CEH

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What are the four common methods for dealing with risk?

-Avoidance -Transference -Mitigation -Acceptance

5 Phases of Ethical Hacking

-Reconnaissance -Scanning -Gain Access -Maintain Access -Cover Your Tracks

Penetration Testing Life Cycle

-Reconnaissance / Footprinting -Scan / Enumerate -Gain Access -Maintain Access -Report

grey hat hackers

A skilled hacker who falls in the middle of the white and black hat hackers. The gray hat may cross the line of what is ethical, but usually has good intentions and isn't malicious like a black hat hacker.

black hat hackers

A skilled hacker who uses skills and knowledge for illegal and malicious purposes

Advanced Persistent Threat (APT)

A stealthy computer network attack in which a person or group gains unauthorized access to a network and remains undetected for an extended period.

White box test

A test in which the tester knows about all aspects of the systems and understands the function and design of the system before the test is conducted. Not a very realistic test

grey box test

A test in which the tester may have knowledge of internal architectures and systems, or other preliminary information about the system being tested.

Script kiddies

An extremely unskilled person who uses tools and scripts developed by real hackers

Red Team

An offensive security team that attempts to discover vulnerabilities in a network or computer system.

OWASP (Open Web Application Security Project)

An organization that maintains a list of the top 10 errors found in web applications.

What are the 4 risk management methods?

Avoidance, transference, mitigation, and acceptance

Performing Reconnaissance

In this phase, the hacker begins gathering information about the target. This can include gathering publicly available information, using social engineering techniques or even dumpster diving.

Establishing Access

In this phase, the hacker uses all the information gathered through reconnaissance and scanning to exploit any vulnerabilities found and gain access.

state-sponsored hacker

a hacker who works for a government and attempts to gain top-secret information by hacking other government

cyber terrorism

the politically motivated use of computers and information technology to cause severe disruption or widespread fear in society.

Black box test

A penetration test in which the tester is given no information about the system being tested.

Purple Team

A mixture of both red and blue teams.

Stuxnet

A computer worm designed to find and infect a particular piece of industrial hardware; used in an attack against Iranian nuclear plants (2010)

Blue Team

A defensive security team that attempts to close vulnerabilities and stop the red team.

NIST SP 800-115

A guide to the basic technical aspects of conducting information security assessments

Suicide Hacker

A hacker who aims to bring down critical infrastructure for a "cause" and does not worry about the penalties associated with his actions.

White hat

A hacker who exposes security flaws in applications and operating systems so manufacturers can fix them before they become widespread problems.

hacktivist

A hacker whose main purpose is to protest an event or situation and draw attention to their own views and opinions

Rules of Engagement (ROE)

Detailed guidelines and constraints regarding the execution of information security testing. The ROE is established before the start of a security test, and gives the test team authority to conduct defined activities without the need for additional permissions.

What should you consider when planning for a penetration test?

How (internal or external), Who (can be targeted for social engineering attacks and who is allowed to know when the test is taking place), What (what systems will be targeted), When (during or outside of business hours), where (remotely or on-site)

Maintaining Access

Once the hacker has gained access, he can use backdoors, rootkits, or Trojans to establish permanent access to the system.

OSSTMM

Open Source Security Testing Methodology Manual - Standard method for pen testing. Sets forth detailed mandates regarding which aspects of the network to test, how to conduct it, and how to analyze the results. OSSTMM is a testing framework that conforms to legislative compliance, contractual compliance (to the customer), and standards compliance (it provides a standard framework for testing and is based on several NIST publications). OSSTMM also addresses security controls you can put in place to protect your network. Unfortunately, it does NOT include web apps like OWASP does.

Ethical Hacking

Perpetrating exploits against a system with the intent to find vulnerabilities sot that security weaknesses can be addresses and the system can be made more secure.

An organization should perform what before beginning a penetration test?

Risk Assessment

Scanning and enumeration

Scanning is a natural extension of reconnaissance. The hacker uses various tools to gather in-depth information about the network, computer systems, live systems, open ports, and other features. Extracting information such as usernames, computer names, network resources, shares, and services is known as enumeration. Enumeration is a part of the scanning step.

Risk Tolerance

The degree, amount, or volume of risk that an organization or individual will withstand.

Clearing Tracks

The final step in the hacking process is clearing tracks. The hacker overwrites log files to hide the fact they were ever there.

Penetration Testing

The practice of finding vulnerabilities and risks with the purpose of securing the computer or network system.

Threat Modeling

The process of analyzing the security of the organization and determine security holes.

Risk Assessment

The purpose of a risk assessment is to identify area of vulnerabilities within the organizations network. The risk assessment should look at all areas, including high value data, network systems, web applications, online information, and physical security (operating systems and web servers). Often, the penetration test is performed as part of a risk assessment. Once vulnerabilities have been determined, the organization needs to rank them and figure out how to handle each risk.

Scope Creep

The uncontrolled expansion to product or project scope without adjustments to time, cost, and resources.

Scope of work

defines exactly what a project will entail. Also known as a statement of work.


Ensembles d'études connexes

Chapter 9, 26, 10, 28 pharmacology

View Set

Study Guide: Internships, Field Experience, and Practicums

View Set

Stagecraft Fundamentals-Entire Glossary

View Set

Aim: What were the major causes of the Great Depression?

View Set