1
00:00:09,730 --> 00:00:15,220
Welcome to the Ethical Hacking Masterclass, cause this is a complete course, which would make you

2
00:00:15,220 --> 00:00:16,930
a complete ethical hacker.

3
00:00:17,530 --> 00:00:23,170
So in the first section of ethical hacking, that is the introduction to ethical hacking, we will learn

4
00:00:23,170 --> 00:00:27,460
different terminologies, penetration testing methodologies and much more.

5
00:00:28,210 --> 00:00:32,670
Let us start with the first lecture, which is the key terms in hacking.

6
00:00:33,160 --> 00:00:40,790
In this lecture, we will learn what is an asset, what is a one that ability exploit risks and threats.

7
00:00:41,260 --> 00:00:43,080
So let us get started.

8
00:00:45,110 --> 00:00:52,970
What is an asset, an asset is any device, data or other component of the environment that supports

9
00:00:52,970 --> 00:01:00,050
information related activities that should be protected from anyone besides the people that are allowed

10
00:01:00,050 --> 00:01:08,730
to view or manipulate the data or information and information security and computer security, access

11
00:01:08,750 --> 00:01:11,840
to any data that is of utmost importance.

12
00:01:12,740 --> 00:01:19,790
So asset can be from of people or person or device or call or anything.

13
00:01:20,480 --> 00:01:29,060
Assets should be protected from illicit access use, disclosure, alteration, destruction and theft.

14
00:01:30,290 --> 00:01:32,000
The next is vulnerable.

15
00:01:33,380 --> 00:01:41,480
Vulnerability is defined as a flaw or weakness inside the asset that could be used to gain unauthorized

16
00:01:41,480 --> 00:01:42,260
access to it.

17
00:01:42,980 --> 00:01:50,360
The successful compromise vulnerability may result in data manipulation, privilege, television exploitation,

18
00:01:50,540 --> 00:01:51,230
etc..

19
00:01:52,500 --> 00:01:59,130
In cybersecurity overnight, it really is a weakness which can be exploited by a cyber attack to gain

20
00:01:59,130 --> 00:02:06,150
unauthorized access, to exploit a vulnerability and attacker must be able to connect to the computer

21
00:02:06,150 --> 00:02:07,980
system vulnerabilities.

22
00:02:07,980 --> 00:02:13,520
Examples are crosseyed scripting a skill injection buffalo of and others.

23
00:02:13,980 --> 00:02:16,590
They are going to see all these, you know, next sections.

24
00:02:17,580 --> 00:02:23,500
Now, what is a threat, a threat represents a possible danger to the computer system.

25
00:02:24,270 --> 00:02:28,200
It represents something that no organization doesn't want to happen.

26
00:02:29,080 --> 00:02:32,250
A successful exploitation of the vulnerability is a threat.

27
00:02:33,000 --> 00:02:38,310
A threat may be a malicious hacker who is trying to gain unauthorized access to an asset.

28
00:02:39,370 --> 00:02:46,870
Anything that can explode when they really intentionally or accidentally and obtain damage or destroy

29
00:02:46,870 --> 00:02:49,090
an asset is also known as a threat.

30
00:02:50,240 --> 00:02:53,000
A threat is what we are trying to protect against.

31
00:02:53,930 --> 00:03:01,010
Common types of threats are natural threats, unintentional threats and intentional threats, natural

32
00:03:01,010 --> 00:03:04,040
threats can be floods, hurricanes or tornadoes.

33
00:03:04,640 --> 00:03:09,840
Unintentional threats can be like an employee mistakenly accessing the wrong information.

34
00:03:10,040 --> 00:03:11,840
Yes, that that can be a threat.

35
00:03:12,440 --> 00:03:20,200
And intentional threats are hackers, spyware, malware, adware or the actions of a disgruntled employee.

36
00:03:20,570 --> 00:03:28,220
The next one it exploit and exploit is something that takes advantage of a vulnerability in an asset

37
00:03:28,220 --> 00:03:35,240
to cause unintended or anticipated behavior in a targeted system, which would then allow an attacker

38
00:03:35,450 --> 00:03:38,000
to gain access to data or information.

39
00:03:39,290 --> 00:03:41,930
Exploitation is actually the next step in an attack.

40
00:03:41,930 --> 00:03:49,130
US playbook, after finding a vulnerability exploit are the means through which of reality can be leveraged

41
00:03:49,310 --> 00:03:50,810
for malicious activity.

42
00:03:51,700 --> 00:03:57,700
All the experts can occur in a variety of ways, one common method is what explodes to be launched from

43
00:03:57,700 --> 00:03:58,780
malicious websites.

44
00:03:59,300 --> 00:04:05,710
The victim might visit such a site by accident or they might be tricked into clicking onto a link to

45
00:04:05,710 --> 00:04:06,670
the malicious site.

46
00:04:08,640 --> 00:04:09,240
Risk.

47
00:04:10,130 --> 00:04:17,400
Risk is defined as the impact resulting from the successful compromise of an asset, for example, an

48
00:04:17,400 --> 00:04:24,430
organization running the venerable Apache tonkatsu poses a threat to our organization, and the damage

49
00:04:24,430 --> 00:04:28,200
and loss that is close to the asset is defined as the risk.

50
00:04:30,050 --> 00:04:37,610
It can also be defined as the potential for loss, damage or destruction of an asset as a result of

51
00:04:37,610 --> 00:04:39,700
trade exporting human tragedy.

52
00:04:40,280 --> 00:04:46,730
Now, all of these items we have seen previously, so reduce the potential for risk by creating and

53
00:04:46,730 --> 00:04:49,730
implementing a risk management plan is very essential.

54
00:04:50,570 --> 00:04:55,190
Risk is the intersection of assets, threats and vulnerabilities.

55
00:04:56,340 --> 00:05:00,340
Why is it important to understand difference between these storms?

56
00:05:01,050 --> 00:05:05,640
See, if you do not understand the differences, will never understand the true risk to assess, as

57
00:05:06,450 --> 00:05:13,410
you see when conducting a risk assessment, the formula that is used to determine the risk is A plus

58
00:05:13,410 --> 00:05:22,470
B plus V is equal to all, which means asset plus threat plus vulnerability is equal to risk.

59
00:05:23,570 --> 00:05:24,170
ADEC.

60
00:05:26,070 --> 00:05:32,880
A cyber attack is an attack launched from one or more computers against another computer, multiple

61
00:05:32,880 --> 00:05:34,440
computers on networks.

62
00:05:35,340 --> 00:05:38,430
Cyber attacks can be broken down into two broad types.

63
00:05:38,880 --> 00:05:45,630
First, the attacks with the goal is to disable the target computer or knock it off line on the second

64
00:05:46,080 --> 00:05:46,610
attacks.

65
00:05:46,690 --> 00:05:52,880
The goal is to get access to the target's computers data and then perhaps gain admin privileges on it.

66
00:05:54,290 --> 00:06:01,070
They're depending upon the criminal intent, a cyber attack can be random or targeted attack cyber attack

67
00:06:01,070 --> 00:06:05,960
methods seem to rotate in order to throw an organization off their defenses.

68
00:06:07,010 --> 00:06:10,610
The famous cyber attacks example are vulnerable and not be.

69
00:06:11,750 --> 00:06:19,760
Then crypto miners attacks made headlines in 2018 and in 2019, cyber attacks have been a mixed bag.

70
00:06:20,360 --> 00:06:25,400
Phishing email cyberattacks remain the constant tone for most of the organizations.

71
00:06:25,820 --> 00:06:28,210
So this was all for this lecture.

72
00:06:28,700 --> 00:06:34,640
In the next lecture, we will see what is mean by a penetration test and we'll see what is vulnerability

73
00:06:34,640 --> 00:06:35,270
assessment.

74
00:06:35,870 --> 00:06:40,440
And we will see the difference between vulnerability assessment and penetration testing.

75
00:06:40,880 --> 00:06:46,340
And finally, we will see what is mean by new reality assessment, penetration testing.