1.73M
Похожие презентации:
Hacking Lab
Hacking Lab
Chapter 1.Introduction to Ethical Hacking LAB
Chapter 1.Introduction to Ethical Hacking LAB
Hacker techniques, tools, and incident handling. (Chapter 1)
Hacker techniques, tools, and incident handling. (Chapter 1)
Analysis of telecommunication network security mechanisms based on security events
Analysis of telecommunication network security mechanisms based on security events
Database Security
Database Security
Introduction to information security
Introduction to information security
Global picture of modern threats in Cyber Security
Global picture of modern threats in Cyber Security
Common network attacks
Common network attacks
Cybersecurity
Cybersecurity
Database Security
Database Security

lec 1

1.

Ethical hacking
Author: Zhumabekov Dias Zhumabekouly
E-mail: dias.zhumabekov@narxoz.kz
ТЕМА

2.

3
What Ethical Hacking Is
Ethical hacking is a part of information security that focuses on legally checking computer systems,
networks, and applications for security weaknesses. These checks are carried out with official
permission and follow clear rules, which makes ethical hacking different from illegal hacking. The
main purpose is not to damage systems, but to find problems before real attackers can exploit
them.
In this course, students learn to look at digital systems from the point of view of a potential
attacker. This does not mean learning how to cause harm. Instead, it helps students understand
how attacks happen, why systems fail, and where security mistakes are usually made. By thinking
this way, students can design and maintain systems that are more secure and resistant to attacks.
Ethical hacking is therefore used as a practical and educational tool. It helps improve the reliability
of systems, reduces the risk of data breaches, and supports long-term system stability. Through
this approach, students develop both technical skills and a responsible attitude toward
cybersecurity, understanding that strong security is a key requirement for modern digital solutions.
03

3.

Why This Subject Is Relevant?
01
02
03
Modern organizations rely on
web applications, cloud
platforms, and network
infrastructures to store and
process sensitive data. As
systems become more complex,
the number of potential
vulnerabilities increases,
expanding the attack surface.
Security incidents such as data
breaches or service disruptions
can cause serious financial,
legal, and reputational damage.
Even a single vulnerability can
compromise an entire system,
making proactive security
assessment essential.
Today’s IT specialists must
understand not only how to build
systems, but also how to identify
risks and prevent security threats
throughout the system lifecycle.
Ethical hacking provides the
knowledge and mindset needed
to meet these challenges.

4.

Ethical Hacking and the Law
A fundamental characteristic of
ethical hacking is its legal nature.
All activities are performed only
with the permission of the system
owner and within predefined
rules. This means that a specialist
is not allowed to exceed the
agreed scope, exploit
vulnerabilities for personal
benefit, or cause damage to the
system. Thus, ethical hacking
always operates within the
boundaries of the law and
professional ethics.
The relationship between burnout
and medical errors
3
Existing
early
detection
and
prevention approaches, including:

5.

Distinguishing Types of Hacking Activity
In the field of information security, several types of hacking activity are commonly distinguished based on
intent, legality, and ethical responsibility. Understanding these distinctions is essential for developing a
correct professional mindset in cybersecurity.
Black Hat hackers are individuals who engage in illegal activities aimed at breaching systems for personal
gain, financial profit, or malicious intent. Their actions often result in data theft, system damage, or service
disruption. Such activities fall entirely outside the scope of this course and are discussed only at a
conceptual level for risk awareness.
White Hat hackers, also known as ethical hackers, operate within legal and ethical boundaries. They perform
security testing with explicit authorization from system owners and follow predefined rules and limitations.
The primary objective of White Hat hacking is system protection, vulnerability identification, and risk
reduction.
Gray Hat hackers occupy an intermediate position between Black Hat and White Hat categories. While they
may not always act with malicious intent, their activities can violate legal or ethical boundaries due to the
absence of proper authorization. This category highlights the importance of legality and consent in
cybersecurity practices.
This classification emphasizes that ethical hacking is not defined by technical skills alone, but by
responsibility, authorization, and purpose. Clearly understanding these roles helps students develop
professional ethics and recognize the importance of lawful and controlled security testing.

6.

Learning Objectives of the Discipline
Within this course, students do not focus on isolated attack techniques, but rather on general principles of
security analysis. The main objective of the discipline is to teach how to identify vulnerabilities, understand
the reasons behind their occurrence, and assess potential consequences. This approach helps future
specialists develop the ability to make technically and architecturally sound decisions with security
considerations in mind.

7.

Methodological Approach
Ethical hacking is based on formalized and widely accepted security testing
methodologies. One of the key references used in the course is OWASP, which
develops international guidelines for web application security. The use of such
standards allows the security analysis process to be structured and ensures that
testing results are objective and reproducible.

8.

Stages of Ethical Testing
The ethical hacking process typically consists of several stages.
First, information about the system and its components is
collected. Next, configurations and potential entry points are
analyzed. After that, the feasibility of exploiting identified
vulnerabilities and their impact on the system is assessed. The
final stage is the preparation of a report containing findings
and recommendations for improving security.

9.

Limitations of the Academic Course
It is important to emphasize that within the academic
framework, no testing is conducted on real commercial,
banking, or government systems. All practical tasks are
performed exclusively in educational environments,
laboratory setups, and simulation platforms. This
approach ensures safety, legality, and compliance with
academic standards.

10.

Limitations of the Academic Course
It is important to emphasize that within the academic
framework, no testing is conducted on real commercial,
banking, or government systems. All practical tasks are
performed exclusively in educational environments,
laboratory setups, and simulation platforms. This
approach ensures safety, legality, and compliance with
academic standards.

11.

Connection with Other IT Disciplines
Ethical hacking is closely related to areas such as networking, web
development, databases, operating systems, and cryptography. It allows
students to integrate knowledge from these disciplines and view an
information system as a holistic entity. This helps students better
understand the relationship between architectural decisions and the overall
level of security.

12.

Overall Value of the Course
In conclusion, ethical hacking is a discipline aimed not at teaching
how to break systems, but at developing a culture of information
security. The course fosters analytical thinking, responsibility, and
awareness of risks faced by modern digital systems. These
competencies are essential for preparing specialists capable of
designing and maintaining secure IT solutions.

13.

THANK YOU FOR YOUR ATTENTION
ТЕМА
English     Русский Правила