ETHICAL HACKING (Professional Elective – II)

UNIT- I

Introduction:

Hacking Impacts.
The Hacker.

Framework:
Planning the test.
Sound Operations.
Reconnaissance.
Enumeration.
VulnerabilityAnalysis.
Exploitation.
Final Analysis.
Deliverable.
Integration.

Information Security Models:

Computer Security.
Network Security.
Service Security.
Application Security.
Security Architecture.

Information Security Program:

The Process of Information Security.
Component Parts of InformationSecurity Program.
Risk Analysis and Ethical Hacking.
Introduction
Ethical hacking involves the same tools, tricks, and techniques that hackers use, but with one major
difference that Ethical hacking is not illegal. It is the way through which an ethical hacker will discover
some vulnerability from the hacker’s point of view so that the system can be made more secure and
safe.Ethical hacking, as the name indicates a hacking which is ethical. It is also called penetration
testing.

This is the technique which is being used by a lot of professionals to do hacking but that is not illegal it
is preferably ethical. That is the reason it is to be called ethical hacking. Though all the tools, tricks
and techniques are used in this regard are the same as being used in hacking, but it is done with the
consent of the target, that’s why is not hacking it is ethical hacking.

It is the way through which an ethical hacker will discover some vulnerability from the hacker’s point of
view so that the system can be made more secure and safe. Ethical hacking also makes sure that the
claim made by target should be genuine.

It’s part of an overall information risk management program that allows for ongoing security
improvements. Ethical hacking can also ensure that vendors’ claims about the security of their
products are legitimate.

WHAT IS ETHICAL HACKING ?

According to the ethical hackers they know every detail about the company and they can destroy the
system. The major skill of the ethical hacker is trustworthiness and the other is patience. The
information found by the hacker can’t be abused. The ethical hacker should be more trustworthy for
the maintenance of the safety and security of the system. Gaining access to somebody’s computer
system or network without their permission is crime and that is not ethical.

Hacking is a neat skill to have. However, such a skill requires great responsibility. Learn about the
responsibility an ethical hacker have in this introductory course to Ethical Hacking. In this course, you
will get a peek into what it means to be an Ethical Hacker, practice hacking ethically, and learn the
tools and techniques to be an efficient hacker

Let’s Be Ethical

Learners will learn about ethical hacking and practice the hacking process as an ethical hacker.

 Introduction:- Have you ever thought about a career in bug hunting? Not hunting for little
critters that roam outside your home or inside but hunting for software bugs, errors in the
code, found in an applicati…
 The Hacking Process:-Before we go hunting, let’s learn about the hacking process. The
hacking process is a combination of ethical hacking tactics for organizational defense. Having
a list of tactics to ensure organizat…
 Hunting for Sensitive Data Exposure :-In this exercise, you will search for bugs and
vulnerabilities in a newly created bank application. The bank application is called FakeBank
Financial. They recently hired an engineering team to c…
 Challenge: Hunting for Web Vulnerability :-Here’s a challenge! You’re free to skip this
exercise if you choose. To skip, just select Next to continue. However, if you choose to accept
this challenge, your task is to identify and note as …
 Conclusion:-Throughout this lesson, you’ve learned about ethical hacking and bug hunting,
the hacking process, and practiced searching, identifying, and eliminating bugs and
vulnerabilities within an applicati…
 Getting Started With Ethical Hacking

Get started with ethical hacking by learning what it takes to become an ethical hacker.

 Introduction:-If we want to hack a computer, we must know a few things. Before anything
else, we need to know that the computer exists in the first place - it’s hard to hack a computer
that doesn’t exist. We al…
 Ports and You:-An important concept to understand for network enumeration (and
networking in general) is the concept of ports. Ports are to IP addresses, what apartment
numbers are to street addresses. Ports …
 Time to Scan:-The situation is as follows: One of the computers in a network has been
infected with malware. > Our task is to use network enumeration to determine which
computer is likely to be infected so the…
 Conclusion:-Networking enumeration is a powerful tool for hackers and is used by attackers
and defenders alike. There are many different network enumerators available, with different
specialties.

Evading & Computing

Learners will learn about evading techniques and the future of computing.

 Cryptography is the process of encrypting and decrypting data in order to keep that data
safe when storing or transmitting it.

o Encryption is a way of hiding data by converting it to an encoded format.

o Decryption is a way of revealing encrypted data by decoding it from its encoded
format.

 Symmetric Vs. Asymmetric Encryption

Ciphers can be symmetric or asymmetric.

o Symmetric encryption uses the same key to encrypt and decrypt information.
o Asymmetric encryption uses a public key to encrypt data and a different private key
to decrypt data.

Asymmetric ciphers can be slower than symmetric ciphers but have additional use-cases in
authentication and non-repudiation.

 Hashing
Hashing is a one-way process that takes data of any size and represents it as a unique hash value of
a fixed size. No matter how large or complex your file is, hashing provides a fast, reliable way to
compare files and verify their authenticity.

Hashing lets you check if two pieces of information are the same, without knowing what the
information itself actually is.

Hashing can be used to store sensitive data in a secure way.

 Ephemeral keys are keys that are discarded after being generated and used.

This means that there is little benefit to an attacker who steals the key because the key quickly
becomes useless!
  Cryptography, Confidentiality, and Integrity
Cryptography is a powerful tool for maintaining both confidentiality and integrity. Powerful ciphers
prevent unauthorized parties from accessing information without the appropriate key, while
cryptographic hashing algorithms make it easy to see if information has been altered, maliciously or
otherwise.

 Cryptography Isn’t Perfect

Given enough time, any encryption can be broken using brute force. The ciphers we use today are
designed to take an extremely long time to be cracked, but computing power is always growing.

Design flaws can allow a cipher to be cracked much faster than would be possible using brute force
alone. Cryptography needs to be implemented and applied correctly to work. Strong ciphers are
useless if the key is easily stolen, or the data they encrypt is stored in plaintext elsewhere.

Unethical Hacking
Become familiar with unethical hacking thru a variety of cyber attacks.

 Cyber Attacks:- In cyber attacks, adversaries use special techniques to exploit

vulnerabilities in applications, processes, or procedures.

Cross-Site-Scripting (XSS)

<script>alert(1);</script>
Cross-Site Scripting (XSS) is a part of the OWASP Top Ten.

XSS is when an application allows untrusted data, potentially user-supplied data, into a web page
without proper validation or sanitization.

It’s dangerous because it can allow attackers to execute malicious scripts in a victim’s browser
leading to hijacked sessions, or malicious page alterations or redirections.

The code is an example of some code that may be used as part of a XSS attack. It could be inserted
into a URL.

 Mitigating SQL Injection Attacks: Input Sanitization

SELECT username, email FROP users WHERE id=’1’ AND ‘1’ = ‘2’
One way SQL injections can be mitigated is through input sanitization. Sanitization is the process of
removing dangerous characters from user input.

Dangerous characters might include:

• ‘
• ;
• \--
This is important because they allow attackers to extend SQL queries to gain more information from a
database.

Careful, this method is not the perfect defense against SQL injections. Removing characters may
have no effect in some queries and, if an attacker finds a way to bypass the sanitization process, they
can easily inject data into your system.

 SQL Injection
A SQL injection is a serious vulnerability affecting applications that use SQL as their database
language. Through cleverly constructed text inputs that modify the backend SQL query, threat actors
can force the application to output private data or respond in ways that provide intel. SQL injections
attacks can ultimately be used to steal information and even take complete control of a system.

 Cybersecurity: What Is Malware?

Malware is malicious software inserted into a system to cause damage to systems or data or to gain
unauthorized access to a network.

Some examples of malware are:

 Viruses
 Adware
 Spyware
 Scareware
 Trojan horses
 Rootkits
 Ransomware
 Worms
 Fileless malware

 Malware: Spyware
Spyware is malware downloaded without a user’s authorization which is used to steal sensitive
information and relay it to an outside party in a way that harms the original user.

The key word here is “spy”. Clicking suspicious links or downloads could result in spyware.

 Phishing Uses
Phishing is a social engineering tactic that can be used for many things, such as stealing credentials
or getting malware onto a system.

 Cybersecurity: Password Attacks

In Cybersecurity, a password attack is any attack that attempts to hack into a password-protected
asset, like an account or encrypted file.

 Cybersecurity: Password Spraying

Password Spraying refers to a type of brute force attack in which a threat actor tries common
passwords on multiple usernames.

 Cybersecurity: Credential Harvesting

In Cybersecurity, credential harvesting refers to when an attacker attempts to harvest, or learn, a
victim’s credentials.
Often, the attacker may just want to gain a large database of credentials rather than exploiting the
user directly.

 Buffer Overflow Attack

A buffer overflow attack is caused when an attacker intentionally passes data that overfills a buffer.
This can allow an attacker to fill the buffer with data of their choosing.

 Specialized Types of Phishing

Some specialized types of phishing include:

 Vishing: “Voice” phishing uses spam calls

 Smishing: “SMS” phishing uses text messages
 Spear Phishing: A phishing strategy that targets specific victims
 Whaling: A phishing strategy that targets high-profile victims

 Adversarial AI
Adversarial artificial intelligence (AI) is a method used to identify vulnerabilities and attack vectors
to circumvent security systems.

 Supply Chain Attack

A supply-chain attack is a cyber attack that attempts to harm an organization by targeting vulnerable
parts of its supply chain.

One of the more recent real-world examples of a supply-chain attack affected a company known
as SolarWinds.

 First federal computer fraud law

The Computer Fraud and Abuse Act (CFAA) was created to amend the first federal computer fraud
law to address hacking.

 Computer Fraud and Abuse Act

The Computer Fraud and Abuse Act (CFAA) deals with hacking by prohibiting intentional access to a
computer without authorization.
Hacking Impacts:-

There are many areas in society using information technology where the ethical hackers made a great
impact. Ethical Hackers can be Professionals Supporting Organizations Systems from Hackers'
Attacks. Today the entire world is in the hands of information technology and we can't even think
about a life without the internet. Now a day’s internet has become the connecting link for a mobile
device to the world. This made the hackers attack the world.

Employing ethical hackers can improve cybersecurity by detecting possible weaknesses and offering
solutions. It can prevent system down time, prevent espionage, supporting protocols, and
safeguard the integrity of information.

o Impact on Education

Teaching hacking students is a hard process. Students are always interested in learning new
technologies. Whenever a teacher is teaching the students about the hacking he/she can ensure that
how the student will take the concept, it is possible that the student may intend to hack other devices
or do bad things with this. In the class, the 95% students may take lessons in a good manner but the
remaining 5% may have bad intentions. The major problem is that the students really don't know the
importance and impacts of hacking, but they will try to do hacking it can be for a good or bad purpose.
Nowadays the number of the students who are intended for the security courses are increasing. They
want to learn hacking easily and earn its benefits. They are attracted to new hacking technologies
where they can hack computers and other devices. We have to make them understand that ethical
hacking is bad if it does not contain any ethics.

o Impact on Business

Nowadays we use a lot of IT applications in business. We live in a digital world and thus all of the data
is digitized. As a result the whole transactions are done today electronically. The growth and
availability of the internet made people do digital transactions. As a result the rate of the customers
who are using the e-commerce sites has increased. To an ethical hacker it is very easy to buy
products from these sites. In one way he may hack the site and buy the products or he can hack a
person’s account and use it for the payments. Also there are some good and ethical programmers
doing their job neatly. But they can use their talent for bad intentions. They can attack business
persons or companies systems, tap the phone calls, create virus codes, etc. We can't predict the
intentions of an ethical hacker. As technology increases, ethical hackers will increase. We can't stop
them but we can advise them to work for good intentions.

o Impact on Workplace

Security Today most of the companies store their data in the digital form. So the ethical hacker can
hack the data and can use it for his own purpose. The hacker can access the information of the staff
of the company. Sometimes the hacker may attack the company’s servers and access the server
data. For this purpose they use virus code. To prevent the hacking we have to improve the security of
the existing system; it can be achieved by finding the information used by the hackers to hack the
system and correct those weak points to increase the security. The hacker may attack the company’s
server data to gain a large amount. But now the companies have several mechanisms to prevent
ethical hackers.

o Impact on Technology

In this modern world almost nothing is secure. Almost all information is available at our finger point.
Anybody can easily get the information related to any system. So ethical hackers can easily get the IP
addresses of any system and may attack it. There are several tools for ethical hackers to do their
work easily. Hackers may use them for crimes where the ethical hackers will use them to find the
weaknesses and imperfections in the network security.

o Impact on Confidential Information

Today confidential information in society is not at all safe in the existence of hackers. So many ethical
hackers are working in several institutions where financial transactions take place. The hackers
mainly hack our accounts using fake emails and advertisements. There is a great problem for an
ethical hacker to track all the outlines. The hacking is different from ethical hacking. But sometimes
because of all access with ethical hackers, they may also come into this circle. And sometimes for an
ethical hacker it is very difficult to prove that he is not the illegal hacker. For example, if an ethical
hacker is hired to check the vulnerabilities in a system of confidential information and a few days later
some data is leaked from that system then everybody will blame the ethical hacker and will make him
a black–hat hacker.

The Hacker:-

Hackers are the people who have a great Knowledge on operating systems and network
technologies. The hackers who are hacking a system illegally are known as black-hat hackers. But
ethical hackers hack the system in an ethical way. An ethical hacker should see sensitive information
and needs to be extremely trustworthy. Lots of companies don’t believe in hiring hackers. The black-
hat hackers hack the systems for their own gains mean while the ethical hackers hack the systems to
find the vulnerabilities in the system and improve the security of the system.

Hackers can be classified into different categories such as white hat, black hat, and grey hat, based on
their intent of hacking a system. These different terms come from old Spaghetti Westerns, where the
bad guy wears a black cowboy hat and the good guy wears a white hat.
White Hat Hackers
White Hat hackers are also known as Ethical Hackers. They never intent to harm a system, rather they
try to find out weaknesses in a computer or a network system as a part of penetration testing and
vulnerability assessments.
Ethical hacking is not illegal and it is one of the demanding jobs available in the IT industry. There are
numerous companies that hire ethical hackers for penetration testing and vulnerability assessments.
Black Hat Hackers
Black Hat hackers, also known as crackers, are those who hack in order to gain unauthorized access
to a system and harm its operations or steal sensitive information.
Black Hat hacking is always illegal because of its bad intent which includes stealing corporate data,
violating privacy, damaging the system, blocking network communication, etc.
Grey Hat Hackers
Grey hat hackers are a blend of both black hat and white hat hackers. They act without malicious intent
but for their fun, they exploit a security weakness in a computer system or network without the owner’s
permission or knowledge.
Their intent is to bring the weakness to the attention of the owners and getting appreciation or a little
bounty from the owners.
Miscellaneous Hackers
Apart from the above well-known classes of hackers, we have the following categories of hackers based
on what they hack and how they do it −
Red Hat Hackers
Red hat hackers are again a blend of both black hat and white hat hackers. They are usually on the
level of hacking government agencies, top-secret information hubs, and generally anything that falls
under the category of sensitive information.
Blue Hat Hackers
A blue hat hacker is someone outside computer security consulting firms who is used to bug-test a
system prior to its launch. They look for loopholes that can be exploited and try to close these gaps.
Microsoft also uses the term BlueHat to represent a series of security briefing events.
Elite Hackers
This is a social status among hackers, which is used to describe the most skilled. Newly discovered
exploits will circulate among these hackers.
Script Kiddie
A script kiddie is a non-expert who breaks into computer systems by using pre-packaged automated
tools written by others, usually with little understanding of the underlying concept, hence the
term Kiddie.
Neophyte
A neophyte, "n00b", or "newbie" or "Green Hat Hacker" is someone who is new to hacking or phreaking
and has almost no knowledge or experience of the workings of technology and hacking.
Hacktivist
A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or political
message. In general, most hacktivism involves website defacement or denialof-service attacks.
Framework:
The framework can be used to both justify and condemn hacking depending on the circumstances,
allowing those on the outside to distil and evaluate a political hack, both past and present, while
guiding hacker collectives by providing clearer ethical tools for determining the appropriate agendas
and methods.

Planning the test

Planning is essential for having a successful project. It provides an opportunity to give critical thought
to what needs to be done, allows for goals to be set, and allows for a risk assessment to evaluate how
a project should be carried out. There are a large number of external factors that need to be
considered when planning to carry out an ethical hack. These factors include existing security
policies, culture, laws and regulations, best practices, and industry requirements. Each of these
factors play an integral role in the decision making process when it comes to ethical hacking. The
ethical hack of this phase have a deep influence on how the hacking should be performed and the
information shared and collected, and will directly influence the deliverable and integration of the
results into the security program of it. The planning phase will describe many of the details of a
controlled attack. It will attempt to answer questions regarding how the attack is going to be supported
and controlled, what the underlying actions that must be performed and who does what, when, where,
and for how long.

Reconnaissance
Reconnaissance is the information-gathering stage of ethical hacking, where you collect data about
the target system. This data can include anything from network infrastructure to employee contact
details. The goal of reconnaissance is to identify as many potential attack vectors as possible.

In this stage the hacker is supposed to collect all the information of the company whose data is to be
hacked and it is called footprinting. The hacker ensures all the information to be collected and it is the
pre attacking phase in hacking. Tools like network mapping and network vulnerability scanning are
used.

Before performing any penetration tests, hackers footprint the system and gather as much information
as possible. Reconnaissance is a preparatory phase where the hacker documents the organization’s
request, finds the system’s valuable configuration and login information and probes the networks. This
information is crucial to performing the attacks and includes:

 Naming conventions
 Services on the network
 Servers handling workloads in the network
 IP Addresses
 Names and Login credentials of users connected to the network
 The physical location of the target machine

Data collected from reconnaissance may include:

 Security policies. Knowing an organization’s security policies can help you find weaknesses in
their system.
 Network infrastructure. A hacker needs to know what type of network the target is using (e.g.,
LAN, WAN, MAN), as well as the IP address range and subnet mask.
 Employee contact details. Email addresses, phone numbers, and social media accounts can be
used to launch social engineering attacks.
 Host information. Information about specific hosts, such as operating system type and version,
can be used to find vulnerabilities.

Footprinting Methodology
There are many different ways to approach footprinting, but all approaches should follow a similar
methodology. This includes identifying the assessment goals, gathering information about the target,
analyzing this information, and reporting your findings.
The first step is to identify the goals of the assessment. What do you want to achieve by conducting a
security assessment. Do you want to find out how easy it would be to hack into the organization’s
systems, or do you want to gather general information about the organization’s network
infrastructure?
Once you have identified your goals, you can gather information about the target. This includes
anything relevant, such as the company’s name, website, contact details, and relevant social media
profiles. It is also essential to gather information about the organization’s security posture, such as
what type of security measures they use and how they are implemented.
Once you have gathered all this information, it needs to be analyzed and evaluated. What threats
does this data pose to the organization? Are there any areas of weakness that an attacker could
exploit?
Finally, what recommendations can you make to improve the organization’s security posture?
Reporting your findings is an essential part of the footprinting process. You need to provide a detailed
report that outlines your conclusions and recommendations. This will help improve the organization’s
awareness of cybersecurity threats and help it take steps to mitigate these risks.
Information Gathered Through Footprinting
The information gathered during a footprinting assessment can be used in many different ways. It can
be used to improve an organization’s security posture by identifying vulnerabilities and recommending
corrective actions. It can also be used in future penetration tests or red team exercises (Forbes
Technology Council Expert Panel, 2021) to assess the effectiveness of security measures.
Finally, it can also be used as evidence in the aftermath of a data breach or cyberattack. Having a
comprehensive record of its security posture can help an organization show that it took all reasonable
steps to protect its data.
How Footprinting Is Used
Footprinting in ethical hacking is a common technique used by security professionals to assess an
organization’s security posture. It can be used as part of a more extensive assessment or in isolation
and can provide valuable information about the organization’s cybersecurity vulnerabilities.
For hackers, footprinting can be used to gather information about a target that can then be
incorporated when planning an attack. This includes information such as the names of employees,
contact details, and social media profiles.

Enumeration
Enumeration is extracting a system’s valid usernames, machine names, share names, directory
names, and other information. It is a key component of ethical hacking and penetration testing, as it
can provide attackers with a wealth of information that can be used to exploit vulnerabilities.

It can also be defined as collecting detailed information about the target systems, such as operating
and network infrastructure details. Enumeration can be used in both an offensive and defensive
manner.

Enumeration is one of the most important steps in ethical hacking because it gives hackers the
necessary information to launch an attack. For example, hackers who want to crack passwords need
to know the usernames of valid users on that system. Enumerating the target system can extract this
information.
Enumeration can be used to gather any of the following information:
 Operating system details
 Network infrastructure details
 Usernames of valid users
 Machine names
 Share names
 Directory names
 Printer names
 Web server details

Why Is Enumeration Important?

Enumeration lets you understand what devices are on your network, where they are located, and
what services they offer. To put it simply, enumeration can be used to find security vulnerabilities
within systems and networks. By conducting an enumeration scan, you can see what ports are open
on devices, which ones have access to specific services, and what type of information is being
transmitted. This information can then be used to exploit weaknesses and gain unauthorized access.
Carrying out an enumeration scan requires both time and patience. However, it’s a crucial step in the
hacking process as it allows you to gather intelligence about your target. Enumeration can be
performed manually or with automated tools. Whichever method you choose, it’s important to be
thorough in your scan to maximize the amount of information you can collect.

Techniques for Enumeration

When it comes to network security, enumeration is key. By enumerating a system, you can gain a
better understanding of that system and how it works. This knowledge can then be used to exploit
vulnerabilities and gain access to sensitive data.
Several techniques can be used for enumeration, and your method will depend on the type of system
you are targeting. The most common methods include email IDs and usernames, default passwords,
and DNS zone transfer.
 Using email IDs and usernames is a great way to gather information about a system. You can use
this information to brute force passwords or gain access to sensitive data. Default passwords are
another common method of enumeration.
 By using default passwords, you can gain access to systems that have not been properly
configured.
 DNS zone transfer is a technique that can be used to expose topological information. This
information can be used to identify potential targets for attack.
Understanding the techniques available for enumeration can better protect your systems from attack.

Process of Enumeration
Enumeration is the process of identifying all hosts on a network. This can be done in several ways,
but active and passive scanning is the most common method. Active scanning involves sending out
requests and analyzing the responses to determine which hosts are active on the network. Passive
scanning involves listening to traffic and then analyzing it to identify hosts.
Both methods have their advantages and disadvantages. Active scanning is more likely to identify all
hosts on a network, but it is also more likely to cause disruptions because it generates a lot of traffic.
Passive scanning is less likely to identify all hosts, but it is also less likely to cause disruptions
because it does not generate any traffic.

The Types of Enumeration

There are many different types of enumeration. The most appropriate type will depend on the
situation and the required information:
 NetBIOS Enumeration: NetBIOS is a protocol that allows devices on a network to share
resources and communicate with each other. NetBIOS enumeration is querying a device to
identify what NetBIOS resources are available. This can be done using tools like nbtstat and net
view.
 SNMP Enumeration: SNMP is a protocol that allows devices to be managed and monitored
remotely. SNMP enumeration is querying a device to identify what SNMP resources are available.
This can be done using tools like SNMP-check and snmpwalk.
 LDAP Enumeration: LDAP is a protocol that allows devices on a network to share information
about users and resources. LDAP enumeration is querying a device to identify what LDAP
resources are available. This can be done using tools like ldapsearch and ldapenum.
 NTP Enumeration: NTP is a protocol that allows devices on a network to synchronize their clocks
with each other. NTP enumeration is querying a device to identify what NTP resources are
available. This can be done using tools like Nmap and PRTG Network Monitor.

Services and Ports to Enumerate

When conducting a penetration test or simply enumerating services on a target machine, knowing
which ports are associated with it is often useful. This can be accomplished using a port scanner such
as Nmap to scan for open ports on the target machine. Once you have a list of open ports, you can
use a port lookup tool to determine which service runs on each port. This information can be
extremely helpful when trying to identify potential attack vectors.
The following are some of the most commonly used services and their associated ports
 FTP – 21
 SSH – 22
 HTTP – 80
 HTTPS – 443
 SMTP – 25
 POP3 – 110
 IMAP – 143
 SNMP – 161
As you can see, various services can run on any given port. Knowing which service runs on which
port when enumerating a target machine is helpful.
Enumeration, also known as information gathering, is the first phase of ethical hacking. To establish
your career as an ethical hacker, you must know all the stages, tools, techniques, attack vectors, and
surfaces to identify weak links. Getting certified is one to validate your skills and knowledge as an
ethical hacker. If you want to learn the latest commercial-grade hacking tools, techniques, and
methodologies used by hackers and information security professionals, EC-Council’s Certified Ethical
Hacker (C|EH) is a credible certification to pursue to build your skills.

Vulnerability Analysis:-
There are a variety of ways that cyber criminals conduct malicious attacks on an organization’s
technological infrastructure. These criminals always find new ways to breach cyber security systems
using viruses, malware, ransomware and phishing.

Viruses:

As its name suggests, a virus is software or code that infects a program, computer or system. Viruses
are insidious in that they can often spread from computer to computer before being detected. Viruses
may be designed to destroy computer functionality or steal data.

Malware:

Malware is software that is harmful to a computer. It includes viruses, as well as spyware (software
that steals personal information such as passwords), adware (software that displays unwanted ads)
and other threats. Malware is often attached to emails or files that are downloaded.
Ransomware:

This type of software is especially detrimental to an organization. Ransomware can lock employees
out of a company’s system and prevent them from accessing important data until a ransom is paid to
the cyber criminals.

Phishing:

This is the most common type of attack used by cyber criminals. Usually, these criminals send
phishing emails that trick employees into entering important information into a fake website. Phishing
emails may also download malicious malware when the email is opened.

What Is “ Vulnerability Analysis ”?

Cyber security professionals implement a vulnerability analysis when they are testing an
organization’s technological systems. Vulnerability analysis allows them to prepare for cyber attacks
before they happen. By identifying an organization’s cyber security vulnerabilities, cyber professionals
can institute measures to mitigate these susceptibilities. Multiple steps need to be taken to effectively
implement a vulnerability analysis.

Holistic System Evaluations

Cyber security professionals begin the process of vulnerability analysis by evaluating an

organization’s digital system. First, they identify whether it is connected to the internet via an external
or internal IP address. They then evaluate whether the system is accessible to the public and
determine who has the overall permissions to access the systems. Finally, cyber security
professionals analyze what the system is used for within the organization.

Systemic Baselines Identification

After this process, cyber security professionals define systematic baselines, which involve a variety of
configuration factors. These factors need to meet a set standard of “security best practices,”
according to AT&T Business. Some examples of configuration factors are operating systems (OS),
software, ports and security configurations. Cyber security professionals need to be aware of all these
factors before performing a vulnerability scan.

Vulnerability Scanning Implementation

There are two types of vulnerability scans: unauthenticated and authenticated. Originating at the
network perimeter, unauthenticated scans search for and identify open ports and test for exploits and
attacks, according to AT&T Business. In contrast, authenticated scans perform a “credentialed scan
of the operating system and applications looking for misconfigurations and missing patches” that can
be exploited by cyber criminals. After the scans are complete, cyber security professionals create a
report identifying vulnerabilities in the system.

Skills Needed for Effective Vulnerability Analysis

A variety of skills are necessary to become a cyber security professional. These professionals should
have a deep knowledge of the vulnerability analysis process. Moreover, they must exhibit strong
technical, analytical and critical-thinking skills as well as a thorough understanding of current cyber
attack methodologies.

These skills are vital, as cyber security professionals deal with complex and rapidly evolving technical
systems and security issues. They must anticipate potential problems, establish robust testing
processes to identify and fortify vulnerabilities, successfully handle security breaches in real time, and
conduct thorough reviews after a security breach to ensure it doesn’t happen again.
Discover a Rewarding Career in Cyber Security

Cyber criminals are constantly developing new ways to breach the technological infrastructures and
devices of organizations. Therefore, cyber security professionals who can stay one step ahead of
these criminals are much sought after.

Many businesses are not prepared for the financial impact of a cyber attack. Professionals with an
advanced degree in cyber security can develop the skills to protect an organization’s assets.

The University of North Dakota offers an advanced degree in cyber security that can prepare
graduates to protect against cyber crime and keep cyber criminals at bay. This unique and rigorous
online program offers four tracks: Autonomous Systems Cyber Security, Cyber Security and Behavior,
Data Security and General Cyber Security.

Exploitation:-
A script or programmed software which enables the hackers to take over the control of a system and
exploit its vulnerabilities is known as Exploitation. These vulnerabilities are found with some of the
vulnerability scanners like Nessus, Nexpose, OpenVAS, etc.

Metasploit is a powerful tool to locate vulnerabilities in a system.

Exploits are identified based on the vulnerabilities.

What are the different Vulnerability search engines?
Some of the best vulnerability search engines that can be used are :
Exploit Database

Common Vulnerabilities and Exposures

Common Vulnerabilities and Exposures (CVE) is the standard for information security vulnerability
names. For publicly known information security vulnerabilities and exposures CVE is a dictionary.

National Vulnerability Database

National Vulnerability Database (NVD) is the U.S. government repository of standards based
vulnerability management data. The automation of the vulnerability management, security
measurement and compliance is facilitated by NVD.
NVD includes databases of security checklists, security-related software flaws, misconfigurations,
product names, and impact metrics.
 What are different types of Exploits?

Basically there are two types of exploits −

 Remote Exploits − These are the type of exploits where access to a remote system or a network
is not possible. Remote exploits are used to get access to a remote system.
 Local Exploits − Local exploits are generally used by a system user having access to a local
system, but who wants to overpass his rights.

Quick Fix
Missing of the updates usually leads to Vulnerabilities. So it is suggested to update the system regularly.
Automatic updation can be activated in Windows by using the option from the Control Panel → System
and Security → Windows Updates.
Final Analysis
Although the exploitation phase has a number of checks and validations to ensure success, a final
analysis is required to categorize it. The vulnerabilities of the system in terms of their level of
exposure and to assist in the derivation of a mitigation plan. The final analysis phase provides a link
between two things the exploitation phase and the creation of a deliverable. A comprehensive view of
the entire attack must exist in order to construct a bigger picture of the security posture of the
environment and express the vulnerabilities in a clear and useful manner.

Deliverable
Deliverables communicate the results of tests in several ways. Some deliverables are short and brief,
only providing a list of vulnerabilities and how to fix them, while others are long and detailed, providing
a list of vulnerabilities with detailed descriptions regarding how they were found and how to exploit
them, the implications of having such a vulnerability and how to remedy the situation. The deliverable
phase is the only way for an ethical hacker to convey the results of their tests. Recently, ethical
hacking has having economic value.

Integration
Finally, it is essential that there is some means of using the test results for something productive.
Often, the deliverable is combined with existing materials of it, such as a risk analysis, security policy,
previous test results, and information associated with a security program to enhance mitigation and
develop remedies and patches for vulnerabilities.

Information Security Models:

Information security models are the procedures used to validate security policies as they are
projected to deliver a precise set of directions that a computer can follow to implement the
vital security processes, procedures and, concepts contained in a security program. These
models can be intuitive or abstractive. Security models run the directions of the road for
security in operating systems.

Computer Security

What is computer security?

Computer security basically is the protection of computer systems and information from harm, theft, and
unauthorized use. It is the process of preventing and detecting unauthorized use of your computer
system.

There are various types of computer security which is widely used to protect the valuable information
of an organization.

What is Computer Security and its types?

One way to ascertain the similarities and differences among Computer Security is by asking what is
being secured. For example,

 Information security is securing information from unauthorized access, modification & deletion
 Application Security is securing an application by building security features to prevent from
Cyber Threats such as SQL injection, DoS attacks, data breaches and etc.
 Computer Security means securing a standalone machine by keeping it updated and patched
  Network Security is by securing both the software and hardware technologies
 Cybersecurity is defined as protecting computer systems, which communicate over the
computer networks

It’s important to understand the distinction between these words, though there isn’t necessarily a clear
consensus on the meanings and the degree to which they overlap or are interchangeable.

So, Computer security can be defined as controls that are put in place to provide confidentiality,
integrity, and availability for all components of computer systems. Let’s elaborate the definition.

Components of computer system

The components of a computer system that needs to be protected are:

 Hardware, the physical part of the computer, like the system memory and disk drive
 Firmware, permanent software that is etched into a hardware device’s nonvolatile memory
and is mostly invisible to the user
 Software, the programming that offers services, like operating system, word processor,
internet browser to the user

The CIA Triad

Computer security is mainly concerned with three main areas:

 Confidentiality is ensuring that information is available only to the intended audience

 Integrity is protecting information from being modified by unauthorized parties
 Availability is protecting information from being modified by unauthorized parties

Computer security threats

Computer security threats are possible dangers that can possibly hamper the normal functioning of your
computer. In the present age, cyber threats are constantly increasing as the world is going digital. The
most harmful types of computer security are:
Viruses

A computer virus is a malicious program which is loaded into the user’s computer without user’s
knowledge. It replicates itself and infects the files and programs on the user’s PC. The ultimate goal of
a virus is to ensure that the victim’s computer will never be able to operate properly or even at all.

Computer Worm

A computer worm is a software program that can copy itself from one computer to another, without
human interaction. The potential risk here is that it will use up your computer hard disk space because
a worm can replicate in greate volume and with great speed.

Phishing

Disguising as a trustworthy person or business, phishers attempt to steal sensitive financial or personal
information through fraudulent email or instant messages. Phishing in unfortunately very easy to
execute. You are deluded into thinking it’s the legitimate mail and you may enter your personal
information.

Botnet

A botnet is a group of computers connected to the internet, that have been compromised by a hacker
using a computer virus. An individual computer is called ‘zombie computer’. The result of this threat is
the victim’s computer, which is the bot will be used for malicious activities and for a larger scale attack
like DDoS.

Rootkit

A rootkit is a computer program designed to provide continued privileged access to a computer while
actively hiding its presence. Once a rootkit has been installed, the controller of the rootkit will be able
to remotely execute files and change system configurations on the host machine.

Keylogger

Also known as a keystroke logger, keyloggers can track the real-time activity of a user on his computer.
It keeps a record of all the keystrokes made by user keyboard. Keylogger is also a very powerful threat
to steal people’s login credential such as username and password.

These are perhaps the most common security threats that you’ll come across. Apart from these, there
are others like spyware, wabbits, scareware, bluesnarfing and many more. Fortunately, there are
ways to protect yourself against these attacks.

Why is Computer Security Important?

In this digital era, we all want to keep our computers and our personal information secure and hence
computer security is important to keep our personal information protected. It is also important to
maintain our computer security and its overall health by preventing viruses and malware which would
impact on the system performance.

Computer Security Practices

Computer security threats are becoming relentlessly inventive these days. There is much need for one
to arm oneself with information and resources to safeguard against these complex and growing
computer security threats and stay safe online. Some preventive steps you can take include:

 Secure your computer physically by:

o Installing reliable, reputable security and anti-virus software
o Activating your firewall, because a firewall acts as a security guard between the
internet and your local area network
 Stay up-to-date on the latest software and news surrounding your devices and perform
software updates as soon as they become available
 Avoid clicking on email attachments unless you know the source
 Change passwords regularly, using a unique combination of numbers, letters and case types
 Use the internet with caution and ignore pop-ups, drive-by downloads while surfing
 Taking the time to research the basic aspects of computer security and educate yourself on
evolving cyber-threats
  Perform daily full system scans and create a periodic system backup schedule to ensure your
data is retrievable should something happen to your computer.

Network Security
Network security encompasses any activity that protects computer networks and data from
outside threats. The aim of network security is to create a secure platform for computers and
users, free from disruptions and invasions from unauthorised users and programs.

Types of Network Security Attacks:

Network security attacks are categorized on the basis of the end goals and are known as active and
passive.

Passive: The purpose here is to monitor/screen sensitive information. Here, the security of
enterprises and their customers is compromised. Examples of passive threats:
1. Release of message content
2. Traffic analysis

Active: The hackers involved in an active attack intend to destroy the network and the systems
connected. Examples of active threats:
1. Masquerade
2. Replay
3. Modification of message content
4. Denial of Service

Active and passive network security attacks are further divided according to the methods used. The
most prominent ones are:
Application Security
Application security is the process of developing, adding, and testing security features within
applications to prevent security vulnerabilities against threats such as unauthorized access and
modification.

Hardware, software, and procedures that identify and mitigate security vulnerabilities may be included
in application security. Hardware application security refers to a router that stops anyone from viewing
a computer's IP address over the Internet. However, application-level security controls, such as an
application firewall that rigorously limits what actions are allowed and banned, are often integrated
into the software. An application security routine that includes protocols such as regular testing is
an example of a procedure.

Why Application Security is Important?

Today's applications are frequently available over multiple networks and connected to the cloud, they
are more vulnerable to security attacks and breaches. There is increasing pressure and incentive to
assure security not only at the network level but also within individual applications. One explanation
for this is because hackers are focusing their attacks on applications more now than in the past.
Application security testing can expose application-level flaws, assisting in the prevention of these
attacks.

The faster and earlier you can detect and resolve security concerns in the software development
process, the safer your company will be. Because everyone makes mistakes, the trick is to identify
them as soon as possible.

Application security tools that integrate with your development environment can make this process
and workflow much easier and more efficient. These tools are especially beneficial for compliance
audits, as they can save time and resources by detecting issues before the auditors notice them. The
changing nature of how enterprise applications are built over the last many years has aided the rapid
expansion of the application security industry.

Types of Application Security

Authentication, authorization, encryption, logging, and application security testing are all examples of
application security features. Developers can also use code to reduce security flaws in applications.
Authentication

When developers include protocols in an application to ensure that only authorized users have access
to it. Authentication procedures verify that the user is who they claim to be. When logging into an
application, this can be performed by requiring the user to supply a user name and password. Multi-
factor authentication necessitates the use of multiple forms of authentication, such as something you
know (a password), something you have (a mobile device), and something you are (a biometric).

Authorization

A user may be authorized to access and use the application after being authenticated. By comparing
the user's identification to a list of authorized users, the system may verify that the user has
permission to access the application. In order for the application to match only validated user
credentials to the approved user list, authentication must take place before authorization.

Encryption

Other security measures can safeguard sensitive data from being seen or utilized by a cybercriminal
after a user has been verified and is using the application. Traffic containing sensitive data that flows
between the end-user and the cloud in cloud-based applications can be encrypted to keep the data
safe.

Logging

If a security breach occurs in an application, logging can assist in determining who gained access to
the data and how they did so. Application log files keep track of which parts of the application have
been accessed and by whom.

Application Security Testing

A method that ensures that all of these security controls are functioning effectively.

Tools for Application Security

A complete application security approach aids in the detection, remediation, and resolution of a
variety of application vulnerabilities and security challenges. Solutions for linking the impact of
application security-related events to business outcomes are included in the most effective and
advanced application security plans.

Finding the right application security technologies for your company is crucial to the effectiveness of
any security measures your DevOps or security team implements.

Application security can be divided into numerous categories:

 Static Application Security Testing (SAST)

SAST aids in the detection of code flaws by examining the application source files for the root
cause. The ability to compare static analysis scan results with real-time solutions speeds up
the detection of security problems, decreasing MTTR and enabling collaborative
troubleshooting.

 Dynamic Application Security Testing (DAST)

DAST is a more proactive approach, simulating security breaches on a live web application to
deliver precise information about exploitable flaws. DAST is especially useful for detecting
runtime or environment-related errors because it evaluates applications in production.
  Interactive Application Security Testing (IAST)
IAST combines parts of SAST and DAST by performing analysis in real-time or at any
moment during the development or production process from within the application. IAST has
access to all of the application's code and components, allowing it to produce more accurate
results and provide more in-depth access than previous versions.

 Run-time Application Security Protection (RASP)

RASP also works within the application, but it is more concerned with security than with
testing. RASP provides continuous security checks and automatic responses to possible
breaches, which includes terminating the session and informing IT teams.

Application Security Approaches

Different approaches will uncover different subsets of the application's security flaws, and they'll be
most effective at different stages of the development lifecycle. They all reflect the various time, effort,
cost, and vulnerability trade-offs.

 Design Review
The architecture and design of the application can be examined for security flaws before code
is created. The construction of a threat model is a popular strategy used at this phase.

 White-box Security Review or Code Review

A security engineer delves into the application by manually inspecting the source code and
looking for security issues. Vulnerabilities unique to the application can be discovered through
understanding the application.

 Black-box Security Audit

This is accomplished solely through the use of an application to test it for security flaws; no
source code is necessary.

 Automated Tooling
Many security tools can be automated by including them in the development or testing
process. Automated DAST/SAST tools that are incorporated into code editors or CI/CD
systems are examples.

 Coordinated Vulnerability Platform

Many websites and software providers offer hacker-powered application security solutions
through which individuals can be recognized and compensated for reporting defects.

What are Application Security Risks?

Security issues with web applications range from large-scale network disruption to focused database
tampering. The following are some application security threats:

 A vulnerability known as cross-site scripting (XSS) allows an attacker to insert client-side

code into a webpage. This gives the attacker direct access to the user's sensitive information.

 Remote attackers can use denial-of-service (DoS) and distributed denial-of-service (DDoS)
attacks to flood a targeted server or the infrastructure that supports it with various types of
traffic. This illegitimate traffic eventually prevents legitimate users from accessing the server,
causing it to shut down.

 SQL injection (SQLi) is a technique used by hackers to exploit database flaws. These
attacks, in particular, can reveal user identities and passwords, as well as enabling attackers
to edit or destroy data, as well as modify or create user rights.
  Hackers employ cross-site request forgery (CSRF) to mimic authorized users after duping
them into submitting an authorization request. Since their accounts have additional
permissions, high-level users are obviously frequent targets of this strategy, and once the
account is compromised, the attacker can remove, change, or destroy data.

 Memory corruption occurs when bad actors execute a variety of attacks on an application,
they end up unintentionally changing some area of its memory. As a result, the software
exhibits unexpected behaviour or fails.

 The buffer overflow occurs when malicious code is injected into the system's designated
memory region. Overflowing the buffer zone's capacity causes surrounding areas of the
application's memory to be overwritten with data, posing a security risk.

Application Security and APM

There is a symbiotic relationship between application performance management and application

security. Improved visibility into highly distributed or complex environments, such as microservices
architecture and cloud applications, is possible with an effective APM strategy.

By providing a full picture of an application's infrastructure and components, measuring ideal

performance with dynamic baselining, and alerting when discrepancies or abnormalities are identified,
the APM data can assist improve software security. When combined with application security
solutions, APM can provide redundancy and additional support for your safety program by increasing
the depth of information about the inner workings of your application and system.

Security Architecture
A cyber security architecture is the foundation of an organization’s defense against cyber threats, and
ensures that all components of its IT infrastructure are protected. Environments that are secured by a
cyber security architecture include:

 Cloud
 Networks
 IoT
 Endpoints
 Mobile

When a cyber security architecture adheres to all seven principles of the Zero Trust security model
(devices, people, data, networks, workload, automation & orchestration, visibility & analytics) an
enterprise can secure data and IT resources wherever they reside.

Protection across the entire IT infrastructure

Pre-emptive threat prevention technology is the key to a modern cyber security architecture blocking
sophisticated attacks before damage can be inflicted. An organization needs to be able to predict and
block unknown malware, as well as known malware, to deliver consistent protection across the entire
IT infrastructure.

Small business and large enterprises should adopt a consolidated cyber security architecture to
protect their most critical assets from advanced cyber attacks.

A holistic approach for creating a cyber security architecture

By employing dozens of vendors’ point security solutions organizations inadvertently create a
patchwork security architecture. The added complexity potentially undermines an organization’s
overall security and results in a higher TCO. By taking a holistic approach to building a cyber security
architecture, organizations can close security gaps, reduce risk, and increase operational efficiency.
This multi-layered, holistic approach to cyber security is referred to as a consolidated security
architecture.

Benefits of a consolidated cyber security architecture

A consolidated cyber security architecture:
 Improves overall security
 Prevents known and unknown zero-day threats in real time
 Automates security across all enforcement points
 Provides full visibility into an organization’s threat posture with a single, unified management
console
 Reduces TCO and increases operational efficiency

Information Security Program:

An information security program consists of a set of activities, projects, and initiatives that support an
organization’s information technology framework. These initiatives also help organizations accomplish
all related business objectives and meet corresponding benchmarks.

Your information security program practices allow you to safeguard key business processes, IT
assets, and employee data from potentially prying eyes. It also identifies individuals or technological
assets that may impact the security or confidentiality of those assets.

Constructing an effective program involves identifying your information security goals. The more
specific these objectives are to your organization’s reality, the more meaningful and dynamic the
underlying initiatives will be. Once those are established, you can define the IT tools and other
information security assets needed to create, launch, and successfully maintain each project.

The Process of Information Security:-

Information security is a process that moves through phases building and strengthening itself
along the way. Security is a journey not a destination. Although the Information Security process
has many strategies and activities, we can group them all into three distinct phases - prevention,
detection, and response.

Each phase requiring strategies and activities that will move the process to the next phase. The
dynamic growth of new threats attacking vulnerabilities requires timely adjustments to the
methodologies in the prevention, detection, and response cycle. A change in one phase affects
the entire process in some form. A proactive strategy adjustment in the prevention phase will
adjust the detection and response activities. Lessons learned during the response phase will be
addressed in the planning of prevention measures and detection configurations. As I have
indicated the Information Security process is a journey, it is a living cycle that is under constant
change due to the threat and vulnerability environment. For successful stewardship of the
process, strategies must be one step ahead of the advisories or at least in step with them. To
accomplish this, each phase must be designed with adequate capabilities and management
oversight to ensure the maturity of these capabilities.

The ultimate goal of the information security process is to protect three unique attributes of
information. They are:
 Confidentiality – Information should only be seen by those persons
authorized to see it. Information could be confidential because it is
proprietary information that is created and owned by the organization or
 it may be customers’ personal information that must be kept confidential
due to legal responsibilities.
 Integrity – Information must not be corrupted, degraded, or modified.
Measures must be taken to insulate information from accidental and
deliberate change.
 Availability – Information must be kept available to authorized persons
when they need

Attacks compromise systems in a number of ways that affect one if not all of these attributes. An
attack on confidentiality would be unauthorized disclosure of information. An attack on integrity
would be the destruction or corruption of information and an attack on availability would be a
disruption or denial of services. Information security protects these attributes by:
 Protecting confidentiality
 Ensuring integrity
 Maintaining availability
An organization succeeds in protecting these attributes by proper planning. Proper planning
before an incident will greatly reduce the risks of an attack and greatly increase the capabilities
of a timely and effective detection and response if an attack occurs. Lets now examine each
phase of the prevent, detect, respond cycle in turn, illustrating the individual process and how
they relate with the whole.

Risk Analysis and Ethical Hacking:-

Risk analysis refers to the review of risks associated with the particular action or event. The risk analysis
is applied to information technology, projects, security issues and any other event where risks may be
analysed based on a quantitative and qualitative basis. Risks are part of every IT project and business
organizations. The analysis of risk should be occurred on a regular basis and be updated to identify
new potential threats. The strategic risk analysis helps to minimize the future risk probability and
damage.

Enterprise and organization used risk analysis:

o To anticipates and reduce the effect of harmful results occurred from adverse events.
o To plan for technology or equipment failure or loss from adverse events, both natural and
human-caused.
o To evaluate whether the potential risks of a project are balanced in the decision process when
evaluating to move forward with the project.
o To identify the impact of and prepare for changes in the enterprise environment.

Benefits of risk analysis

Every organization needs to understand about the risks associated with their information systems to
effectively and efficiently protect their IT assets. Risk analysis can help an organization to improve their
security in many ways. These are:

o Concerning financial and organizational impacts, it identifies, rate and compares the overall
impact of risks related to the organization.
o It helps to identify gaps in information security and determine the next steps to eliminate the
risks of security.
o It can also enhance the communication and decision-making processes related to information
security.
o It improves security policies and procedures as well as develop cost-effective methods for
implementing information security policies and procedures.
 o It increases employee awareness about risks and security measures during the risk analysis
process and understands the financial impacts of potential security risks.

Steps in the risk analysis process

The basic steps followed by a risk analysis process are:

Conduct a risk assessment survey:

Getting the input from management and department heads is critical to the risk assessment process.
The risk assessment survey refers to begin documenting the specific risks or threats within each
department.

Identify the risks:

This step is used to evaluate an IT system or other aspects of an organization to identify the risk
related to software, hardware, data, and IT employees. It identifies the possible adverse events that
could occur in an organization such as human error, flooding, fire, or earthquakes.

Analyse the risks:

Once the risks are evaluated and identified, the risk analysis process should analyse each risk that
will occur, as well as determine the consequences linked with each risk. It also determines how they
might affect the objectives of an IT project.

Develop a risk management plan:

After analysis of the Risk that provides an idea about which assets are valuable and which threats will
probably affect the IT assets negatively, we would develop a plan for risk management to produce
control recommendations that can be used to mitigate, transfer, accept or avoid the risk.

Implement the risk management plan:

The primary goal of this step is to implement the measures to remove or reduce the analyses risks. We
can remove or reduce the risk from starting with the highest priority and resolve or at least mitigate each
risk so that it is no longer a threat.

Monitor the risks:

This step is responsible for monitoring the security risk on a regular basis for identifying, treating and
managing risks that should be an essential part of any risk analysis process.

Types of Risk Analysis

The essential number of distinct approaches related to risk analysis are:

Qualitative Risk Analysis
o The qualitative risk analysis process is a project management technique that prioritizes risk on
the project by assigning the probability and impact number. Probability is something a risk event
will occur whereas impact is the significance of the consequences of a risk event.
o The objective of qualitative risk analysis is to assess and evaluate the characteristics of
individually identified risk and then prioritize them based on the agreed-upon characteristics.
o The assessing individual risk evaluates the probability that each risk will occur and effect on
the project objectives. The categorizing risks will help in filtering them out.
o Qualitative analysis is used to determine the risk exposure of the project by multiplying the
probability and impact.

Quantitative Risk Analysis

o The objectives of performing quantitative risk analysis process provide a numerical estimate of
the overall effect of risk on the project objectives.
o It is used to evaluate the likelihood of success in achieving the project objectives and to estimate
contingency reserve, usually applicable for time and cost.
o Quantitative analysis is not mandatory, especially for smaller projects. Quantitative risk analysis
helps in calculating estimates of overall project risk which is the main focus.

Note:- Self Learning topics [ Sound Operations , Service Security, Component

Parts of Information Security Program ]