Ethical Hacking: Three Different Shades for Business Security

Verified

Added on 2023/04/05

AI Summary

This report delves into the realm of ethical hacking, focusing on three distinct approaches: black box, white box, and gray box. It begins by highlighting the challenges faced by business organizations in the face of increasing cyber threats, emphasizing the importance of data security, particularly for e-commerce and data warehousing businesses. The report then provides detailed recommendations for implementing ethical hacking procedures, introducing the black box approach, which involves ethical hackers with no prior knowledge of the system; the white box approach, where hackers have full system knowledge; and the gray box approach, a hybrid model that combines elements of both. Each approach is analyzed in terms of its benefits and potential drawbacks, with specific examples of their applications in different business contexts. The report concludes by summarizing the suitability of each approach for various organizational scenarios, such as e-commerce businesses and multinational corporations, and emphasizes the significance of ethical hacking in fortifying network security and protecting organizational assets. The report also includes a comprehensive list of references to support its findings.

Running head: THREE DIFFERENT SHADES OF ETHICAL HACKING
Three Different Shades of Ethical Hacking
Name of the Student
Name of the University
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

2THREE DIFFERENT SHADES OF ETHICAL HACKING
Table of Contents
1. Introduction......................................................................................................................3
2. Discussion........................................................................................................................3
2.1 General description of the situation faced by the business organizations.................3
2. 2 Recommendations for the introduction of the ethical hacking procedures..............4
3. Black box approach.........................................................................................................4
4. White box approach.........................................................................................................5
5. Gray box approach...........................................................................................................5
6. Conclusion.......................................................................................................................6

3THREE DIFFERENT SHADES OF ETHICAL HACKING
1. Introduction
The notable purpose of this paper is to focus on the reviewing the different shades
of ethical hacking; the paper will be very much important for the business organizations
who want to introduce ethical hacking in their ethical environment. The ethical hacking
procedures will be very much useful for business organizations as most of them want to
improve their internal security using the ethical hacking procedures (Regalado et al.,
2015). The loopholes of the networking infrastructure of the organizations can be
identified using ethical hacking procedures. The proactive ethical methods can be
successfully used to prevent the malicious hacking procedures which are often used by
the cyber criminals these days.
2. Discussion
2.1 General description of the situation faced by the business organizations
The intrusive attacks of the cyber criminals can be depended upon the category of
the organizations they are planning to attack. Most of the global Information Technology
business organizations consider data as their prime assets which are transported from one
unit of the organization to another using the private network.
The e-commerce business has numerous internal and external stakeholders such
as the provider of the raw materials who are the internal stakeholders of the business and
the clients who are the external stakeholders of the business (Smith & Morrison, 2018).
The business can have a threat from both inside and outside their working environments.

4THREE DIFFERENT SHADES OF ETHICAL HACKING
There is an increasing threat to most of the organizational assets in the data
warehousing business, intrusions and other illegal networking activities are very common
in this industry as well (Trabelsi & McCoey, 2016). The network intruders or the cyber
criminals intercepts messages and encrypts or alters the data which usually have a direct
negative impact on the growth and productivity of the organization.
The following unit of the paper will be discussing and recommending the
approaches which might be taken by the management team of the above discussed
business to improve their existing security postures.
2. 2 Recommendations for the introduction of the ethical hacking procedures
To meet with the challenges thrown by the cyber criminals to the network
security of the organizations the following recommendations can be very much useful to
increase their desired security postures.
 Black box approach
 White box approach
 Gray box approach
3. Black box approach
The criminals using approaches such as script novices, astute hacking techniques,
ueberhackers and attacks coming from inside the organization can be restricted with
the help of the black box approach. The attacks coming from the criminals from both
inside or outside the working environment can be restricted using the black box
approach, in this approach the ethical hacker has no knowledge of systems being
hacked (Hartley, Medlin & Houlik, 2017). The penetration and the vulnerabilities of

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

5THREE DIFFERENT SHADES OF ETHICAL HACKING
the attack can be resolved using the black box approach which is very much helpful
to identify the vulnerabilities in a computer network to deal with the above stated
approaches from the cyber criminals. The backdoors in the network can be eliminated
using the black box approach. Thus the black box approach can be very much useful
in the business organizations to deal with both the internal and external network
intrusions (Wang & Yang, 2017). Certified ethical hackers are required by the
organizations to follow this approach. The e-commerce business can use this
approach in their private networks as it may have threats from inside the organization
as well.
4. White box approach
This category of approach states that ethical hackers have full knowledge about
the systems and the network they are targeting. The variables associated with the
penetration procedures followed by the cybercriminals can be mitigated with the help of
this white box approach. The information regarding the transmission of the data from one
unit of the organization to another has few loopholes in terms of the access to the
network which can be solved purposefully with the help of this approach. The money
spent the organization regarding improving of their network security can be also
minimized using this procedure (DeMarco, 2018). Thus this ethical hacking procedure
can be used by the business organization to improve their security postures. Most of the
multinational organization whether data are transported from one part of the world with
another can use this approach in their working environments.

6THREE DIFFERENT SHADES OF ETHICAL HACKING
5. Gray box approach
This hybrid attacking model can be used by the security heads of the business
organizations. The employees of an organization may be working with the cybercriminals
unknowingly, the information obtained about the networking security in the organization
may be useful before the hacking to plan their attack (De Jimenez, 2016). The rules of
engagement must be stated by the management team of the organization so that they can
identify the security risks of the office network. Backup contingency plans are a must for
the Gray box approach as it is this approach may have a negative impact on the
organization also. All the vulnerabilities should be exposed so that it is useful for the
cybercriminals to identify their exact plan of action. Thus the gray approach can be very
much useful for the business organizations to safeguard their organizational assets from
the cyber criminals (Crosbie, 2015). The business organizations such as the data
warehouses can be very much useful if this approach is followed in its working
environment as it has to deal with numerous internal and external stakeholders.
6. Conclusion
The paper concludes three different types of approaches which can be used in
variety of business organizations according to their working schedules. The e-commerce
business may have threats both from inside and outside the working environment which
is compatible with the black box approach. The data which are transported in the MNC’s
from one part of the world to the other part of the world may use the white box approach
to preserve the networking security in their private networks. The use of the gray box

7THREE DIFFERENT SHADES OF ETHICAL HACKING
approach in the data warehousing can be also determined from this paper as this hybrid
model is mostly compatible with the assets of the data warehouses.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

8THREE DIFFERENT SHADES OF ETHICAL HACKING
7. Reference
Crosbie, M. (2015). Hack the cloud: Ethical hacking and cloud forensics. In Cloud
Technology: Concepts, Methodologies, Tools, and Applications (pp. 1510-1526).
IGI Global.
De Jimenez, R. E. L. (2016, November). Pentesting on web applications using ethical-
hacking. In 2016 IEEE 36th Central American and Panama Convention
(CONCAPAN XXXVI) (pp. 1-6). IEEE.
DeMarco, J. V. (2018). An approach to minimizing legal and reputational risk in Red
Team hacking exercises. Computer Law & Security Review, 34(4), 908-911.
Hartley, R., Medlin, D., & Houlik, Z. (2017). Ethical Hacking: Educating Future
Cybersecurity Professionals. In Proceedings of the EDSIG Conference ISSN (Vol.
2473, p. 3857).
Regalado, D., Harris, S., Harper, A., Eagle, C., Ness, J., Spasojevic, B., ... & Sims, S.
(2015). Gray Hat Hacking The Ethical Hacker's Handbook. McGraw-Hill
Education Group.
Smith, H., & Morrison, H. (2018). Ethical Hacking: A Comprehensive Beginners Guide
to Learn and Master Ethical Hacking. CreateSpace Independent Publishing
Platform.
Trabelsi, Z., & McCoey, M. (2016). Ethical hacking in Information Security curricula.
International Journal of Information and Communication Technology Education
(IJICTE), 12(1), 1-10.

9THREE DIFFERENT SHADES OF ETHICAL HACKING
Wang, Y., & Yang, J. (2017, March). Ethical hacking and network defense: Choose your
best network vulnerability scanning tool. In 2017 31st International Conference
on Advanced Information Networking and Applications Workshops (WAINA) (pp.
110-113). IEEE.