Chat with AI
Business Driven Technology 6th Edition by Paige Baltzan
Edition 6ISBN: 9780073376905Business Driven Technology 6th Edition by Paige Baltzan
Edition 6ISBN: 9780073376905 Exercise 85
Thinking Like the Enemy
David and Barry Kaufman, the founders of the Intense School, recently added several security courses, including the five-day "Professional Hacking Boot Camp" and "Social Engineering in Two Days."
Information technology departments must know how to protect organizational information. Therefore, organizations must teach their IT personnel how to protect their systems, especially in light of the many new government regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), that demand secure systems. The concept of sending IT professionals to a hacking school seems counterintuitive; it is somewhat similar to sending accountants to an Embezzling 101 course. The Intense School does not strive to breed the next generation of hackers, however, but to teach its students how to be "ethical" hackers: to use their skills to build better locks, and to understand the minds of those who would attempt to crack them.
The main philosophy of the security courses at the Intense School is simply "To know thy enemy." In fact, one of the teachers at the Intense School is none other than Kevin Mitnick, the famous hacker who was imprisoned from 1995 to 2000. Teaching security from the hacker's perspective, as Mitnick does, is more difficult than teaching hacking itself: A hacker just needs to know one way into a system, David Kaufman notes, but a security professional needs to know all of the system's vulnerabilities. The two courses analyze those vulnerabilities from different perspectives.
The hacking course, which costs $3,500, teaches ways to protect against the mischief typically associated with hackers: worming through computer systems through vulnerabilities that are susceptible to technical, or computer-based, attacks. Mitnick's $1,950 social engineering course, by contrast, teaches the more frightening art of worming through the vulnerabilities of the people using and maintaining systems-getting passwords and access through duplicity, not technology. People that take this class, or read Mitnick's book, The Art of Deception, never again think of passwords or the trash bin the same way.
So how does the Intense School teach hacking With sessions on dumpster diving (the unsavory practice of looking for passwords and other bits of information on discarded papers), with field trips to case target systems, and with practice runs at the company's in-house "target range," a network of computers set up to thwart and educate students.
One feature of the Intense School that raises a few questions is that the school does not check on morals at the door: Anyone paying the tuition can attend the school. Given the potential danger that an unchecked graduate of a hacking school could represent, it is surprising that the FBI does not collect the names of the graduates. But perhaps it gets them anyhow-several governmental agencies have sent students to the school.
What are the two primary lines of security defense and how can organizational employees use the information taught by the Intense School when drafting an information security plan
David and Barry Kaufman, the founders of the Intense School, recently added several security courses, including the five-day "Professional Hacking Boot Camp" and "Social Engineering in Two Days."
Information technology departments must know how to protect organizational information. Therefore, organizations must teach their IT personnel how to protect their systems, especially in light of the many new government regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), that demand secure systems. The concept of sending IT professionals to a hacking school seems counterintuitive; it is somewhat similar to sending accountants to an Embezzling 101 course. The Intense School does not strive to breed the next generation of hackers, however, but to teach its students how to be "ethical" hackers: to use their skills to build better locks, and to understand the minds of those who would attempt to crack them.
The main philosophy of the security courses at the Intense School is simply "To know thy enemy." In fact, one of the teachers at the Intense School is none other than Kevin Mitnick, the famous hacker who was imprisoned from 1995 to 2000. Teaching security from the hacker's perspective, as Mitnick does, is more difficult than teaching hacking itself: A hacker just needs to know one way into a system, David Kaufman notes, but a security professional needs to know all of the system's vulnerabilities. The two courses analyze those vulnerabilities from different perspectives.
The hacking course, which costs $3,500, teaches ways to protect against the mischief typically associated with hackers: worming through computer systems through vulnerabilities that are susceptible to technical, or computer-based, attacks. Mitnick's $1,950 social engineering course, by contrast, teaches the more frightening art of worming through the vulnerabilities of the people using and maintaining systems-getting passwords and access through duplicity, not technology. People that take this class, or read Mitnick's book, The Art of Deception, never again think of passwords or the trash bin the same way.
So how does the Intense School teach hacking With sessions on dumpster diving (the unsavory practice of looking for passwords and other bits of information on discarded papers), with field trips to case target systems, and with practice runs at the company's in-house "target range," a network of computers set up to thwart and educate students.
One feature of the Intense School that raises a few questions is that the school does not check on morals at the door: Anyone paying the tuition can attend the school. Given the potential danger that an unchecked graduate of a hacking school could represent, it is surprising that the FBI does not collect the names of the graduates. But perhaps it gets them anyhow-several governmental agencies have sent students to the school.
What are the two primary lines of security defense and how can organizational employees use the information taught by the Intense School when drafting an information security plan
Explanation
Verified
Verified
The people and technology are considered...
Business Driven Technology 6th Edition by Paige Baltzan
Why don’t you like this exercise?
Other Minimum 8 character and maximum 255 character
Character 255
