SAQs

1. Define Ethical Hacking.

What is Ethical Hacking?

Ethical Hacking is the process of identifying and exploiting security vulnerabilities in a computer system, network, or application, but with the intention of improving the overall security posture, rather than causing harm. Also known as penetration testing or white-hat hacking, it involves simulating cyber attacks to test an organization's defenses and uncover weaknesses.

Characteristics of Ethical Hacking

• Conducted with permission from the system owner
• Used to improve security and protect against malicious attacks
• Performed by trained professionals who follow a set of guidelines and best practices
• Focused on identifying vulnerabilities and recommending remedial actions
• Helps organizations to strengthen their security controls and mitigate potential threats

Skills and Knowledge Required

• In-depth knowledge of operating systems, networks, and applications
• Familiarity with security frameworks, regulations, and standards
• Experience with various hacking tools and techniques
• Understanding of threat modeling and risk assessment
• Analytical and problem-solving skills to identify vulnerabilities and develop recommendations

2. Define Smurf Attack.

What is a Smurf Attack?

A Smurf attack is a type of denial-of-service (DoS) attack that uses spoofed IP packets to flood a network with traffic, overwhelming the network's resources and causing disruption.

How Smurf Attack Works