1.8 Techniques used in Penetration Testing
During which type of penetration test does the tester specifically include the reconnaissance phase of the test?
Black Box testing
Pivoting from one domain or VLAN to another
Lateral movement
Describes a war flying attack on a college campus?
Map location of the wireless network.
The company is planning an internal security assessment. The exercise requires penetration testers to use non-intrusive techniques to determine the network's security status. What would be appropriate for these testers to follow? List two
Non-intrusive footprinting using Nmap tool. Perform passive vulnerability scans.
An attacker is gathering information from publicly available information on a college campus. The attacker will use information, such as domain names, to identify attack vectors. What best describes this type of passive reconnaissance?
OSINT
Which of the following penetration steps should a tester perform after obtaining a persistent foothold on the network and internal reconnaissance?
Obtain a pivot point
This maps the location and type of wireless networks operated by the target?
War flying is war driving, but in the air with a drone or unmanned aerial vehicle (UAV).
Which of these SYSLOG messages would have the code number "4"?
Warning
During which type of penetration test does the tester skip the reconnaissance phase of the test?
White Box
Which type of penetration test requires the tester to perform partial reconnaissance?
Gray Box Testing
Forcing the exploit to remain even with a reboot or network disconnect
Persistence
What penetration steps should a tester perform before internal reconnaissance?
Persistence, followed by further reconnaissance, occurs when the pen tester attempts to map out the internal network and discover the services running on it and accounts configured to access it.
Attempting to get root or administrative credentials of a database
Privilege escalation
A successful penetration testing exercise that involves multiple debriefs over a long period between participants requires efficient facilitating. Which team would handle this facilitation?
Purple Team
An attacker is using a kill chain attack, moving from host to host, deploying logic bombs and then exiting out. System administrators must not discover these hidden exploits. What can the attacker do to ensure the hack goes unnoticed?
Remove backdoors and tools.
Agreeing to the target customers bug bounty program
Rules of Engagement
What service allows organizations to aggregate threat management, incident response, and repeatable security operations?
SOAR
The purple team members act as _______________ during a purple team exercise. This type of exercise involves collaboration between red and blue teams during breaks throughout the exercise.
facilitators