Ethical Hacker Pro
Penetration Testing Life Cycle
1. Performing reconnaissance 2. Scanning and enumeration 3. Establishing access 4. Maintaining access 5. Reporting
Scope of Work (SOW)
A ______ defines exactly what a project will entail. It is also known as a statement of work.
Blue team
A defensive security team that attempts to close vulnerabilities and stop the red team.
Cyber terrorist
A hacker motivated by religious or political beliefs who wants to create severe disruption or widespread fear.
Suicide hacker
A hacker who is concerned only with taking down the target for a cause.
State-sponsored hacker
A hacker who works for a government and attempts to gain top-secret information by hacking other governments.
Hacktivist
A hacker whose main purpose is to protest an event or situation and draw attention to their own views and opinions.
Purple team
A mixture of both red and blue teams.
Gray hat
A skilled hacker who falls in the middle of the white hat and black hat hackers. The _______ may cross the line of what is ethical, but usually has good intentions and isn't malicious like a black hat hacker.
White hat
A skilled hacker who uses skills and knowledge for defensive purposes only. The ______ hacker interacts only with systems for which express access permission has been given.
Black hat
A skilled hacker who uses skills and knowledge for illegal or malicious purposes.
Advanced persistent threat (APT)
A stealthy computer network attack in which a person or group gains unauthorized access to a network and remains undetected for an extended period.
Risk mitigation
Also called risk reduction. Sometimes risks can not be transferred or avoided. In this case, steps must be taken to reduce the damage they can inflict.
Script kiddie
An extremely unskilled person who uses tools and scripts developed by real hackers.
Red team
An offensive security team that attempts to discover vulnerabilities in a network or computer system.
Open Source Security TestingMethodology Manual (OSSTMM)
Attempts to create one accepted method for a thorough security test.
Rules of engagement (ROE)
Defines how the penetration test will be carried out.
Open Web ApplicationSecurity Project (OWASP)
Describes techniques for testing the most common web applications and web service security issues.
Avoidance
Identifying a risk you can avoid. This action is called risk _________
Performing reconnaissance
In this phase, the hacker begins gathering information about the target. This can include gathering publicly available information, using social engineering techniques, or even dumpster diving.
Establishing access
In this phase, the hacker uses all the information gathered through reconnaissance and scanning to exploit any vulnerabilities found and gain access.
National Institute of Standardsand Technology Special Publication800-115 (NIST SP 800-115)
Is a guide to the basic technical aspects of conducting information security assessments.
Maintaining access
Once the hacker has gained access, he can use backdoors, rootkits, or Trojans to establish permanent access to the system.
Ethical hacking
Perpetrating exploits against a system with the intent to find vulnerabilities so that security weaknesses can be addressed and the system can be made more secure.
Scanning and enumeration
Scanning is a natural extension of reconnaissance. The hacker uses various tools to gather in-depth information about the network, computer systems, live systems, open ports, and other features. Extracting information such as usernames, computer names, network resources, shares, and services is known as enumeration. Enumeration is a part of the scanning step.
Black box
The ethical hacker has no information regarding the target or network. This type of test best simulates an outside attack and ignores the insider threats.
White box
The ethical hacker is given full knowledge of the target or network. This test allows for a comprehensive and thorough test, but is not very realistic.
Gray box
The ethical hacker is given partial information of the target or network, such as IP configurations or emails lists. This test simulates an insider threat.
Clearing tracks
The final step in the hacking process is clearing tracks. The hacker overwrites log files to hide the fact they were ever there.
Penetration testing
The practice of finding vulnerabilities and risks with the purpose of securing the computer or network system.
Threat modeling
The process of analyzing the security of the organization and determine security holes.
Transference
The process of moving the risk to another entity
Change order
When a change to the scope of work is requested, a ______ should be filled out and agreed on.
Risk Acceptance
When an organization determines that the cost and effort to mitigate a risk outweighs the risk's potential damage, so they simply accept the risk.
Scope creep
When the client begins asking for small deviations from the scope of work. This can cause the project to go off track and increase time and resources needed to complete it.
Security exception
is any deviation from standard operating security protocols. It should be determined if you will be put on a whitelist or blacklist for the test on any IPS, Firewall, or other network access control systems.
MAC filtering
the process of allowing or blocking traffic from a certain device based on its MAC address
