The basic connection between network security and ethical hacking is that white hat hackers can be used to test the integrity of a network. These ethical hackers use many of the same methods that criminal, or black hat, hackers use, but they operate with the permission of the network owner. This type of ethical hacking is sometimes referred to as penetration testing, since it can be used to simulate real attacks. By observing this type of tightly controlled hacking, any weak spots in the security of a network can be identified and addressed before an actual attack ever takes place. This can ultimately save an organization money, stop valuable information from being stolen, and prevent the interruption of services.
The concept of network security relates to the prevention of unauthorized access to data or system resources. A network administrator can use a variety of tools and policies to create a secure environment. Public and private networks can both utilize various forms of security, as any network that includes data which is not intended for consumption by the general public typically requires some type of protection. This can be anything from a password protected authentification system to a complex firewall. Network security can also include several layers of protection, such as a business that allows customer access to its Wi-Fi connection but not the contents of its computers.
Network security and ethical hacking are two closely related concepts, since one is essentially defined by the other. White hat hacking is considered ethical because it is authorized by the owner or operator of a network in order to test the limits of a security system. Unlike a black hat hacker who breaks into a system for personal gain or to damage an organization, ethical hackers are employed to identify vulnerabilities so they can be fixed. Penetration tests typically involve direct attacks on a network using various hacking techniques and tools, but it is also possible for an ethical hacker to use other methods such as phishing or even physically breaking into a data center.
There is also another type of hacker, which is referred to as gray hat. While network security and ethical hacking go hand in hand due to the permission of a network administrator, gray hat hackers work without any such authorization. Their activities can reveal network vulnerabilities prior to actual malicious attacks just like authorized penetration testing, but they are still considered criminal by most authorities.