WEBVTT

1
00:00:00.200 --> 00:00:05.679
<v Speaker 1>Have you ever stopped to think about how the biggest organizations,

2
00:00:05.719 --> 00:00:07.440
<v Speaker 1>you know, the ones with all the secrets, keep their

3
00:00:07.440 --> 00:00:10.839
<v Speaker 1>digital stuff safe, or maybe from the other side, how

4
00:00:10.880 --> 00:00:13.800
<v Speaker 1>those what's called the malicious actors are constantly trying to

5
00:00:13.800 --> 00:00:17.399
<v Speaker 1>break in. It's this ongoing battle right Well, today we're

6
00:00:17.440 --> 00:00:21.519
<v Speaker 1>diving deep into exactly that world ethical hacking and penetration testing.

7
00:00:21.760 --> 00:00:24.760
<v Speaker 1>It's all about getting inside an attacker's head, not to

8
00:00:24.760 --> 00:00:27.480
<v Speaker 1>do harm obviously, but to build better defenses. Our goal

9
00:00:27.480 --> 00:00:30.399
<v Speaker 1>here is pretty straightforward. Unpack the core ideas, look at

10
00:00:30.440 --> 00:00:34.520
<v Speaker 1>the common ways attacks happen, and crucially the countermeasures. Basically

11
00:00:34.560 --> 00:00:37.759
<v Speaker 1>a shortcut so you're well informed about cybersecurity. Think of

12
00:00:37.799 --> 00:00:40.759
<v Speaker 1>it like peeking behind the curtain. Yeah, seeing how the

13
00:00:40.799 --> 00:00:43.200
<v Speaker 1>good guys use bad guy tactics to keep our digital

14
00:00:43.240 --> 00:00:45.719
<v Speaker 1>lives secure. And our guide for the steep dive is

15
00:00:45.719 --> 00:00:50.039
<v Speaker 1>a really solid expert review Certified Ethical Hacker CEH Preparation

16
00:00:50.159 --> 00:00:53.280
<v Speaker 1>Guide lesson based review of ethical hacking and penetration testing

17
00:00:53.280 --> 00:00:56.960
<v Speaker 1>by Ahmed Shake. So let's get started. Okay, First off,

18
00:00:57.200 --> 00:01:00.359
<v Speaker 1>ethical hacker? It sounds well like an oxymoron, doesn't What

19
00:01:00.479 --> 00:01:03.159
<v Speaker 1>exactly is an ethical hacker? Why would a company hire

20
00:01:03.240 --> 00:01:03.679
<v Speaker 1>a hacker.

21
00:01:03.840 --> 00:01:05.920
<v Speaker 2>Yeah, it does sound a bit contradictory at first glance,

22
00:01:06.680 --> 00:01:12.000
<v Speaker 2>but it's actually a fascinating fields. Companies actively hire ethical hackers.

23
00:01:12.400 --> 00:01:16.319
<v Speaker 2>Sometimes they're called security testers pen testers. Their job is

24
00:01:16.359 --> 00:01:20.159
<v Speaker 2>to basically think and act exactly like the illegal hackers

25
00:01:20.200 --> 00:01:22.560
<v Speaker 2>they're defending against. They look for vulnerabilities, they try to

26
00:01:22.560 --> 00:01:25.480
<v Speaker 2>exploit them. But here's the absolute key difference, and it's

27
00:01:25.519 --> 00:01:31.519
<v Speaker 2>crucial consent. They have the organization's explicit permission. Their goal

28
00:01:31.680 --> 00:01:35.239
<v Speaker 2>isn't malice, its thread evaluation, security improvement. That's it.

29
00:01:35.400 --> 00:01:39.359
<v Speaker 1>Okay, So I'm picturing like the immune system of a network,

30
00:01:39.400 --> 00:01:42.439
<v Speaker 1>You sort of intentionally expose it to a controlled version

31
00:01:42.480 --> 00:01:44.599
<v Speaker 1>of a threat to see where the weak spots are,

32
00:01:44.640 --> 00:01:47.079
<v Speaker 1>and then you build up the defenses against the real deal.

33
00:01:47.200 --> 00:01:49.319
<v Speaker 2>Precisely, that's a great way to put it. They use

34
00:01:49.319 --> 00:01:51.879
<v Speaker 2>the very same tools, the same techniques as malicious attackers.

35
00:01:52.159 --> 00:01:55.359
<v Speaker 2>They're essentially asking three core questions for the company. One,

36
00:01:55.560 --> 00:01:58.040
<v Speaker 2>what would an attacker actually see if they looked at us? Two,

37
00:01:58.680 --> 00:02:00.840
<v Speaker 2>if they saw that, how would they use that information?

38
00:02:01.040 --> 00:02:04.400
<v Speaker 2>And three, maybe the most important, are we even noticing

39
00:02:04.439 --> 00:02:06.760
<v Speaker 2>these attempts when they happen? Are our alarms going off?

40
00:02:06.799 --> 00:02:08.599
<v Speaker 2>Be Giu's a really proactive view.

41
00:02:08.919 --> 00:02:11.400
<v Speaker 1>Right, that makes total sense. And you hear about different

42
00:02:12.039 --> 00:02:15.280
<v Speaker 1>hats in hacking, right, black hat, white hat? What do

43
00:02:15.360 --> 00:02:15.840
<v Speaker 1>those mean?

44
00:02:16.000 --> 00:02:19.439
<v Speaker 2>Absolutely? The source breaks this down really well, mostly based

45
00:02:19.479 --> 00:02:23.560
<v Speaker 2>on motivation. So black hats they're using their computer skills

46
00:02:23.599 --> 00:02:27.120
<v Speaker 2>for illegal stuff, you know, breaking in, stealing data, causing damage.

47
00:02:27.199 --> 00:02:30.800
<v Speaker 2>White hats, those are our ethical hackers, using their powers

48
00:02:30.840 --> 00:02:35.000
<v Speaker 2>for good, for defense, protecting systems. Then you've got gray hats.

49
00:02:35.240 --> 00:02:38.639
<v Speaker 2>They're interesting. They might find a vulnerability and just well

50
00:02:38.680 --> 00:02:41.439
<v Speaker 2>disclose it publicly, maybe without getting permission first. It's a

51
00:02:41.479 --> 00:02:44.360
<v Speaker 2>bit of a well, a gray area. And the source

52
00:02:44.400 --> 00:02:47.960
<v Speaker 2>even mentions suicide hackers. These are people apparently so committed

53
00:02:48.000 --> 00:02:50.520
<v Speaker 2>to some cause they don't care about getting caught. It

54
00:02:50.560 --> 00:02:53.159
<v Speaker 2>shows motivations can be really complex, not just money.

55
00:02:53.520 --> 00:02:56.680
<v Speaker 1>So ethical hacking really is about flipping the script, using

56
00:02:56.719 --> 00:02:58.759
<v Speaker 1>the attacker's own playbook against them.

57
00:02:59.159 --> 00:03:03.120
<v Speaker 2>Okay, so like an attacker, how does an actual attack unfold?

58
00:03:03.159 --> 00:03:06.879
<v Speaker 2>Book lays out these distinct phases, right, like a roadmap.

59
00:03:06.879 --> 00:03:10.159
<v Speaker 2>What's step one? Right? The very first phase, and it's

60
00:03:10.199 --> 00:03:13.360
<v Speaker 2>absolutely fundamental whether you're an ethical hacker or a malicious one,

61
00:03:13.680 --> 00:03:17.719
<v Speaker 2>is reconnaissance. This is really the planning stage. You're gathering

62
00:03:17.759 --> 00:03:21.000
<v Speaker 2>as much information, as much intelligence as you possibly can

63
00:03:21.319 --> 00:03:23.879
<v Speaker 2>about the target before you do anything else. Think of

64
00:03:23.919 --> 00:03:26.759
<v Speaker 2>it like casing a building before a break in. You

65
00:03:26.840 --> 00:03:30.599
<v Speaker 2>check the locks, watch the guards, learn the routines, all

66
00:03:30.719 --> 00:03:31.280
<v Speaker 2>very quietly.

67
00:03:31.360 --> 00:03:34.080
<v Speaker 1>Okay, what kind of information are we talking about and

68
00:03:34.120 --> 00:03:37.840
<v Speaker 1>how do they get it without setting off alarms? Especially online?

69
00:03:37.960 --> 00:03:43.599
<v Speaker 2>Oh, the range is huge. Domain names, maybe employee phone numbers, definitely,

70
00:03:43.599 --> 00:03:46.879
<v Speaker 2>IP addresses, what services are running on the network, even

71
00:03:46.879 --> 00:03:49.840
<v Speaker 2>if they can spot any intrusion detection systems already in place.

72
00:03:50.680 --> 00:03:52.560
<v Speaker 2>As for well, the source points out a lot of

73
00:03:52.560 --> 00:03:55.560
<v Speaker 2>it is just digging through public records using Google sites

74
00:03:55.599 --> 00:03:59.919
<v Speaker 2>like vital RECs, switchboard, zabasearch, even government sites like us

75
00:04:00.240 --> 00:04:03.240
<v Speaker 2>dot gov. They might also look at archive websites, you know,

76
00:04:03.360 --> 00:04:06.639
<v Speaker 2>using the WaybackMachine archive dot org. Sometimes old versions of

77
00:04:06.680 --> 00:04:10.199
<v Speaker 2>sites have info that's been taken down, and whis tools

78
00:04:10.199 --> 00:04:13.120
<v Speaker 2>are super useful. They give you info on IP addresses,

79
00:04:13.159 --> 00:04:16.399
<v Speaker 2>domain names, sometimes even find company emails or server details.

80
00:04:16.480 --> 00:04:18.480
<v Speaker 1>Wow. So a lot of it is just like serious

81
00:04:18.480 --> 00:04:22.480
<v Speaker 1>homework research. But you mentioned passive versus active reconnaissance earlier.

82
00:04:22.759 --> 00:04:24.279
<v Speaker 1>What's the difference there, Yeah.

83
00:04:24.079 --> 00:04:27.839
<v Speaker 2>That's a key distinction. Passive reconnaissance is all about gathering

84
00:04:27.879 --> 00:04:31.439
<v Speaker 2>info without directly touching the target systems. So that could

85
00:04:31.480 --> 00:04:34.959
<v Speaker 2>be social engineering, talking to people, tricking them, or even

86
00:04:35.120 --> 00:04:38.360
<v Speaker 2>believe it or not, dumpster diving for old documents. You're

87
00:04:38.399 --> 00:04:43.480
<v Speaker 2>just observing basically no direct interaction. Active reconnaissance, on the

88
00:04:43.519 --> 00:04:47.920
<v Speaker 2>other hand, involves direct interaction using tools to say, scan

89
00:04:48.079 --> 00:04:51.319
<v Speaker 2>for open ports, find routers, map out the network, figure

90
00:04:51.319 --> 00:04:55.240
<v Speaker 2>out what operating systems they're using. It's noisier, leaves more

91
00:04:55.279 --> 00:04:58.199
<v Speaker 2>digital footprints, but gets you very specific data.

92
00:04:58.759 --> 00:05:01.360
<v Speaker 1>Got it. So, once they've done all that homework passive

93
00:05:01.399 --> 00:05:03.399
<v Speaker 1>and active, they have a good map of the target.

94
00:05:03.480 --> 00:05:06.360
<v Speaker 2>What's next, Well, that leads directly into the scanning phase.

95
00:05:06.920 --> 00:05:09.560
<v Speaker 2>Now they take all that reconnaissance info and start actively

96
00:05:09.600 --> 00:05:12.920
<v Speaker 2>probing for specific weaknesses. They'll use things like port scanners

97
00:05:12.920 --> 00:05:15.319
<v Speaker 2>to see which doors are open, you know, listening ports

98
00:05:15.319 --> 00:05:18.879
<v Speaker 2>which hint at running services, or they'll run vulnerability scanners

99
00:05:18.920 --> 00:05:21.240
<v Speaker 2>to find known flaws in the software or set up.

100
00:05:21.920 --> 00:05:24.160
<v Speaker 2>It's like zooming in after the wide shot.

101
00:05:23.959 --> 00:05:27.600
<v Speaker 1>And after scanning finding those potential entry points. I assume

102
00:05:27.639 --> 00:05:29.519
<v Speaker 1>the big goal is usually gaining access.

103
00:05:29.959 --> 00:05:34.879
<v Speaker 2>Usually, yes, that's often the main objective, though, like we mentioned,

104
00:05:35.079 --> 00:05:37.800
<v Speaker 2>sometimes the goal is different, like a denial of service

105
00:05:37.800 --> 00:05:40.399
<v Speaker 2>attack just wants to shut things down, not get inside.

106
00:05:40.800 --> 00:05:44.279
<v Speaker 2>But yeah, gaining access is common. Whether they succeed depends

107
00:05:44.319 --> 00:05:46.000
<v Speaker 2>on a lot of things, the systems set up, how

108
00:05:46.000 --> 00:05:49.560
<v Speaker 2>well is configured, and frankly, the attacker's own skill level

109
00:05:49.600 --> 00:05:51.759
<v Speaker 2>in exploiting what they found during scanning.

110
00:05:51.959 --> 00:05:55.199
<v Speaker 1>And once they're in, they don't just like wave and leave, right,

111
00:05:55.279 --> 00:05:56.319
<v Speaker 1>they'd want to stick around.

112
00:05:56.399 --> 00:06:00.000
<v Speaker 2>Oh definitely not ye, that's the maintaining access phase. As

113
00:06:00.160 --> 00:06:02.959
<v Speaker 2>they're in, they'll try to insalve backdoors, maybe root kits,

114
00:06:03.160 --> 00:06:05.480
<v Speaker 2>things that let them get back in easily later, even

115
00:06:05.519 --> 00:06:07.920
<v Speaker 2>if the original way they got in gets fixed. It's

116
00:06:07.959 --> 00:06:11.519
<v Speaker 2>about making sure they have persistent control. And then, just

117
00:06:11.519 --> 00:06:15.480
<v Speaker 2>as important comes the final phase, covering tracks. They need

118
00:06:15.480 --> 00:06:18.040
<v Speaker 2>to erase any sign they were ever there. That means

119
00:06:18.079 --> 00:06:22.680
<v Speaker 2>altering system logs, deleting files, maybe using clever tricks like steganography,

120
00:06:22.800 --> 00:06:26.279
<v Speaker 2>hiding data inside other files like images or audio, making

121
00:06:26.319 --> 00:06:27.160
<v Speaker 2>themselves ghosts.

122
00:06:27.480 --> 00:06:29.439
<v Speaker 1>This is where it gets really interesting. I think let's

123
00:06:29.439 --> 00:06:33.639
<v Speaker 1>dig into some specific attack types you mentioned social engineering earlier,

124
00:06:33.879 --> 00:06:35.120
<v Speaker 1>exploiting human nature.

125
00:06:35.439 --> 00:06:39.759
<v Speaker 2>Yes, social engineering is absolutely fascinating. Because it often bypasses

126
00:06:39.800 --> 00:06:44.480
<v Speaker 2>technology altogether. It's about psychological manipulation, getting someone to lower

127
00:06:44.480 --> 00:06:47.399
<v Speaker 2>their guard, give up information, or do something they wouldn't

128
00:06:47.399 --> 00:06:51.759
<v Speaker 2>normally do. The source points out six key human tendencies

129
00:06:51.800 --> 00:06:55.600
<v Speaker 2>attackers exploit. One is reciprocation. You feel you owe someone

130
00:06:55.600 --> 00:06:58.720
<v Speaker 2>if they give you something first. Two consistency We like

131
00:06:58.759 --> 00:07:02.519
<v Speaker 2>to stick to our patterns. Three social validation. If others

132
00:07:02.519 --> 00:07:05.480
<v Speaker 2>are doing it, it must be okay. Four liking. We're

133
00:07:05.480 --> 00:07:08.000
<v Speaker 2>more likely to say yes to people we like. Five

134
00:07:08.160 --> 00:07:12.079
<v Speaker 2>authority we tend to obey figures of authority, and six scarcity.

135
00:07:12.079 --> 00:07:15.000
<v Speaker 2>If something seems rare or limited time, we want it more.

136
00:07:15.199 --> 00:07:18.680
<v Speaker 1>It's amazing and kind of scary how those basic human

137
00:07:18.759 --> 00:07:22.399
<v Speaker 1>drivers become tools for attackers. It really highlights that security

138
00:07:22.439 --> 00:07:24.800
<v Speaker 1>isn't just about firewalls, right, You need to account for

139
00:07:24.800 --> 00:07:27.759
<v Speaker 1>the human element. So human based stuff is like impersonation,

140
00:07:27.879 --> 00:07:30.839
<v Speaker 1>looking over someone's shoulder, dumpster diving. What about computer based

141
00:07:30.920 --> 00:07:31.759
<v Speaker 1>social engineering?

142
00:07:31.959 --> 00:07:34.879
<v Speaker 2>Right? So computer based methods usually involve using software to

143
00:07:34.879 --> 00:07:38.360
<v Speaker 2>trick people, and that ties directly into another huge category

144
00:07:38.360 --> 00:07:42.240
<v Speaker 2>of threats malware malicious software.

145
00:07:41.959 --> 00:07:45.240
<v Speaker 1>Ah yes, malware, trojans, viruses, worms.

146
00:07:45.720 --> 00:07:48.199
<v Speaker 2>We hear these terms constantly. Are they basically the same

147
00:07:48.360 --> 00:07:49.759
<v Speaker 2>or are there important differences?

148
00:07:50.160 --> 00:07:52.600
<v Speaker 1>That's a really common question, and no, they're definitely not

149
00:07:52.639 --> 00:07:56.439
<v Speaker 1>the same. The differences are important. So trojans or trojan horses.

150
00:07:56.800 --> 00:08:00.439
<v Speaker 1>They're nasty programs disguised as something useful or legitimate, Like

151
00:08:00.480 --> 00:08:02.839
<v Speaker 1>the old story, They trick you into letting them in.

152
00:08:03.240 --> 00:08:05.560
<v Speaker 1>Once inside, they can do all sorts of bad things,

153
00:08:05.759 --> 00:08:08.560
<v Speaker 1>steal your data, use your computer to store i llegal stuff,

154
00:08:08.720 --> 00:08:11.439
<v Speaker 1>even turn it into a server for spreading pirate and software.

155
00:08:11.800 --> 00:08:14.319
<v Speaker 1>The source even mentioned some weird symptoms like your CD

156
00:08:14.439 --> 00:08:18.120
<v Speaker 1>ROM drawer randomly opening and closing, or your screen blinking

157
00:08:18.160 --> 00:08:20.879
<v Speaker 1>oddly bizarre, but it could be a sign. It lists

158
00:08:20.920 --> 00:08:23.920
<v Speaker 1>specific ports they often use, like three to one three

159
00:08:24.000 --> 00:08:24.560
<v Speaker 1>three seven.

160
00:08:24.720 --> 00:08:29.079
<v Speaker 2>Wow. Okay, what about viruses and worms? Viruses need a

161
00:08:29.120 --> 00:08:31.959
<v Speaker 2>host like a program or document to attach themselves co

162
00:08:32.320 --> 00:08:34.240
<v Speaker 2>and they usually need a human to do something like

163
00:08:34.320 --> 00:08:37.720
<v Speaker 2>open that infected attachment to actually spread and activate. They

164
00:08:37.720 --> 00:08:43.519
<v Speaker 2>can corrupt files, slow things down, cause weird system behavior. Worms, though,

165
00:08:43.799 --> 00:08:46.399
<v Speaker 2>are different. They're self replicating. They don't need a human

166
00:08:46.440 --> 00:08:49.519
<v Speaker 2>to click anything. They spread across networks all by themselves

167
00:08:49.559 --> 00:08:53.840
<v Speaker 2>by exploiting security holes much faster potentially much more widespread damage.

168
00:08:53.879 --> 00:08:57.960
<v Speaker 1>Yeah, that sounds particularly nasty, Okay, shifting gears slightly. Passwords

169
00:08:58.080 --> 00:09:00.679
<v Speaker 1>everyone uses them? What are the common ways attackers go

170
00:09:00.759 --> 00:09:01.720
<v Speaker 1>after passwords?

171
00:09:01.919 --> 00:09:04.799
<v Speaker 2>Passwords are still the main way we authenticate online, so yeah,

172
00:09:04.879 --> 00:09:08.360
<v Speaker 2>they're huge targets. Attacks very quite a bit. There's passive sniffing.

173
00:09:08.480 --> 00:09:11.200
<v Speaker 2>An attacker just listens in on network traffic, hoping someone

174
00:09:11.200 --> 00:09:15.399
<v Speaker 2>sends a password unencrypted, less common now with HTTPS everywhere,

175
00:09:15.399 --> 00:09:18.159
<v Speaker 2>but it still happens. Then you have active attacks. This

176
00:09:18.240 --> 00:09:21.080
<v Speaker 2>could be simple password guessing, maybe using info they found

177
00:09:21.080 --> 00:09:24.480
<v Speaker 2>it during reconnaissance, or using dictionary lists of common passwords.

178
00:09:24.919 --> 00:09:28.480
<v Speaker 2>Offline attacks are really dangerous if an attacker gets their

179
00:09:28.519 --> 00:09:31.320
<v Speaker 2>hands on the file where password hashes the encrypted versions

180
00:09:31.320 --> 00:09:33.480
<v Speaker 2>are stored. Once they have that file, they could try

181
00:09:33.519 --> 00:09:36.919
<v Speaker 2>to crack the hashes offline, using things like rainbow tables

182
00:09:36.919 --> 00:09:39.639
<v Speaker 2>pre calculated tables to quickly find the original password from

183
00:09:39.639 --> 00:09:43.840
<v Speaker 2>the hash. Wh're just brute force attacks trying every single combination.

184
00:09:44.440 --> 00:09:48.080
<v Speaker 2>The source specifically notes that older Windows systems use something

185
00:09:48.080 --> 00:09:51.600
<v Speaker 2>called LM hashes, which are way less secure than the

186
00:09:51.639 --> 00:09:55.759
<v Speaker 2>newer NT hashes, much easier to crack, and of course

187
00:09:55.759 --> 00:09:58.480
<v Speaker 2>you still have non technical attacks again, shoulder surfing just

188
00:09:58.480 --> 00:10:01.960
<v Speaker 2>looking over someone's shoulder, or social engineering them into revealing it.

189
00:10:02.120 --> 00:10:05.559
<v Speaker 1>Right, the human factor again. We also hear a lot

190
00:10:05.559 --> 00:10:09.360
<v Speaker 1>about denial of service attacks DOS. What's the main goal there?

191
00:10:09.519 --> 00:10:11.480
<v Speaker 1>It's not stealing data, is it? No?

192
00:10:11.639 --> 00:10:14.679
<v Speaker 2>Exactly. A DOS attack isn't about getting in. Yeah, it's

193
00:10:14.679 --> 00:10:18.639
<v Speaker 2>about making a service or a website completely unavailable to

194
00:10:18.759 --> 00:10:22.399
<v Speaker 2>legitimate users. They do this either by flooding the target

195
00:10:22.399 --> 00:10:25.080
<v Speaker 2>system with way more traffic than it can possibly handle,

196
00:10:25.240 --> 00:10:29.480
<v Speaker 2>just overwhelming it, or sometimes by sending deliberately malformed data

197
00:10:29.519 --> 00:10:31.919
<v Speaker 2>packets that crash its network systems.

198
00:10:32.039 --> 00:10:34.519
<v Speaker 1>So it's like sending a million fake letters to a

199
00:10:34.559 --> 00:10:36.600
<v Speaker 1>post office so the real mail can't get through.

200
00:10:36.720 --> 00:10:39.519
<v Speaker 2>That's a good analogy. Yeah, And the even bigger version

201
00:10:39.559 --> 00:10:42.240
<v Speaker 2>is a distributed denial of service attack or d OS.

202
00:10:42.639 --> 00:10:45.519
<v Speaker 2>This uses a whole network of already compromised computers. They're

203
00:10:45.559 --> 00:10:48.320
<v Speaker 2>called zombies or bots, all attacking the target at once.

204
00:10:48.919 --> 00:10:52.080
<v Speaker 2>That network of bots is called a botnet. What makes

205
00:10:52.120 --> 00:10:54.559
<v Speaker 2>DTAs so tough is that the attack comes from hundreds

206
00:10:54.639 --> 00:10:57.360
<v Speaker 2>or thousands of different places, making it really hard to

207
00:10:57.399 --> 00:11:00.519
<v Speaker 2>block and almost impossible to trace back to the original attacker.

208
00:11:00.559 --> 00:11:01.399
<v Speaker 2>Pulling the strings.

209
00:11:01.559 --> 00:11:05.480
<v Speaker 1>Okay, so we've looked at how attackers think, their playbook,

210
00:11:05.519 --> 00:11:08.559
<v Speaker 1>their tools. How do ethical hackers use all that intel

211
00:11:08.639 --> 00:11:11.200
<v Speaker 1>to actually build defenses? What are the countermeasures?

212
00:11:11.519 --> 00:11:13.679
<v Speaker 2>Well, the good news is for pretty much every attack

213
00:11:13.759 --> 00:11:17.039
<v Speaker 2>vector we've talked about, there are countermeasures, and ethical hackers

214
00:11:17.039 --> 00:11:20.679
<v Speaker 2>are absolutely key in testing those defenses before an attack happens.

215
00:11:21.000 --> 00:11:24.679
<v Speaker 2>The source really emphasizes layered defenses. It's not just one thing.

216
00:11:25.000 --> 00:11:27.000
<v Speaker 2>You start with basics like fear walls. They act like

217
00:11:27.000 --> 00:11:30.519
<v Speaker 2>guards at the gate, filtering traffic spotting probes. Then you

218
00:11:30.559 --> 00:11:34.120
<v Speaker 2>add network intrusion detection systems or IDs. These are more

219
00:11:34.159 --> 00:11:38.799
<v Speaker 2>like security cameras inside, watching for suspicious activity, identifying, scanning attempts,

220
00:11:38.840 --> 00:11:41.759
<v Speaker 2>things like that, and simple stuff too, like closing any

221
00:11:41.799 --> 00:11:45.360
<v Speaker 2>network ports on servers and workstations that aren't absolutely needed

222
00:11:45.919 --> 00:11:48.840
<v Speaker 2>reduces the surface area an attacker can target beyond the

223
00:11:48.840 --> 00:11:52.559
<v Speaker 2>network gear. Password hygiene is huge. That means strong policies

224
00:11:52.559 --> 00:11:56.120
<v Speaker 2>making people use complex passwords. The source suggests longer than

225
00:11:56.159 --> 00:12:00.720
<v Speaker 2>fifteen characters to disable those old weak LM hashes, and importantly,

226
00:12:01.080 --> 00:12:04.720
<v Speaker 2>using multi factor authentication whenever you can. That second factor

227
00:12:04.759 --> 00:12:08.279
<v Speaker 2>makes stolen passwords much less useful for social engineering. The

228
00:12:08.320 --> 00:12:11.919
<v Speaker 2>best defense is user education, seriously trading people to spot

229
00:12:11.919 --> 00:12:15.480
<v Speaker 2>phishing emails, to question unusual request for information. Users need

230
00:12:15.519 --> 00:12:18.759
<v Speaker 2>to be the first line of defense. And finally the basics,

231
00:12:19.240 --> 00:12:23.480
<v Speaker 2>keep your antivirus software updated and patch your systems Regularly.

232
00:12:23.519 --> 00:12:26.799
<v Speaker 2>Applying software updates closes the known security holes that malware

233
00:12:26.840 --> 00:12:27.600
<v Speaker 2>loves to exploit.

234
00:12:27.759 --> 00:12:31.240
<v Speaker 1>So how do ethical hackers put all this together in practice,

235
00:12:31.279 --> 00:12:34.519
<v Speaker 1>like during a penetration test? What does that actually involve?

236
00:12:34.720 --> 00:12:37.440
<v Speaker 2>Right? A penetration test or pen test is basically that

237
00:12:37.480 --> 00:12:40.519
<v Speaker 2>simulated attack we talked about. It's designed to find out

238
00:12:40.639 --> 00:12:44.480
<v Speaker 2>exactly how a real attacker could break in the source mentions.

239
00:12:44.480 --> 00:12:48.799
<v Speaker 2>Two main ways they approach these tests black box testing. Here,

240
00:12:49.039 --> 00:12:52.240
<v Speaker 2>the tester knows absolutely nothing about the target system beforehand,

241
00:12:52.279 --> 00:12:54.960
<v Speaker 2>just maybe a company name or an IP address. They

242
00:12:55.000 --> 00:12:57.519
<v Speaker 2>have to figure everything out from scratch, just like a

243
00:12:57.519 --> 00:13:01.840
<v Speaker 2>real external attacker would. Then there's whitebox testing. In this case,

244
00:13:01.840 --> 00:13:04.240
<v Speaker 2>the tester gets a lot of information up front, maybe

245
00:13:04.240 --> 00:13:08.399
<v Speaker 2>network diagram, source code, system configurations. This simulates an insider

246
00:13:08.519 --> 00:13:10.519
<v Speaker 2>threat or maybe an attacker who's already done a lot

247
00:13:10.519 --> 00:13:11.240
<v Speaker 2>of reconnaissance.

248
00:13:11.399 --> 00:13:14.960
<v Speaker 1>Both sound incredibly valuable for finding different kinds of weaknesses.

249
00:13:15.279 --> 00:13:17.679
<v Speaker 1>It really is about finding those holes before the actual

250
00:13:17.720 --> 00:13:24.639
<v Speaker 1>criminals do hashtag tag tag depryo outtrack copery. Wow, So

251
00:13:24.720 --> 00:13:26.799
<v Speaker 1>today we've really gone deep into the world of the

252
00:13:26.799 --> 00:13:29.799
<v Speaker 1>ethical hacker. We've walked through the stages of a cyber attack,

253
00:13:29.879 --> 00:13:32.919
<v Speaker 1>from that initial reconnaissance and scanning all the way through

254
00:13:33.000 --> 00:13:36.399
<v Speaker 1>gaining access, staying hidden and covering tracks. We looked at

255
00:13:36.480 --> 00:13:39.919
<v Speaker 1>clever tactics like social engineering, the different flavors of malware

256
00:13:40.039 --> 00:13:43.919
<v Speaker 1>like trojans and worms, and those overwhelming denial of service attacks.

257
00:13:44.200 --> 00:13:46.200
<v Speaker 2>Yeah, and I think the biggest takeaway really is that

258
00:13:46.240 --> 00:13:49.320
<v Speaker 2>cybersecurity isn't something you just said and forget. It's this

259
00:13:49.559 --> 00:13:53.840
<v Speaker 2>constant back and forth, this arms race. Understanding how attackers operate,

260
00:13:53.879 --> 00:13:57.519
<v Speaker 2>whether it's exploiting tech flaws or human psychology, that's absolutely

261
00:13:57.559 --> 00:13:59.960
<v Speaker 2>the critical first step to building defenses that actually work.

262
00:14:00.320 --> 00:14:02.440
<v Speaker 2>In ethical hackers, they're on the front lines of that,

263
00:14:02.519 --> 00:14:05.399
<v Speaker 2>constantly testing, pushing, strengthening our digital walls.

264
00:14:05.559 --> 00:14:08.240
<v Speaker 1>So as our lives get more and more intertwined with

265
00:14:08.320 --> 00:14:11.679
<v Speaker 1>the digital world, think about this, How does understanding this

266
00:14:11.759 --> 00:14:15.480
<v Speaker 1>attacker mindset empower you, not just as someone using tech,

267
00:14:15.519 --> 00:14:18.000
<v Speaker 1>but as a digital citizen. How can you use this

268
00:14:18.120 --> 00:14:20.879
<v Speaker 1>knowledge to protect yourself better and maybe even contribute to

269
00:14:20.879 --> 00:14:24.320
<v Speaker 1>a safer online environment for everyone. What steps, big or

270
00:14:24.320 --> 00:14:26.600
<v Speaker 1>small will you take now to make yourself a harder

271
00:14:26.720 --> 00:14:28.159
<v Speaker 1>target something to consider.