Security Assesment & Penetration testing techniques
which of these represents passive reconnaissance instead of active reconnaissance?
-leaving no footprints -conducting packet tracing -using a network tap -less-intrusive process to daily operations
which of these represents active reconnanaissance instead of passive reconnaissance?
-may be illegal on the internet -oswap web scanning -actions can be traced back to attacker -can impact employee productivity
What penetration testing technique would involve having some level of limited knowledge of the internal workings of the target?
Gray box
what services allows organziztaions to aggregate threat management, incident response, and repeatable security operations?
SOAR
rules of engagement
agreeing to the target customers bug bounty program
Privilege escalation
attempting to get root or administrative credentials of a database
which of these scanning techniques would decide if a system is configured in agreement with a recognized governance or regulatory policy?
compliance scan
reconnaissance
conducting planning, preparation, and information gathering
which of these states are the result of an erroneous action triggering from a benign event?
false positive
persistence
forcing the exploit to remain even with a reboot or network disconnect
what are threat hunters attempting to quickly recognize to counter cyber criminals and mitigate threats?
ioCs
Lateral movement
pivoting from one domain or VLAN to another
which role will offer initiatives and information sharing between teams to improve the organizational security posture?
purple team
cleanup
removing all footprints and artifacts of the attack chain
which of these SYSLOG messages would have the code number '4'?
warning
