CIMS 150 - Module 01

What are the 5 types of Network threats?

-Information gathering -Sniffing and eavesdropping -Spoofing -Session hijacking -Man-in-the-Middle attack ISSSM

What are 7 types of Host threats?

-Malware attacks -Footprinting -Denial of service attacks -Arbitrary code execution -Unauthorized access -Privilege escalation -Backdoor attacks MFDAUPB My F***king Dogs Are Unauthorized and Privileged Beasts

What are 8 types of application threats?

1. Improper data/input validation 2. Authentication and authorization attacks 3.Security misconfiguration 4. Improper error handling and exception management 5. Information discloser 6. Hidden-field manipulation 7. Broken session management 8. Buffer overflow issues

What are the 4 critical components of an effective risk assessment?

1. Technical safeguards 2. Organizational safeguards 3. Physical safeguards 4.Administrative safeguards

Arturo is the leader of information security professionals of a small financial corporation that has a few branch offices in Africa. The company suffered an attack of USD 10 million through an interbanking system. The CSIRT explained to Arturo that the incident occurred because 6 months ago the hackers came in from outside through a small vulnerability, then they did a lateral movement through the computer of a person with privileges in the interbanking system. Finally, the hackers got access and did the fraudulent transactions. What is the most accurate name for the kind of attack in this scenario?

APT

Which of the following examples best represents a logical or technical control? A)Heating and air conditioning B) Corporate security policy C) Smoke and fire alarms D) Security tokens

Security tokens Logical controls include the following: access control software, malware solutions, passwords, security tokens, and biometrics. Security tokens are used to authenticate a user to a system. Tokens are hardware devices that can take the form of key fobs or credit cards. They are often used together with another logical access control, such as a password or pin, to implement strong multifactor authentication.

A network administrator is promoted as chief security officer at a local university. One of his new responsibilities is to manage the implementation of an RFID card access system to a new server room on campus. The server room will house student enrollment information that is securely backed up to an off-site location.During a meeting with an outside consultant, the chief security officer explains that he is concerned that the existing security controls have not been designed properly. Currently, the network administrator is responsible for approving and issuing RFID card access to the server room, as well as reviewing the electronic access logs on a weekly basis.Which of the following is an issue with the situation?

Segregation of duties

Which of the following is a network based threat? A) Session hijacking B) Input validation flaw C) Arbitrary code execution D) Buffer flow

Session hijacking

Ron, a customer support intern, exploited default configurations and settings of the off-the-shelf libraries and code used in the company's CRM platform. How will you categorize this attack? A) Operating System Attacks B) Misconfiguraiton Attack C) Application-level attack D) Shrink-wrap code attack

Shrink-wrap code attack *Software developers often use free libraries and code licensed from other sources in their programs to reduce development time and cost. This means that large portions of many pieces of software will be the same, and if an attacker discovers vulnerabilities in that code, many pieces of software are at risk. Attackers exploit the default configuration and settings of the off-the-shelf libraries and code. The problem is that software developers leave the libraries and code unchanged

Which of the following is a preventative control? A)Audit trail B)Smart card authentication C) Performance review D) Continuity of operations plan

Smart card authentication Security controls are safeguards or countermeasures to avoid, detect, respond, or minimize security risks to physical property, information systems, or other assets. Security controls are classified as follows: ? Preventive Controls - Prevent an incident from occurring. E.g., Security guard, smart card authentication, etc. ? Detective Controls - Identify and characterize an incident in progress. E.g., Audit trail, system monitoring, etc. ? Corrective Controls - Limit the extent of any damage caused by the incident. E.g., Security policy, continuity of operations plan, etc.

When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user security training would be beneficial? A) Vulnerability scanning B) Application security testing C) Network sniffing D) Social engineering

Social engineering

A consultant is hired to do a physical penetration test at a large financial company. On the first day of his assessment, the consultant goes to the company's building dressed as a electrician and waits in the lobby for an employee to pass through the main access gate, and then the consultant follows the employee behind to get into the restricted area. Which type of attack did the consultant perform?

Tailgating

Yancey is a network security administrator for a large electric company. This company provides power for over 100,000 people in Las Vegas. Yancey has worked for his company for more than 15 years and has become very successful. One day, Yancey comes into work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail; he just wants the company to pay for what they are doing to him. What would Yancey be considered?

Yancey would be considered a suicide hacker

A newly discovered flaw that has been discovered but not patched in a software application would be considered as which kind of security vulnerability?

Zero-day vulnerabilty *Usually attackers discover it before the vendor therefore take advantage

Which of the following terms refer to unskilled hackers who compromise systems by running scripts, tools and software developed by real hackers? They usually focus on the quantity of attacks rather than the quality of the attacks that they initiate.

Script kiddies

You have been hired to do an ethical hacking (penetration testing) for a company. Which is the first thing you should do in this process? A) Escalating privileges B) Perimeter testing C) Acquiring target D) Network information gathering

Network information gather *Pre-Attack Phase: -Planning and preparation -Methodology designing -Network information gathering

Which of the following attack vectors is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time? The intention of this attack is to steal data rather than to cause damage to the network or organization. A)Mobile threats B) Insider attack C) APT D)Botnet

APT Advanced Persistent Threats: Advanced Persistent Threat (APT) is an attack that focuses on stealing information from the victim machine without its user being aware of it. These attacks are generally targeted at large companies and government networks. APT attacks are slow in nature, so the effect on computer performance and Internet connections is negligible. APTs exploit vulnerabilities in the applications running on a computer, operating system, and embedded systems. Mobile Threats: Mobile threats falls under the category of 'targeted attacks' where there will not be any major goal for the attackers except to target a mobile device and gain credit card credentials or just cause chaos, get their hands on personal information for blackmail and so on. Botnet: A botnet is a huge network of the compromised systems used by an intruder to perform various network attacks such as denial-of-service attacks. Bots, in a botnet, perform tasks such as uploading viruses, sending mails with botnets attached to them, stealing data, and so on. Insider Attack: It is an attack performed on a corporate network or on a single computer by an entrusted person (insider) who has authorized access to the network and is aware of the network architecture.

Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. Employees, when in the office, utilize desktop computers that have Windows 10, Microsoft Office, anti-malware/virus software, and an insurance application developed by a contractor. All of the software updates and patches are managed by the IT department of Highlander, Incorporated. Group policies are used to lock down the desktop computers, including the use of Applocker to restrict the installation of any third-party applications. There are one hundred employees who work from their home offices. Employees who work from home use their own computers, laptops, and personal smartphones. They authenticate to a cloud-based domain service, which is synchronized with the corporate internal domain service. The computers are updated and patched through the cloud-based domain service. Applocker is not used to restrict the installation of third-party applications. The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server, and the company uses work folders to synchronize offline copies back to their devices. A competitor learns that employees use their own personal smartphones to communicate with other employees of Highlander, Incorporated. Which information security attack vector should the competitor use to gather information over a long period of time from the phones, without the victim being aware that he or she has been compromised? A)Mobile threats B)Botnet C)APT D)Viruses and Worms

APT (Advanced Persistent Threat) The competitor should utilize advanced persistent threats. It is an attack that will focus on stealing information without the user being aware of it. Viruses and worms normally affect the productivity of the machine and will be detected by anti-malware/virus programs or the end user when the computer does not respond as expected. Mobile threats do target mobile devices, but they vary and do not guarantee avoiding detection. A botnet is a network of devices used to perform network attacks.

Which of the following items is unique to the N-tier architecture method of designing software applications? A) Application layers can be separated, allowing each layer to be upgraded independently from other layers. B) Data security is tied into each layer and must be updated for all layers when an upgrade is performed C) Application layers can be written in C, ASP.NET, or Delphi without any performance loss D) It is compatible with various databases including Access, Oracle, and SQL.

Application layers can be separated from each layer to be upgraded independenty from other layers

The three phases of penetration testing include pre-attack phase, attack phase and post-attack phase. "Penetration perimeter, Acquiring target, escalating privileges, and execution, implantation, retracting" are part of which phase?

Attack Phase PP, AT, EP, EIR

Why is ethical hacking necessary? (select two). A) Ethical hackers are responsible for incident handling and response in the organization. B) Ethical hackers try to find what an intruder can see on the system under evaluation. C)Ethical hackers are responsible for selecting security solutions and try to verify the ROI of security systems. D) Ethical hackers try to find if all the components of information systems are adequately protected, updated, and patched.

B) Ethical hackers try to find what an intruder can see on the system under evaluation D) Ethical hackers try to find if all the components of information systems are adequately protected, updated and patched.

A penetration tester is hired to do a risk assessment of a company's DMZ. The rules of engagement state that the penetration test has to be done from an external IP address with no prior knowledge of the internal IT systems. What kind of test is being performed?

Black box

The penetration tester is placed in the role of the average hacker, with no internal knowledge of the target system. Testers are not provided with any architecture diagrams or source code that is not publicly available. This type of penetration test determines the vulnerabilities in a system that are exploitable from outside the network. Which type of box testing is this?

Black box testing

A computer technician is using the latest version of a word-processing software and discovers that a particular sequence of characters is causing the entire computer to crash. The technician researches the bug and discovers that no one else has experienced the problem. What is the appropriate next step?

Notify the vendor of the bug and do not disclose until the vendor gets a change to issue a fix

Highlander, is a medical insurance company with several regional company offices in North America. Employees, when in the office, utilize desktop computers that have Windows 10, Microsoft Office, anti-malware/virus software, and an insurance application developed by a contractor. All the software updates and patches are managed by the IT department of Highlander, Incorporated. Group policies are used to lock down the desktop computers, including the use of Applocker to restrict the installation of any third-party applications.There are one hundred employees who work from their home offices. Employees who work from home use their own computers, laptops, and personal smartphones. They authenticate to a cloud-based domain service, which is synchronized with the corporate internal domain service. The computers are updated and patched through the cloud-based domain service. Applocker is not used to restrict the installation of third-party applications. The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server, and the company uses work folders to synchronize offline copies back to their devices. Based on the knowledge of the network topology and trends in network security, what would be the primary target of a hacker trying to compromise Highlander? A) Company desktops B) Personal laptops C) Personal smartphones D) Cloud based file server

Cloud Based File Server

Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. Employees, when in the office, utilize desktop computers that have Windows 10, Microsoft Office, anti-malware/virus software, and an insurance application developed by a contractor. All the software updates and patches are managed by the IT department of Highlander, Incorporated. Group policies are used to lock down the desktop computers, including the use of Applocker to restrict the installation of any third-party applications. There are one hundred employees who work from their home offices. Employees who work from home use their own computers, laptops, and personal smartphones. They authenticate to a cloud-based domain service, which is synchronized with the corporate internal domain service. The computers are updated and patched through the cloud-based domain service. Applocker is not used to restrict the installation of third-party applications. The laptops utilize direct access to automatically connect their machines to the Highlander, Incorporated, network when they are not in the regional offices. The laptops are set up to use IPsec when communicating with the cloud-based file server. The protocol that they have chosen is Authentication Header (AH). The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server, and the company uses work folders to synchronize offline copies back to their devices. Based on the knowledge of the network topology, which of the main elements of information security has Highlander, Incorporated, NOT addressed in its plans for its laptops? A) Authenticity B) Confidentiality C) Integrity D) Availability

Confidentiality

Which fundamental element of information security refers to the assurance that the information is accessible only to those authorized to have access?

Confidentiality

Which of the following terms refers to gaining access to one network and/or computer and then using the same to gain access to multiple networks and computers that contain desirable information? A)Social engineering B) Daisy chaining C) Doxing D) Kill chain

Daisy chaining

Which of the following tasks DOES NOT fall under the scope of ethical hacking? A) Risk assessment B) Pen testing C) Defense-in-depth implementation D) vulnerability scanning

Defense-in-depth *Defense-in-depth implementation is the job role of a network security engineer where several protection layers are placed throughout an information system to prevent direct attacks. If a hacker gains access to a system, defense in depth minimizes any adverse impact and gives network security administrators and engineers time to deploy new or updated countermeasures to prevent a recurrence of intrusion.

Ransomeware encrypts the files and locks systems, leaving the system in an unusable state. The compromised user has to pay ransom to the attacker to unlock the system and get the files decrypted. Petya delivers malicious code that can even destroy the data with no hope of recovery. What is the malicious code called?

Payload

An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor. What should the hacker's next step be before starting work on this job? A) Begin the reconnaissance phase with passive information gathering and then move into active information gathering B) Start by footprinting the network and mapping out a plan of attack C)Use social engineering techniques on the friend's employees to help identify areas that may be susceptible to attack' D) Define the penetration testing scope

Define the penetration testing scope *Before starting the penetration testing, it is important to define the penetration testing scope. It is one of the most important parts of penetration testing engagement process. It further helps in preparing test plan, limitations, business objectives, and time schedule for the proposed pen test. -What will be tested? -How it should be tested? -What resources will be allocated? -What limitations will be applied -What business objective will be achieved -How the test project will be planned and scheduled

What is the correct order of steps in the system hacking cycle?

Gaining Access -> Escalating Privileges -> Executing Applications -> Hiding Files -> Covering Tracks In a system hacking cycle, the attacker should first attempt to exploit and gain access to the target system. Then he has to escalate his privileges to access the root directory of the target system. Once the attacker achieves the elevated privileges, he can perform any malicious activity like executing malicious applications on the target system and data theft. Next, the malicious applications have to be hidden somewhere in the target machine so that the legitimate user is not able to identify and delete them. After completing all these stages, now the attacker has to cover his tracks to avoid detection.

What is the objective of a reconnaissance phase in a hacking-life cycle?

Gathering as much information as possible about the target

What is the objective of a reconnaissance phase in a hacking life-cycle? A)Gaining access to the target system with admin/root level privileges B) Identifying specific vulnerabilities in the target network C) gathering as much as information as possible about the target D) Gaining access to the target system and network

Gathering as much information as possible about the target Reconnaissance refers to the preparatory phase in which an attacker gathers as much information as possible about the target prior to launching the attack. In this phase, the attacker draws on competitive intelligence to learn more about the target. This phase allows attackers to plan the attack. Identification of specific vulnerabilities in the target network is done in the scanning and enumeration phase, whereas attackers gain access to the target system or network in the gaining access phase of a hacking life cycle.

Juan is the administrator of a Windows domain for a global corporation. He uses his knowledge to scan the internal network to find vulnerabilities without the authorization of his boss; he tries to perform an attack and gain access to an AIX server to show the results to his boss. What kind of role is shown in the scenario?

Gray Hat Hacker Gray hats are the individuals who work both offensively and defensively at various times. They fall between white and black hats. Gray hats might help hackers in finding various vulnerabilities of a system or network and at the same time help vendors to improve products (software or hardware) by checking limitations and making them more secure. In the above scenario, despite doing the hack without authorization, Juan only wants to do good for the company. He was checking the limitations of the organization network and not looking for benefits. This is the behavior of a gray hat hacker. A white hat always looks for authorization, and the black hat always seeks profit.

The tester is examining a system from an outsider's perspective but has the knowledge levels of a user, potentially with elevated privileges on a system. These penetration tester typically have some knowledge of a network's internals, potentially including design and architecture documentation and an account internal to the network. Which type of box testing is this?

Gray box testing

Anonymous, a known hacker group, claim to have taken down 20,000 Twitter accounts linked to Islamic State in response to the Paris attacks that left 130 people dead. How can you categorize this attack by Anonymous?

Hacktivism Hacktivism is when hackers break into government or corporate computer systems as an act of protest. In the above scenario, the hacker group breaks into the Islamic State corporate computer system in response to the Paris attack. Hence, Hacktivism is the correct option.

Jonathon, a solutions architect with a start-up, was asked to redesign the company's web infrastructure to meet the growing demands. He proposed the following architecture to management: What is Jonathan's primary objective? A)Proper user authentication B)Ensuring confidentiality of the data C) Ensuring integrity of the application servers D) Ensuring high availability

High availability High availability architecture is an approach of defining the components, modules, or implementation of services of a system that ensures optimal operational performance, even at times of high loads. High availability requires redundancy of application and database servers so that as the load increases on a resource, the user requests or processing can be handled by another.

Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. There are various types of employees working in the company, including technical teams, sales teams, and work-from-home employees. Highlander takes care of the security patches and updates of official computers and laptops; however, the computers or laptops of the work-from-home employees are to be managed by the employees or their ISPs. Highlander employs various group policies to restrict the installation of any third-party applications. As per Highlander's policy, all the employees are able to utilize their personal smartphones to access the company email in order to respond to requests for updates. Employees are responsible for keeping their phones up to date with the latest patches. The phones are not used to directly connect to any other resources in the Highlander, Incorporated, network. The company is concerned about the potential vulnerabilities that could exist on their devices. What would be the best type of vulnerability assessment for the employees' smartphones? A)Passive Assessment B) Active Assessment C) Wireless Network Assessment D) Host-Based Assessment

Host-Based assessment Host-based assessment looks at the vulnerabilities of the devices. Active assessment means we are using a network scanner to look for hosts. Passive assessment means we are sniffing packets in a network. Wireless network assessment looks for vulnerabilities in the wireless network, not the phone.

Which of the following category of information warfare is a sensor-based technology that directly corrupts technological systems?

Intelligence-based warfare

Stephany is the leader of an information security team of a global corporation that has several branch offices around the world. In the past six months, the company has suffered several security incidents. The CSIRT explains to Stephany that the incidents have something in common: the source IP addresses of all the incidents are from the new branches. A lot of the outsourcing staff come to this office to connect their computers to LAN. What is the accurate security control to implement to resolve the primary source of the incidents? A)internal firewall B) awareness to employees C) network access control D) antimalware application

Network access control (NAC)

Term that describes the process of restricting unauthorized users and devices from gaining access to corporate or private network. It also ensures that only users who are authenticated and devices that are authorized and compliant with security policies can enter the network.

Network access control (NAC)

Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation? A)Social engineering B) Access control list reviews C) Vulnerability scanning D) Penetration scanning

Penetration testing: Penetration testing is a methodological approach to security assessment that encompasses the security audit and vulnerability assessment and demonstrates if the vulnerabilities in system can be successfully exploited by attackers. It reduces an organization's expenditure on IT security and enhancing Return on Security Investment (ROSI) by identifying and remediating vulnerabilities or weaknesses. Social engineering: Social Engineering is a process of convincing a victim to run an executable that they should not. Vulnerability scanning: Vulnerability scanning is an inspection of the potential points of exploit on a computer or network to identify security holes. Access control list reviews: An access control list (ACL) is a table that tells a computer operating system which access rights each user has to a particular system object, such as a file directory or an individual file.

Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. There are various types of employees working in the company, including technical teams, sales teams, and work-from-home employees. Highlander takes care of the security patches and updates of official computers and laptops; however, the computers or laptops of the work-from-home employees are to be managed by the employees or their ISPs. Highlander employs various group policies to restrict the installation of any third-party applications. As per Highlander's policy, all the employees are able to utilize their personal smartphones to access the company email in order to respond to requests for updates. Employees are responsible for keeping their phones up to date with the latest patches. The phones are not used to directly connect to any other resources in the Highlander, Incorporated, network. The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server, and the company uses work folders to synchronize offline copies back to their devices. Highlander, Incorporated, is concerned about their defense in depth. The scope of their concern is especially the users with mobile phones. In order to provide appropriate security, which layer of defense in depth should they focus the most attention on? A) Physical B) Internal network C) Policies, Procedures, Awareness D) Perimeter

Policies, Procedures, and Awareness *Users need to be trained in proper usage and dangers of utilizing their devices. -Physical deals with facilities -Perimeter deals with network access servers -Phones do not communicate with other internal network resources

The three phases of penetration testing include pre-attack phase, attack phase and post-attack phase. "Reporting, clean-up, and artifact destruction" are part of which phase?

Post-Attack phase R, CU, AD

The three phases of penetration testing include pre-attack phase, attack phase and post-attack phase. "Planning and preparation, methodology designing, and network information gathering" are part of which phase?

Pre-Attack Phase PP, MD, NIG

Which of the following can be categorized as a host-based threat? A) Man-in-the-middle attack B) Privilege escalation C) IDS bypass D)Distributed denial-of-service

Privilege escalation

An IT security engineer notices that the company's web server is currently being hacked. What should the engineer do next? A)Determine the origin of the attack and launch a counterattack B) Perform a system restart on the company's web server C) Record as much information as possible from the attack D)Unplug the network connection on the company's web server

Record as much information as possible from the attack

Company XYZ is one of the most famous and well-known organizations across the globe for its cyber security services. It has received Best Cyber Security Certification Provider Award three consecutive times. One day, a hacker identified a severe vulnerability in XYZ's website and exploited the vulnerabilities in the website successfully compromising customers' private data. Besides the loss of data and the compromised network equipment, what has been the worst damage for Company XYZ?

Reputation

In which of the following hacking phases does an attacker try to detect listening ports to find information about the nature of services running on the target machine? A) Maintaining access B) Clearing tracks C)Scanning D) Gaining access

Scanning Attackers use dialers, port scanners, network mappers, ping tools, vulnerability scanners, and so on during scanning to extract information such as live machines, open ports, port status, OS details, device type, system uptime, and so on. In the gaining access phase, attackers use vulnerabilities identified during the reconnaissance and scanning phase to gain access to the target system and network. Gaining access refers to the point where the attacker obtains access to the operating system or applications on the computer or network.Maintaining access refers to the phase when the attacker tries to retain his or her ownership of the system. Once an attacker gains access to the target system with admin/root level privileges (thus owning the system), he or she is able to use both, the system and its resources at will, and can either use the system as a launch pad to scan and exploit other systems, or to keep a low profile and continue exploiting the system.Clearing tracks refers to the activities carried out by an attacker to hide malicious acts. The attacker's intentions include continued access to the victim's system, remaining unnoticed and uncaught, deleting evidence that might lead to his/her prosecution.

Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. Employees, when in the office, utilize desktop computers that have Windows 10, Microsoft Office, anti-malware/virus software, and an insurance application developed by a contractor. All of the software updates and patches are managed by the IT department of Highlander, Incorporated. Group policies are used to lock down the desktop computers, including the use of Applocker to restrict the installation of any third-party applications. There are one hundred employees who work from their home offices. Employees who work from home use their own computers, laptops, and personal smartphones. They authenticate to a cloud-based domain service, which is synchronized with the corporate internal domain service. The computers are updated and patched through the cloud-based domain service. Applocker is not used to restrict the installation of third-party applications. The protocol that they have chosen is Authentication Header (AH). The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server and the company uses work folders to synchronize offline copies back to their devices. A competitor has finished the reconnaissance and scanning phases of their attack. They are going to try to gain access to the Highlander, Incorporated, laptops. Which would be the most likely level to gain access?

The most likely level to gain access is the application level. The application level is designed by a third party.

An e-commerce site was put into a live environment and the programmers failed to remove the secret entry-point (bits of code embedded in programs) that was used during the application development to quickly gain access at a later time, often during the testing or debugging phase. What is this secret entry point known as?

Trap door

An e-commerce site was put into a live environment and the programmers failed to remove the secret entry point (bits of code embedded in programs) that was used during the application development to quickly gain access at a later time, often during the testing or debugging phase. What is this secret entry point known as? A) SDLC process B)Honey Pot C)Trap door D) SQL Injection

Trap door The software development life cycle (SDLC) is a software development process that helps developers build more secure software and address security compliance requirements while reducing development costs. A honeypot is a computer system on the Internet intended to attract and trap people who try unauthorized or illicit utilization of the host system. In an SQL injection attack, attackers insert malicious code into a standard SQL code to gain unauthorized access to a database and ultimately to other confidential information.

Penetration testers are given full access to source code, architecture documentation and so forth. Main challenge is sifting through massive amounts of data available to identify potential points of weakness, making it most time-consuming type of penetration testing. These penetration testers are able to perform static code analysis, making familiarity with source code analyzers, debuggers, and similiar tools for important. Which type of box testing is this?

White box testing