Activity 1.1 Ethical Hacking Discussion Activity - JNichollsCyber/SEC-335-Eth-Hacking-Pen-Testing GitHub Wiki

Class activity to define what is meant by ethical hacking.

Introduce yourselves within your assigned group (groups of 3-4).

Take 20 minutes, What should be included in a list of ethical hacking rules and why? Come up with at least 1 rule per student and be prepared to go over these in class. Enter your rules within the text submission for this group assignment.

In class, your group spokesperson can introduce the group members and then enumerate your chosen rules.

Here's an example (don't use this one):

image

The Rules My Group Came Up With Are As Follows:

1. Don’t hack fellow classmates and/or professor.
2. Clear scope of works and follow it strictly- don’t even look at any assets (hosts, networks, usernames) that are not within the defined scope of work.
3. Ensure the person permitting you has the right to give you that permission.
4. Don’t break into any places and conduct any pen testing without permission. 
5. Keep clear lines of communication with whoever hired you.
6. If you find anything that you are not supposed to see, report it immediately and stop what you are doing. 
7. Obey the law and understand local laws. 
8. Document every single thing (Unless it involves rule 6)
9. Create a clear final report that any average Joe could understand
10. Understand the tools that you are using to complete your task so you don't break anything (Don’t experiment in a new environment)
11. If you break something report it to tech support/IT Dept of the company