Security testing is the primary job of ethical hackers. These tests might be configured in such way that the ethical hackers have no knowledge, full knowledge, or partial knowledge of the target of evaluation (TOE).
The term target of evaluation (TOE) is widely used to identify an IT product or system that is the subject of an evaluation. The EC-Council and some security guidelines and standards use the term to describe systems that are being tested to measure their confidentiality, integrity, and availability.
The goal of the security test (regardless of type) is for the ethical hacker to test the security system and evaluate and measure its potential vulnerabilities.
No Knowledge Tests (Blackbox)
No knowledge testing is also known as blackbox testing. Simply stated, the security team has no knowledge of the target network or its systems. Blackbox testing simulates an outsider attack as outsiders usually don't know anything about the network or systems they are probing. The attacker must gather all types of information about the target to begin to profile its strengths and weaknesses. The advantages of blackbox testing include
The disadvantages of blackbox testing include
Full Knowledge Testing (Whitebox)
Whitebox testing takes the opposite approach of blackbox testing. This form of security test takes the premise that the security tester has full knowledge of the network, systems, and infrastructure. This information allows the security tester to follow a more structured approach and not only review the information that has been provided but also verify its accuracy. So, although blackbox testing will typically spend more time gathering information, whitebox testing will spend that time probing for vulnerabilities.
Partial Knowledge Testing (Graybox)
In the world of software testing, graybox testing is described as a partial knowledge test EC-Council literature describes graybox testing as a form of internal test. Therefore, the goal is to determine what insiders can access. This form of test might also prove useful to the organization as so many attacks are launched by insiders.
Types of Security Tests
Several different types of security tests can be performed. These can range from those that merely examine policy to those that attempt to hack in from the Internet and mimic the activities of true hackers. These security tests are also known by many names, including
No matter what the security test is called, it is carried out to make a systematic examination of an organization's network, policies, and security controls. Its purpose is to determine the adequacy of security measures, identify security deficiencies, provide data from which to predict the effectiveness of potential security measures, and confirm the adequacy of such measures after implementation. Security tests can be defined as one of three types, which include high-level assessments, network evaluations, and penetration tests. Each is described as follows:
Although the CEH exam focuses on one type of security test, you should be aware of the different types so that you are fully aware to meet any challenge presented you.
Just remember that penetration tests are not fully effective if an organization does not have the policies and procedures in place to control security. Without adequate policies and procedures, it's almost impossible to implement real security. Documented controls are required.
How do ethical hackers play a role in these tests? That's the topic of the next section.
Hacker and Cracker Descriptions