Penetration Testing

Ace your homework & exams now with Quizwiz!

Passive Reconnaissance

one is not interacting directly with the target and as such, the target has no way of knowing, recording, or logging activity.

Known environment

(White box)- tester is given a map of target systems and networks. They go into the test with substantial/ full information of the target systems and networks.

Unknown environment

(black box)- tester knows nothing about target systems and networks, They go into the test completely blind and build out the database of everything they find as they go.

Blue Team

(defense)- the internal security team that defends against both real attackers and Red Teams.

Partially known environment

(grey box)- limited information is shared with the tester, sometimes in the form of login credentials. Simulate the level of knowledge that a hacker with long-term access to a system would achieve through research and system foot printing

White team

(judge/ referee)- responsible for overseeing an engagement/ competition between a Red Team of mock attackers and a Blue team of actual defenders.

Red Team

(offense)internal or external entities dedicated to testing the effectiveness of a security program by emulating the tools and techniques of likely attackers in the most realist way possible.

Purple team

(process improvement)- exist to ensure and maximize the effectiveness of the Red and Blue teams.

Passive Footprinting

Browsing target website, google search (google hacking), Performing WHOIS lookup, visiting social media profiles.

War driving

Deliberately searching for Wi-Fi signals while driving by in a vehicle

Active foortprinting

Ping sweep, Tracert analysis, Nmap, Extracting DNS information

Bug bounty

a monetary reward given to ethical hackers for successfully discovering and reporting a vulnerability or bug to the application's developer. Programs allow companies to leverage the hacker community to improve their system' security posture over time continuously.

Privilege escalation

a security hole created when code is executed with higher privileges than those of the user running it. Generally, a higher level account, but in some cases, it is a horizontal privilege escalation where a user gains access to another user's resources.

Pivoting

also known as island hopping, a compromised system is used to attack another system on the same network following the initial exploitation. If the compromise is introduced at a different time than the attack, then it is said to involve persistence.

Drones

can be leveraged in multiple ways for passive reconnaissance, from assessing physical security to gathering wireless network information

War flying

combines war driving with a drone and simply float above all of these organizations to gather wireless details. Enables accumulation of information like SSID or wireless network names, and encryption status of these networks.

Rules of engagement

define the purpose of the test and what the scope will be for the people who are performing this test on the network. They ensure everyone will be aware of what systems will be considered, date and time, and any constraints all should be aware of.

Lateral movement

gaining access to an initial system and then moving to other devices on the inside of the network.

Footprinting

includes active and passive methods- an ethical hacking technique used to gather as much data as possible about a specific targeted computer system, infrastructure and networks to identify opportunities to penetrate them.

Active Reconnaissance

interacts directly with the target in some way and as such, the target may discover, record, or log these activities.

OSINT

much of this information in the open source can be categorized as open-source intelligence. The data that you can gather through these open sources is extensive.

Persistence

refers to the testers ability to achieve a persistent presence in the exploited system, long enough for a bad actor to gain in-depth access. Enabling the ability to reconnect to the compromised host and use it as a remote access tool.

Cleanup

the final stage of a penetration test, in which all work done during the testing process is cleaned up/ removed.


Related study sets

Accounting 2121 Exam 1 Part 5: What is the normal balance for the following account types?

View Set

Evolve: Urinary/Reproductive System

View Set

Data Collection, Behavior, & Decisions

View Set

Concentration Mastering Chemistry

View Set

Ch. 12 Dealing with Union and Employee - Management Issues

View Set

Pharm Ch 57 Drugs Affecting Gastrointestinal Secretions

View Set

Module 5 SmartBook International Business

View Set

NUR 205 Ch 30 Nursing Management: Diabetes Mellitus

View Set

AGRY 105 Exam 3 (Lectures 25-37)

View Set