Security + Domain 1.8

What is passive reconnaissance?

one is not interacting directly with the target and the target has no way of knowing, recording or logging activity

What are tools used in passive footprinting?

Browsing target website, google search, WHOIS lookup and visiting social media profiles

How are Drones used in passive reconnaissance?

Can be used is multiple ways for passive recon, from assessing physical security to gathering wireless network information

What is pen test cleanup?

Finial stage of a pen test, which all work done during the test is cleaned up /removed

What are tools used in active Footprinting?

Ping sweeps, tracert analysis, Nmap and extracting DNS information

What is War flying?

combines war driving with a drone and simply float about all of the organizations to gather wireless details. like SSID, Engryption status, Wireless network names

What are pen test rules of engagement?

define the purpose of the test and what the scope will be for the people who are performing this test on the network

What is footprinting?

ethical hacking technique used to gather as much data as possible about a specific targeted computer system.

What is the Purple Team Exercise type?

exist to ensure and maximize the effectiveness of the read and blue teams

What is pen test lateral movement?

gaining access to an initial system, then moving to other devices on the inside of the network

What is War Driving?

gathering wireless network information while driving around the street of the city

How is OSINT used in passive reconnaissance?

information in open source intelligence, data you can gather through open sources and websites

What is active reconnaissance?

interacts directly with the target in some way and the target may record or log these activities

What is the Red Team Exercise type?

internal or external entities dedicated to testing the effectiveness of a security program by emulating the tools and techniques of likely attackers in the most realistic way possible (Offense)

What is the Blue Team Exercise type?

internal security team that defends against both real attackers and red teams (Defense)

What is pivoting?

island hopping, compromised system used to attack another system on the same network following the initial exploitation. if the attack is introduced at a different time then it is said to involve persistence

What type of pen test is a partially known environment?

limited information shared with tester, sometimes in the form of login credentials. Simulate level of knowledge that a hacker with long term access to a system would achieve through research and system foot printing (Grey box test)

What is bug bounty?

monetary reward given to ethical hackers for successfully discovering and reporting a vulnerability or bug to the application's developer. Allow companies leverage the hacker community to improve their systems' security posture over time

What is the White Team Exercise type?

responsible for overseeing an engagement/competition between a red team of mock attackers and a blue team of actual defenders

What is pen test privilege escalation?

security hole created when code is executed with higher privileges than those of the user running

What type of pen test is a known environment?

tester is given a map of target system and networks, go in with full information of the target systems and networks. (White Box Test)

What type of pen test is a unknown environment?

tester know nothing about the target systems and networks. go into the test completely blind and build out a database of everything they find as they go. (Black Box Test)

What is pen test persistence?

testers ability to achieve a persistent presence in the exploited system - long enough for a bad actor to gain in-depth access.