internet and Intranet netwo = Production © eds in eect eter Bone monitoring and cotoling Inbound and outbound tte Intanet Zone @ Management Newoti Zone ‘A restricted zone that strictly controls diect access from Uncontrolled networks controlled ze with no heavy restrictions ‘Asccured zone with strict policies Appendix ® Page 3342 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Network Segmentation Example: Demilitarized Zone (DMZ) CEH (© Acomputer subnetwork is placed between the organieation’s private network such 359 LAN, end an outside public network suchas the Internet, and acts as an additional secunty ayer (© Contains the servers that need tobe accessed from an ‘outside network (& Mz configurations | Hoss inthe OM canconnet taster netwons| i using single administrative unit ‘This s done by spitting up the avaiable ‘bandwidth into independent channels, which canbe assigned or reassigned to a particular server or device in real time This allows each network ucers to access al of the avallaole network resources (es, folders, computer printers, hard drives, or other ‘esources) from thelr computer Appendix Page 3383 Ethical Making and Countermeasures Copyight © by E-Caunedl “Al RightsReserved. Reproductions Sty Prohbsedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Secure Network Administration Principles: Virtual Networks CE |G Virtual networks are the end product of network virtualization |G Virtua network software’ used for virtual networking. This software's either placed outside a virtual server [external or inside a viral server, depending onthe size and type ofthe virtualization platform Appendix Page 3334 Fthical Making and Countermeasures Copyright © by ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Network Security Solutions It provides security management services combining | | * TC ae Security Information Management (SM), and ‘Appleton oeMonitcing ‘Security Event Management [SEM Object Acces utiog Data Agsrgation Real-time Alerting User Activity Monitoring SEM deals with real-time monitoring, corelation | | © Dashboards of events, notifications, and consce views '© SIM supports permanent storage, analysis and reporting of log data File integrity Monitoring SIEM protectsan organizations assets from data SystemandDeviee Log Monitoring breaches dueto internaland externaltireats Log Retention Appendix Page 3335 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts SIEM Architecture ¢ |EH ——/ : behaviors which can be ‘ether disgruntled employees or maiciou ‘Why User Behavior Analyt Efective? scales fern peters of human behavior and lage voles of wer dota Monitors gelction foreach gn atest Dntects maou beaver and redices ik gQ Monitors prleged acount nd gives ine lr fr supious behavior Provides to sect cams Produces results on after deployment Appendix Page 3336 Ethical Making and Countermeasures Copyight © by E-Caunedl “Al RightsReserved. Reproductions Sty Prohbsedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Unified Threat Management (UTM) ie im ix |@ UTM sa network securty management solution that allows administrator to monitor and! manage the ‘organization's network securty through a centralized management conscle | provides firewall intrusion detection, antimalware, spam fier, load balancing. content fiterng, data loss prevention, and VPN capabilities using 3 single UTM appliance — = porcomee | pempecae ieee | gE. © easy tanagement Appendix Page 3387 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Network Access Control (NAC) ¢ |EH |& Network Access Control also known as Network Admission Control (NAC, are appliances or solutions that attempt to protect the network by restricting the connection ofan end user tothe network based upon 2 securty policy| [© The pre-installed software agent may Inspect several items before admitting the device and may restrict where ‘the device is connected What NAC does? 1 Authenticate users connected to network resources © Identify devices, platforms, and operating systems q © Define a connection point for network devices Develop and apply secuty policies |] AvPNuse the internet ana tsures secure communication to distantoffices or users within the enterprse'snetwork Appendix Page 3388 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures Ethical Hacking Essential Concepts ‘am 31250 Ceri Ethie Hocker How VPN Works client willing connect to 3 company’s network initially connects tothe internet ‘The clientinitiates a VPN connection with the company’s server Before establishing a connection, Endpoints must be authenticated through passwords, biometrics, personal data, or any combination of these (nce the connection isestablished the client ‘an securely acces the company's network c= Appendix Page 3339 Ethical Making and Countermeasures Copyight © by E-Caunedl “Al RightsReserved. Reproductions Sty Prohbsedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts ‘VPN Concentrators ie im ix |G AVPN Concentrator isa network device used to create secure VPN connections |G It acts as VPN router which is generally used to create a remote accessor ste-o-steVPN |G It uses tunneling protocols to negotiate security parameters, creste and manage tunnels, encapsulate, transmit, or rocove packets through the tunnel, and de-encapsulate them 2 o--a Assigns ur arenes "Manages inbound and outbound dat transfers ss tunnel endpoint or router Appendix ® Page 3350 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘eam 31250 Cerin thea Her Ethical Hacking Essential Concepts “a outers are the main gateway to the network and not designed to be security devices (a outers are vulnerable to ferent attacks from nse and cutside ofthe network | An administrator needs to configure a router securely; a misconfigured router is target for mounting attacks Secure Router Configuration CEH Hardening a Router will enabe the Admins to prevent atackers from: Gaining information about the network Disabling routers andthe dsrupting the network Reconfiguringrouters Using routes to perform internal attacks Using routes to perform external attacks Rerouting network traffic Router Securify/Measures mplementacces restriction on console | \a Enable loeang poly repeat wi utc — ie | [Eds oes ‘Returned iOS vain shold be cbs ana = roe es | (a arom etre coiperanrealjearort | [i Rageberscorcrmcins InmplementAGL to block reserved and inappropriate Logs ected, reviewed, and archived a5 per defined Notes: Appendix ® Page 3351 tical Macking and Countermeasures Copyright © ‘Al Rights Reserved. Reproductions Stiththea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts ie im ix Design, Implement, and Enforce Router Security Policy Router Security Policy Should consist of: © Password Policy © Redundancy Policy © Authentication Policy © Documentation Policy © Remote Access Policy 1 Physical Acess Policy © tering Policy © Mentoring Paley © Backup Policy © Updote Policy BS ee ——— = Data Leakage Appendix ® Page 3352 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Data Leakage ¢ |EH ‘Major Risks te Organizations © ota leakage refersto unauthoried access or disclosure of sensitive or Potentiatitigations «confidential data Dats leakage may happen ‘electronically through an ‘email oF malicious link or tos: of brandname pripsiedirrsnininr oteenin Disclosure of trade secrets suchas device theft or temsfeepurrtion Preelease of atest technology os of customer loyalty Loss of new and extingcustomers Manetaryloss Heavynes Prone to cyber criminal atacks Decline nshare value aaarmetany hacker break ins Reductionofsalesand revenue tlevelopedby company Unfavorablemedia attention Los of proprietary and customer Unfavorablecompettor Information advantage ead to release projects get ated Insolvency r liquidation [Employees may use various techniques such as ‘eavesdropping, shoulder surfing, or dumpster ving, to gain unauthorized access to information in vielation of corporate palicies Bxamplos of External Throats ————. © Hacingorcodeinicion acts Reasons fer Insider Tzeng © aware 1 inadequatesecuty awareness and talring sinus ‘Lack of proper managementcontalsfrmontorng ples © Conoratetspionage or Compettors 1¢ Useof antseciremede of dat ansfers 6 RRR Appendix ® Page 3352 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hacker Ethical Hacking Essential Concepts What is Data Loss Prevention (DLP)? ie im ix [DLP the Identification and monitoring of sensitive data to ensure that end users donot send sensitive information outside the corporate network Appendix Page 3354 Ethical Hacking and Countermeasures Copyright © by "A RightsReserved. Reposition Sty Prothea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Data Backup ¢ |EH Backup Strategy or Plan “Gata isthe heart of any organization; data loss can be costly as it ‘mayhave financialimpact to any organization © Identify critical business dats (© Select backup media (© Select backup technology |G Backupisthe process of makinga duplicate copy of critical data © Select appropriate RAID levels that can be use for restore and recovery purposes when the primary copy s lest or corrupted either accidentally oron purgose || ® Select an appropriate backup method |© choose the backup location “© Data backup plays a erucal role in maintaining business continuity || test he Backup types bby helping organizations recover fram If disasters uch as ics te apne ara hardware failures, application allure, security breaches, human error and deliberate sabotage 18 Conduct recovery dil test (@ RAD represents a portion of computer storage that can divide and replicate data among several dives working assecondary storage |G RAD has sic levels: RAID , RAID 1, RAID 3, RAID 5, RAID 10, and RAID SO, to Function effectively Al the RAID levels depend on the below storage techniques: © Seiping © Micoring © Panty Appendix 8 Page 3355 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts ie im ix Advantages and Disadvantages of RAID Systems Advantages 1 Raters hotsapping oho ggng Le. 5stemcomponent replacement (nase érve fal without afecting ‘network unctonaty © RAD suppor uk supine resting nan improvement reba)wre prarmarce2he system completey = Sitoethe prnesor spec! SS © ras RAD pity hacks prevent 2 stem rah ar datas © creases dtaresundancy neg restr gata the event of rveature © uDinases stem pene Disadvantages © RAD enotcompatleuith re hardware components and soars stems, ptermascg grams © Rub data oat ifmprtant hs all one after another, nthe cat of RAID 5, ae hat alah for party cannot Feces nee ene 2 secon ove 20 (© euD cannot protect dat an fer peexmance toassfr lapstatons © RAD confguetion ett Data recovery i Ie requies a mi Appendix ® Page 3356 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures Ethical Hacking Essential Concepts ‘am 31250 Ceri Ethie Hocker RAID Level 1: Disk Mirroring |S Multiple copies of data are simultaneously written to multiple drives (© Provides data redundancy by duplicating the drive data to multiple dives |G Hone deve fais, dats recovery possible |S Requires @ minimum of two drives ie im i= © Hadrvertals, ‘a The panty 0 ™ a ry » ~ ” = = » oo o a a o v0 ™ 2 es o Notes: ‘Appendix 8 Page 3357 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts RAID Level 5: Block Interleaved Distributed Parity CEH |G The data striped atthe byte level across multiple drives and the patty information s distributed amorgallthe member drives |G The data writing process Is slow |G This level requires a minimum of three dives rege Egeaz “@ Iestipes the dat lcroing provides rel foved performance. The ng as Raid data striping provides maximum Farzz- Peer Eeare Appendix 8 Page 3358 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures Ethical Hacking Essential Concepts ‘am 31250 Ceri Ethie Hocker Levels performance RAID Level 50: Mirroring and Striping Across Multiple RAID |G RADSDis acombination of RAID striping and the distributed parity of RAIDS Itismore fault tolerant than RAIDS but uses twice the parity overhead a | Arminimum of 6 drives are required for setup. A drive from each segment can fail and the array will ecover. If ‘mare than one drive falls ina segment, the array wil stop functioning. Py ‘This RAID level offers greater reads and writes compared to RAID Sand the highest levels of redundancy and » = a a CEH feger sacp the data when ve aplication, ates or sytem suring and Used when sence ls! doin tne Abate: pasave ssdontage: © vy epee Aetabae or syste snot roning (enctdoan anaic not aller ed whe a eve It doe tee ‘sated on oulbacs reues advocate © nastenpenive Daiantage: 1 sweringover the data backup “S Acombination of bona tad et tackup vantages 1 sutchingover he dara bactup aks lesa compsredtoa cae betas Dida: ese accomblethanhot backup Appendix Page 3359 tical Macking Countermeasures Copyright © by EC-Counel ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Choosing the Backup Location CEH 1@ Only storingbacup data atonste asvortges: 1 Onstebackup ata can beeasiy ccezees andvestored |@ Stoingbackup data ta vemote teens a repract, Aévontage: (© Data secre opps security tees such rear foods | Stosngbackupdata onstorge proved by anontne backup Advantages 1 the darts naypted and tee from phystalsecunty heats { Datacanbe treaty acosted 1 Less expensve Disadvantage: ties Diadvantages: 1 sof dotalos kis greater en * No dec control ofthe bacup =< (ore tne nended forbackp removable media, optical devices, and other storage media) | The majority of lst data is recoverable. However, there are situations where the damage to the data |s permanent and irreversible (© When attempting to recover data from a target, use a variety of data recovery tools © oa aan a mn sa ( Appendix Page 3350 Ethical Making and Countermeasures Copyight © by E-Caunedl “Al RightsReserved. Reproductions Sty Prohbsedthea Hacking and Countermeasures Ethical Hacking Essential Concepts ‘am 31250 Ceri Ethie Hocker Risk Management Concepts Involves identifying, assessing, and respond risks by Implementing controls to help the Drganizationmanage potential effects |G Hasa prominent place throughout the system's security We-cycle rdingto the Rsklevel handling process ‘lows securtyofficerstoacteffectively in adverse situations Enables the effective use of risk handling ‘Minimizes the effect of skon the orgeization’s Identifies suitable controls for security Appendix ® Page 335% tical Macking Countermeasures Copyright © by EC-Counel ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hacker Ethical Hacking Essential Concepts Risk Management Framework:Enterprise Risk Management CEH Framework (ERM) Ht ERM define implementation activities spectictohowan ‘rganzatonhandlsrck roves structured process tnt integrates information Secuy and sk management aces anal, nd perform the folowng2coons 1 ak vane yong ators tates tk Fisk econ ying he eo net 4D sends te krepatng sessing ess J > st stand ppana ana rin hogan ) > Aetiranrcesinmanng re ) > sen soe torntapoaton sk managment the ogiton ) > anda pero eve nd vefexion for marovemento th mM ) Appendix ® Page 3352 Ethical Making and Countermeasures Copyight © by E-Caunedl "AU RightsReserved. Reproduction Sly Prothea Hacking and Countermeasures ‘eam 31250 Cerin thea Her Ethical Hacking Essential Concepts Risk Management Framework: NIST Risk Management ¢ Framework =| j \EH |G The NIST Risk Management Framework is structured ond continuous process that integrates information security and rsk management activities into the system development life cycle (SDLC) “6 cotsorsepae eat eset a erator ‘rst ectine the plnél washers fg 80 {a Set Seet tate sity cont eee wing cou sytem engrenns rcs 252) hems cry eee i Fe vee Cone re malonate epeing ence 8 “otter: Contmouay wat ctange othe oration san ‘iota sot sty eanooe Se rests ona Appendix ® Page 3352 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Risk Management Framework: COBIT Framework ¢ |EH | COBIT Framework isan tT governance framework and supporting toolset that allows managers to bridge the gap between control requirement, technical issues, and business risks |G emphasizes regulatory compliance, helps ‘organizations to increase the value attained from, and enables alignment ans simplifies implementation ofthe enterprise's IT governance and conto! framework 1 Equptheorganizatonwathihe _@ Managetevstswin adequate | @ Accomplish the strategic and feaureastaeto enttyanduest | takmigatonteciguee peratoralgoasot te rae ition |G Combat the existing andlemerging Sane 1 Prone sconsstent roe 18 Fetnesastneein kre ‘ranspemerfamenork a iegateopetonacinsmemne | oacemongenertacsons | Prove the overatirecson ad rocmanagementpocese 18 est gpd registry urorstorperforming ee ‘urement rransermert Notes: pend Page 3364 Ethical Hacking aed Countermeasures Coit © by -Comnedd ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts Risk Mitigation CEH Risk mitigation includes al possible solutions for reducing the probablity of risk ad limiting the impact of riskifit occurs |G Irshould entity the mitigation strategies forthe risks that fall outside the department’ risk tolerance and Provide an understanding af the level of rik witn controls and treatments | @ ‘identities the priority order in which individual risks should be mitigated, monitored, and reviewed Risk Mitigation Strategies (tm | (anew _Y © rermosine | © ren tsinntnet_| a tly proportionate tothem Some of the security controls that help in include: BD neerert ec cont nase Bh icin ee By eee setercantsceseaty ‘soe sth 85 real honey sh DME EEE vetovretin teat tate By Serene vee Dy mereresncrvrrae en antiga and physical secarty acrossthe ogenavon responseptan Notes: Appendix 8 Page 3365 Ethical Making and Countermeasures Copyight © by E-Caunedl ‘Al Rights Reserved. Reproduction Sel Prohiatedthea Hacking and Countermeasures ‘am 31250 Ceri Ethie Hocker Ethical Hacking Essential Concepts ie im i= Risk Calculation Formulas | Many types of calculations exist fhm canbe inesetineyaly 4 isteamens odd becammenmte wih heat esa | isk formulas allow security professionals to dimension risk |© Asset Value (AV): The value you have determined an asst to'be worth © Exposure Factor (EF): The estimated percentage of damage or impact that a realized threat would have on the aset © Single Loss Expectancy (SLE): The projected loss of single event on anasset © Annual Rate f Gecurrence (ARO): The estimated number af times overa period the threat Is ily to occur |© Annualized Loss Expectancy (ALE): The projected oss to the asset based on an annual estimate (© Qualitative risk analysis focuses on the perceived impact ofa specific event ‘occuring toa ciskrating agreed upon by the organization é fof a specific event occurring to ‘the perceived cstof the event ‘This approach employs to fundamentalelements: the probability ofan event occuring the likely loss should it occur @©2@e@© Arpt rote of occurrence XSingl loss ‘expectancy = Annualized los expectancy |G Most methodologies use interelated elements such as threats, vulnerabilities, and controls Appendix ® Page 3366 tical Macking Countermeasures Copyright © by EC-Counel ‘Al Rights Reserved. Reproduction Sel Prohiated