CEHv9 Certified Ethical Hacking – White Hat vs. Black Hat – Why Ethical Hacking is important

Home > Blogs > Security > CEHv9 Certified Ethical Hacking – White Hat vs. Black Hat – Why Ethical Hacking is important

CEHv9 Certified Ethical Hacking – White Hat vs. Black Hat – Why Ethical Hacking is important

Like This Blog 0 Mike Danseglio
Added by March 16, 2016



I’m Mike Danseglio, and I’m an instructor here at Interface Technical Training. One of the classes I teach here at Interface is Certified Ethical Hacking CEHv9. I Ethical hacking is a critical skill-set for anybody to have that’s in IT Security.

Ethical Hacking is all about learning how hackers attack systems, how they look for vulnerabilities, how they examine systems, how they check security, how they use IT techniques and tools that typical IT users would use but in a negative way, in a very bad way, to try to find compromises and vulnerabilities to destroy businesses, extort money, steal, loot, and to do all kinds of very negative, nasty things.

White Hat vs. Black Hat

There’s a differences in the skill-sets here between the IT Professionals that usually Defend systems (White Hat).

They typically understand these are good practices. It’s good to have a firewall in place. It’s good to have a malware scanner in place. It’s good to isolate networks.

That’s not a bad skill-set to have, but a different skill-set is what an Attacker brings to the equation.

The attacker, or (Black Hat), typically brings to the table more of a skill-set of, “I know what the defenders are usually going to do”. They’re usually going to have a firewall. They’re usually going to have malware scanners. What kind of ways can I work around the malware scanners? What different kind of exploits or vulnerabilities can I find in the firewall so that I don’t have to worry about those firewalls stopping my attack? How do I work, how do I get my nefarious negative job, with all of those defenses in place?”

Learning those techniques of the attacker, understanding the “other-side” of IT Security helps enormously to protect a network. Because when you think as an attacker, you think, “I’m setting up this firewall, and it’s this, and it’s that, and the other.” But I wonder how an attacker would look at the firewall. An attacker might use this tool, might use this technique, might probe this way.

While I should have defenses against that, let me find out by banging on the thing, by throwing scanners, Nmap throwing Metasploit at it and other different kinds of spectrum tools, both very focus and very broad at this defense and see, “Does it hold up?” Because this is what an Attacker is going to do.

Not, in theory, theoretically, yes, that firewall should protect against this but in practice, how many times do you try to hack your own firewall to see if you can? That’s what we learned in CEHv9 Certified Ethical Hacking, being able to actually test the defenses with real tools and real techniques that attackers use. That’s the difference between just learning how to protect, and learning how to check the protection, and find the vulnerabilities before an attacker finds them.

Mike Danseglio – CISSP, MCSE, and CEH

Mike Danseglio teaches IT Security Training, Windows, System Center and Windows Server 2012 classes at Interface Technical Training. His classes are available in Phoenix, AZ and online with RemoteLive™.

Videos You May Like

Agile Methodology in Project Management

0 171 0

In this video, you will gain an understanding of Agile and Scrum Master Certification terminologies and concepts to help you make better decisions in your Project Management capabilities. Whether you’re a developer looking to obtain an Agile or Scrum Master Certification, or you’re a Project Manager/Product Owner who is attempting to get your product or … Continue reading Agile Methodology in Project Management

Creating Users and Managing Passwords in Microsoft Office 365

0 745 4

In this Office 365 training video, instructor Spike Xavier demonstrates how to create users and manage passwords in Office 365.   For instructor-led Office 365 training classes, see our course schedulle: Spike Xavier SharePoint Instructor – Interface Technical Training Phoenix, AZ 20347: Enabling and Managing Office 365    

Windows 10 Features and Navigation – December 1, 2015

0 129 1

In this recorded Windows 10 webinar from December 1,2015, Windows Instructor Steve Fullmer presents the navigation and some of the new features associated with Windows 10 including Sysinternals Tools for Windows Client, Windows core concepts, exploring Process Explorer as well as some of the features that are not yet ready for prime time but will … Continue reading Windows 10 Features and Navigation – December 1, 2015

Write a Comment

Share your thoughts...

Please fill out the comment form below to post a reply.