Certified Networked Teacher
Submission
Bartuuin
What I learned was a new perspective, on teaching. I worked a a volunteer tutor at a ged preperation and testing center, for a little over 1 year.In order to go see the article, you will most likely need an account on the site.It is currently being reviewed by the people who moderate the articles. and will be thought over for roughly 24 hours. It was submitted on Dec 1, 2012 at 4:39 pm eastern standerd time.In the event something happens and you cannot view the article on the website, for whatever reason, I have provided a copy of it to you. Thank you for taking the time to consider me for earning this badge.
Copy of the article:
IT Security is a choice for some and a lifestyle for others.It brings us satisfaction that we accomplished something, we learned something new, and we see the world in a different light.A war is waged on the internet, twenty-four hours a day, seven days a week. Some attack and some defend.Targets can include: Corporate Networks, Government Networks and even Home Networks.Most often times attacking a network can be seen as wrong and we as humans commonly only see one side of the coin.Humans as a whole most often times we as humans see offensive security as illegal.It brings up so many questions, such as:
Is being on the defensive side of computer security the only legal and ethical option?
How can being on the offensive side of computer security possibly be legal?
Is there a way to do both, ethically and legally?
How can being on the offensive side of computer security be legal?
Offensive security, is a privilege, not a right, to be held.Company's and governments alike hire on Information Technology Security Professionals for the purpose of pen-testing their networks, as well as to strengthen their defenses.This option is only given to those who have shown integrity, trust, knowledge and understanding of networks and policies as well as loyalty to protecting a company's or governments assets, confidentiality, and the identity of those envolved within the company, regardless of whether they are an employee or a customer.It is an opportunity to explore the network you were authorized to pen-test, an opportunity to try new attack vectors and an opportunity to become more efficient on the pen-testing side of things.Typical pen-tests consist of the following:
Rules and guidelines as to what is allowed and not allowed during the authorized pen-test
List of systems the government, company or entity wishes to have tested
Methods allowed to pen-test the target network given the amount of resources available(A smaller company for example may not allow a simulated DDoS attack but a larger company might for purposes of network stress testing)
Is there a way to do both, ethically and legally? Yes, while practicing offensive security, you practice writing patches for the security holes that you do find.Some other methods for practicing defensive security, during penetration tests, are all common knowledge, such as:
Keeping your computers and servers, up to date
Using strong passwords of at least twelve characters, while using uppercase and lowercase letters, number and symbols.
Keeping your defenses such as IDS, IPS, firewalls, etc. up-to-date
Those are but a few examples.From there, you expand your skills and knowledge further you can even test your own systems, or petition a company to set up computers and servers with there defenses at max, to see if you can get around the heightened security.
Is being on the defensive side of computer security the only legal and ethical option? No, as referenced above, company's, governments and other organizations hire not only defensive security IT professionals, but offensive security IT professionals as well.The more you know and the higher the integrity you have, the higher chances you have of becoming an offensive security professional are.
In closing, I can only hope that this was an insightful, inspiring essay that has shed some light on the offensive security world.An IT professional who specializes in digital forensics known as Allan Brill once said "there is a difference and the difference is this: I think the typical forensics specialist is somebody that has that skill set but their moral compass has rusted on good." This is also true for offensive security.
Progress:
- Received 0 reviews of the 2 reviews needed.
- The posted reviews give this work submission a total average score of 0.00 (needs to be at least 3 for the badge to be awarded).