Professional ethical hacking body of knowledge
This interdisciplinary ethical hacking body of knowledge foundation framework represents a working model for ethical hacking professional training and is comprised of several knowledge areas and ...
This interdisciplinary ethical hacking body of knowledge foundation framework represents a working model for ethical hacking professional training and is comprised of several knowledge areas and skillsets.
A set of implementable policy recommendations to inform effective ethical hacking teaching practices in computer science, computer engineering, and software engineering undergraduate programs – spanning instruction (approach), curricula content (what professional ethical hacking skills taught should be), and S&T innovation/technology governance (a public policy initiative). This post is a discussion of the recommendations for the curricula content – these recommendations are presented as a professional ethical hacking body of knowledge (BoK) foundation framework.
The professional ethical hacking body of knowledge foundation framework outlined here was synthesized from literature reviews, in-depth interviews, organizational document reviews, a technology impact assessment using STEI-DMG, and theory (STEI-KW as a knowledge-making epistemology or technology). See The case study methodology. The professional ethical hacking body of knowledge foundation framework represents a working model of ethical hacking professional training and is comprised of several knowledge areas and skillsets that together constitute a body of knowledge foundational framework for ethical hacking education in postsecondary education.
The framework can serve as a basis for an introduction course to cybersecurity in undergraduate computer science, computer engineering, software engineering, and business school (Information Systems Management, and Business IT) programs or as a base model for security awareness training in higher education.
Cybersecurity threats
Social digitization
Technical hacking skills
What do ethical hackers do?
The penetration testing process
OSINT analyst competency areas
Software security – software design and software security testing
Network security – network design and network security testing
Types and techniques of network attacks
Networking layers and classes of cyberattacks
Social hacking skills
Social engineering in ethical hacking
Cybersecurity risk mitigation skills
You may also be interested in The ethical teaching of ethical hacking.
Cybersecurity threats
Societal level threats Cyberwarfare/cyberattacks on critical infrastructure Cyberwarfare/cyberattacks on public service institutions – on essential services and sensitive information
Business level threats Businesses face an increasing risk of cybercrime, especially data breaches from commercial espionage, commercial data theft, and social engineering schemes.
Individual level threats Canadians face a rising cyber risk of falling victim to cybercrime, especially identity theft. State and business surveillance Political interference -malicious online influence activity
Table 1: Cybersecurity Threats Facing Individuals, Businesses, and Society (CSE, 2018)
Social digitization
Social digitization
Digital transformation in higher education
Technical hacking skills
What do ethical hackers do?
The penetration testing process
Teaching ethical hacking skillset (framework)
Key cybersecurity risks/threats to businesses
Information security risk governance
Key information security risks/threats to businesses: DoS and other network attack techniques against information confidentiality, integrity, and availability. A combination of social engineering and malware, especially ransomware. Identity theft through social engineering and phishing schemes.
What do ethical hackers do? Practices, responsibilities, and roles
Penetration testing
Vulnerability assessment vs penetration testing
Risk assessment
Security assessment vs security audit
Responsibilities of ethical hackers
Roles of ethical hackers
Various types of penetration tests can be performed, depending on the strategic objectives of the security assessment: social engineering, network penetration testing, Website security testing, physical premises hacking, and cloud-based system hacking.
The penetration testing process
Steps of the penetration testing process
Penetration testing methodologies and standards
The penetration test report
OSINT analyst competency areas
What is OSINT?
Who uses OSINT technologies and tactics?
OSINT analyst cybersecurity role
Technical competency areas
Social competency areas
Software security – software design and software security testing
Vulnerability discovery and vulnerability assessment and knowledge of exploits, scripts, and viruses and how they work (PPT3, PPT8, PPT14, PPT6, PPT12).
Software coding and programing skills include knowledge of software languages, especially C, C++, and JavaScript (PPT3, PPT14, PPT12).
Network security – network design and network security testing
Skills to protect a future employer’s IT infrastructure or IT network system against unauthorized use or access, including how to test a company’s defences (PPT3, PPT8, PPT14, PPT6, PPT12).
Defense in depth (layered security to protect data/mission critical assets and information management systems). A solid understanding of network protocols – common network protocols, the TCP/IP model, and the OSI model. A solid understanding of network services – IP addressing, Domain Name System (DNS), primary domain email service, Internet access, web content filtering, firewalls, VPN termination, and intrusion prevention systems (IPS). Use of multiple information gathering techniques and technologies to identify and enumerate targets running various operating systems and services. Ability to identify existing vulnerabilities and to execute organized attacks in a controlled manner. Ability to identify and exploit XSS, SQL injection and file inclusion vulnerabilities in web applications.
Table 9: Hacking Skills Coding Table (Network Penetration Testing) Table 23: High-Level Network Security Risk Management Concepts
Types and techniques of network attacks
Information theft, such as stealing passwords, is a confidentiality attack because it allows someone other than the intended recipient to access data (Graves, 2010; Reynolds, 2012; Stamp, 2001). Information confidentiality network attack techniques include packet capturing (e.g., using Wireshark, a network protocol analyzer), port scanning (where an attacker tries to discover the services running on a target computer by scanning the TCP/UDP ports), and wiretapping (where an attacker hacks the telecommunication devices to listen to phone calls).
Information sabotage via viruses or malware is a data integrity attack that compromises the accuracy and reliability of data. Information integrity network attack techniques include session hijacking (where an attacker exploits a computer session to gain unauthorized access to information or services in a computer system with the goal of modifying data accuracy and reliability), and man-in-the-middle attacks (where an attacker sits between two devices that are communicating to manipulate the data as it moves between the two devices).
In a denial-of-service (DoS) attack, a hacker attacks the availability element of information systems. Ransomware can be used by malicious hackers to lock out users until the user pays a ransom to regain access to their information. Information availability network attack techniques include SYN flood attacks and ICMP flood attacks. In SYN flood attacks, an attacker sends many TCPSYN packets to initiate a TCP connection but never sends a SYN-ACK packet back causing a TCP connection failure. In ICMP flood attacks, a targeted computer is inundated with false ICMP packets, causing it to become unresponsive to legitimate traffic.
Networking layers and classes of cyberattacks
Network security risk mitigation best practices The seven layers of the OSI model The five layers of the TCP/IP model
Four classes/types of network attacks/Network security layers
The 15 Layer Cyber Terrain Model (Riley, 2014A)
Social hacking skills
The case for ethics instruction
Social hacking skills – What ethics to teach/ethics instruction
Social engineering in ethical hacking
Karl Weick – sensemaking through organizing
Canada’s cybersecurity threat landscape
Social digitization
Technology impact assessment (using STEI-DMG)
What ethics to teach/ethics instruction
1) Countermeasures component: Prevention component: ethical-legal consequences of unlawful/unauthorized hacking Teaching hacking skills as a comprehensive audit/as skills in QA/IA/IT governance (process focused)
2) The ethics of ethical hackers/professionalism/professional practice in society: Professional ethics/professional codes of conduct and professional values Social values underlying the behavior of professional ethical hackers/computer scientists and computer engineers – sociopolitical values, scientific values, and normative ethics/values
Social engineering in ethical hacking
What is social engineering?
Social engineering in penetration testing
The four most common types of social engineering attacks
Cybersecurity risk mitigation skills
An information security policy covering:
Software development and testing/software security
Network design and testing/network security
Hardware security policy
Standard operating procedures/information command and control policy
Ethical code of conduct
Security awareness training
User responsibility/usage policies (AUP)
Information security risk governance (cybersecurity regulations and IT governance compliance frameworks)
Cybersecurity risk mitigation framework
Technical hacking skills
IT governance
Cybersecurity regulations/regulatory requirements Security and privacy policies and regulations • Regulatory compliance—FERPA • Regulatory compliance—PCI DSS
IT security governance
Key IT governance/cybersecurity compliance frameworks GRC/IA/QA approaches to IT security governance to help implement regulatory requirements/achieve compliance
SDLC/agile software development/Design of security system and components DevSecOps/security-by-design
Security testing
Security awareness
Defense in depth
Access management
Access control Access and authentication IAM User security (passwords, identity, biometry)
Social engineering and critical thinking skills
Application security
Cross site scripting attacks SQL injection attacks
Operating system security
Layered security: IDS/IPS, firewalls, software security
Basic Cryptography and Tools
Cryptography, Key exchange, Security Policies; Encryption
Network protocols
Common network protocols Internet Protocol Suite (the TCP/IP protocol suite) The TCP/IP model and the OSI model
Network enumeration and scanning techniques and technologies
Open technologies AI based intelligence gathering/surveillance technologies
Types of network attacks (passive and active)
Social hacking skills
Risk mitigation component Countermeasures component
Ethical-legal consequences/prevention component Security audit/comprehensive approach to hacking/security testing (vulnerability discovery and mitigation)
Interdisciplinary educational lens (a social science content/context) The ethics of ethical hackers (professionalism/professional practice in society)
Social hacking values (tacit sociopolitical values made explicit) Philosophy of science/scientific method Science of security content
Cybersecurity risk mitigation skills/framework
Technical hacking skills
IT governance
Cybersecurity regulations/regulatory requirements Security and privacy policies and regulations • Regulatory compliance—FERPA • Regulatory compliance—PCI DSS
IT security governance
Key IT governance/cybersecurity compliance frameworks GRC/IA/QA approaches to IT security governance to help implement regulatory requirements/achieve compliance
SDLC/agile software development/Design of security system and components DevSecOps/security-by-design
Security testing
Security awareness
Defense in depth
Access management
Access control Access and authentication IAM User security (passwords, identity, biometry)
Social engineering and critical thinking skills
Application security
Cross site scripting attacks SQL injection attacks
Operating system security
Layered security: IDS/IPS, firewalls, software security
Basic Cryptography and Tools
Cryptography, Key exchange, Security Policies; Encryption
Network protocols
Common network protocols Internet Protocol Suite (the TCP/IP protocol suite) The TCP/IP model and the OSI model
Network enumeration and scanning techniques and technologies
Open technologies AI based intelligence gathering/surveillance technologies
Types of network attacks (passive and active)
Social hacking skills
Risk mitigation component Countermeasures component
Ethical-legal consequences/prevention component Security audit/comprehensive approach to hacking/security testing (vulnerability discovery and mitigation)
Interdisciplinary educational lens (a social science content/context) The ethics of ethical hackers (professionalism/professional practice in society)
Social hacking values (tacit sociopolitical values made explicit) Philosophy of science/scientific method Science of security content
Cybersecurity risk mitigation framework
Last updated