Question

Understanding information security issues

1. Open a new Microsoft® Word document, and enter your answer to one of the prompts below:
   • Select two articles that detail hacking tools. Summarize each article and include a concluding paragraph that explains how you as a cybersecurity professional would use these tools.
   • Scan the articles that appeared over the last month. Use those articles to create your own one-page summary of any trends you notice as well as any major events that have occurred.
   • Visit the “Popular Posts” tab and select one article that is of particular interest to you. Perform additional Internet research on that topic and then write a summary of that article. Include why you were interested in the article, what you learned from it, and how you could use it in your career as a cybersecurity professional.
2. Save the file on your computer with your last name in the file name. (Example: chapter_01_essay_Jones.doc)
3. Click the Browse button below to find and select your saved document, and then click Submit Assignment for Grading.

Answer 1

Prompt 1

Hacking is a cyber crime, but ethical hacking is not. Ethical hacking is the process using hacking tools for legal activities such as finding a criminal or intruding to the database of an attacker. There are different tools available today to do both. As a cybersecurity professional lets have a look through ethical hacking tools available in the internet.

The first article was from tutorialpoints.com which exhibits a complete course on hacking. This course contain a detailed session of different type of ethical hacking tools.

• NMAP - NMAP stands for Network Mapping. This tool is used to scan network which is either large or individuals. This tools help fpr network inventory, managing service upgrades, and monitoring hosts. Monitoring hosts include what hosts are available in that network, what OS are they running and what services are they offering.
• Metasploit - This is a powerful tool from Rapid7. This tools is used to do basic penitration tests over small networks, checks the vulnerabs on the spot etc.
• Burp Suit - Burp suit is used for doing a security test for web applications. it includes various sub tools to work in collaboration and do the tests.
• Angry IP scanner - This is a tool to scan the IP addresses and ports. This is an open source cross platform supporting application. It will ping with any Ip and check whether it is alive or not, if alive, the host name and all other details are fetched.

The second article was from securitytrails.com. This is a website which is dedicatedly made for security related articles. This page describes many ethical hacking tools including the tools we already discuused about. Here some which we hadn't seen on the first site.

• John the ripper - It is a password cracker tool. This is knowned as the best password cracket available. This cracker automatically detect the encryption method used to encrypt the password. Hence his tool is used to check the strength of the password by the security officers.
• Wireshark - Wireshark is a tools that help us to monitor the trafic in the network realtime. It has the ability to detect any problem in the network with its sniffing technology.
• OpenVAS - This is an open source tool to check the network vulnerabilities. This is known as one of the best network vulnerabililty checker. It has a powerful web interface and the ability to scan multiple networks simultaneously.

All these tools and many more combined together make a great opertunity to protect the system and network maximum from any threats. And also these tools can be used to do any cyber security operation against attacks.