send mail to firstname.lastname@example.org mentioning your email id and mobileno registered with us! if details not recieved
Resend Opt after 60 Sec.
Please verify your mobile number
Please update your name
Subscribe to Notifications
Stay updated with the latest Current affairs and other important updates regarding video Lectures, Test Schedules, live sessions etc..
Refer & Earn
My Abhipedia Earning
Kindly Login to view your earning
Direction () : Read the given passage carefully and answer the questions that follow.
The need for more effective information security practices is increasingly evident with each security breach reported in the media. When adopting new technologies like cloud computing, virtualization, or IT outsourcing, enterprises are facing imminent security threats and must adjust their security processes, policies, and architectures accordingly. Among the many options available to help
customers to achieve this goal, organizations should consider the value of ethical hacking services, which are rapidly gaining attention as an essential security practice that should be performed on a regular basis. “The elevated threat landscape
therefore, urgently dictates the need for a comprehensive, real-world assessment of an organization’s security posture. This assessment is a first vital step to enact effective security policies, procedures, and infrastructure that will prevent or mitigate the effects of a data breach.” Ethical hacking offers an objective analysis of an organization’s information security
posture for organizations of any level of security expertise. The ethical hacking organization has no knowledge of the company’s systems other than what they can gather. Hackers must scan for weaknesses, test entry points, priorities targets, and develop a strategy that best leverages their resources. The objectiveness of this kind of security assessment has a direct impact on the value of the whole evaluation. However, businesses still remain skeptical about the risk inherent with inviting a third-party to attempt to
access sensitive systems and resources. To reduce this fear, businesses should hire only ethical hacking companies that implement
practices to ensure privacy and confidentiality. They should also be accredited by international trade organizations such as the EC-Council and ISC. Ethical hacking and ethical hacker are terms used to describe hacking performed by a company or individual to help identify potential threats on a computer or network. An ethical hacker attempts to bypass system security and search for any
weak points that could be exploited by malicious hackers. This information is then used by the organization to improve the system
security, in an effort to minimize or eliminate any potential attacks. The term "ethical hacker" has received criticism at times from people who say that there is no such thing as an "ethical" hacker. Hacking is hacking, no matter how you look at it and those who do the hacking are commonly referred to as computer criminals or cyber criminals. However, the work that ethical hackers do for organizations has helped improve system security and can be said to be quite effective and successful. Individuals interested in
becoming an ethical hacker can work towards a certification to become a Certified Ethical Hacker, or CEH. In a search for ways to reduce the fear and worry of being hacked, organizations have come to the realization that an effective way to evaluate security threats is to have independent security exerts attempt to hack into their computer systems. In the case of computer security, these tiger teams or ethical hackers would use the same tools and techniques as an attacker, but rather than damage the system or steal
information, they would evaluate the system security and report the vulnerabilities they found and provide instructions for how to
remedy them. From the early days of computers, ethical hacking has been used as an evaluation of system security. Many early ethical hacks were conducted by the United States Military to carry out security evaluations on their operating systems to determine whether they should employ a two-level (secret/top secret) classification system. However, with the growth of computing and networking in the early 1990's, computer and network vulnerability studies began to appear outside of the military organization.
In December of 1993, two computer security researchers, Dan Farmer from Elemental Security and Wietse Venema from IBM, suggested that the techniques used by hackers can be used to assess the security of an information system. They wrote a
report that was shared publicly on the Internet which described how they were able to gather enough information to compromise security and they provided several examples of how this information could be gathered and exploited to gain control of a system, and how such an attack could be prevented. An ethical hacker should set simple goals, such as finding unauthorized wireless
access points or obtaining information from a wired network system. In any case, the goals should be articulate and well communicated. Written permission is required and should state that an ethical hacker is authorized to perform a test according to the plan. It should also say that the organization will provide legal and organizational support in case criminally charges or lawsuits
arise. This is conditional on staying within the bounds of the approved plan. An ethical hacker is bound to confidentiality and non-disclosure of information they may uncover. Ethical hackers must also be compliant with their organization's governance and local laws. An ethical hack must not be performed when the company policy or the law for that matter, explicitly forbids it. Source:
What is the major difference between hackers and ethical hackers?
Hackers are not hired by organizations whereas the ethical hackers are hired by organizations for better security.
Hackers are the unprofessional, uncertified people whereas the ethical hackers are the professional certified ones.
Hackers have some malicious purpose whereas the ethical hackers report the weaknesses and vulnerabilities to the organization on finding any.
Hackers use specific techniques whereas the ethical hackers use a common set of techniques that had been popular for some time.
Hackers do not work for any specific organization whereas the ethical ones work for specific organizations.
It can be well inferred from the passage that the ethical hackers do not have any negative purpose and want to enhance
the security of organizations whereas the normal hackers have an ill motive and want to gain personal benefits causing harm to others. Thus option C is the correct answer.
By: Munesh Kumari ProfileResourcesReport error
Access to prime resources