1.4 Explain Penetration Testing Concepts SY0-501 Security+

*Active Reconnaissance*

A focus on the system- port scans, traceroute information, network mapping, etc.- to identify weaknesses that could be used to launch an attack. Ch. 12

*Escalation of Privileges*

A hole created when a code is executed with higher privileges than those of the user running it. Ch. 12

*Penetration Testing*

An attempt to exploit the identified vulnerabilities. Ch. 12

*Passive Reconnaissance*

Discovering flaws by means other than directly accessing the system. From public databases, talking to employees, dumpster diving and social engineering. Ch. 12

*Persistence*

Example: Laptop that is infected while traveling for business and the company's network not being compromised until the employee returns and connects to the network. Ch. 12

*Vulnerability Scanning*

Identifying specific vulnerabilities in your network. Ch. 12

*Black Box*

The tester has absolutely no knowledge of the system and is functioning in the same manner as an outside attacker. Ch. 12

*White Box*

The tester has significant knowledge of the system. This simulates an attack from an insider - a rogue employee. Ch. 12

*Gray Box*

This is a middle ground between the first two types of testing. In gray box testing, the tester has some limited knowledge of the target system. Ch. 12

*Pivot* or *Island Hopping*

Using a trusted system to attack another compromised system. Ch. 12