Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Practice > (1)Pentest Review/Alternatives to Pentests > Flashcards

(1)Pentest Review/Alternatives to Pentests Flashcards

1
Q

What happens after a pentest is done?

A

When a pentest is done, the pentester and/or their org prepares an exhaustive report detailing what was attempted, what was accomplished, and how to fix whatever vulnerabilities we discovered.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Why is the pentest report so important?

A

A pentest report is so important because it tells the company where their opportunities are and allows them to create training docs and programs to educate users or to create fixes for the system issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Other than basic information about the results of the test, what else does the pentest report contain?

What specific individuals may be given this information and why?

A

Other than basic information about the results of the test, the pentest report also contains very detail appendixes that include specific results of specific tests.

These results may be shared with system admins to help fix technical issues on the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What other activity can be used instead of pentests?

What is the goal of this alternative activity?

A

Instead of traditional pentests, orgs can conduct specific exercises called wargames where security professionals are put on teams in a simulated environment to compete against one another.

The goal of this alternative activity is skill growth for both teams by allowing them to use the tools and methods that attackers would use.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

In wargames, who is the red team? What do they do? What cybersecurity function are they acting in?

A

In wargames, the red team is the attacking team.

They recon and try to exploit the system to access it.

They act like pentesters in a traditional penetration test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In wargames, who is the blue team? What do they do? What cybersecurity function are they acting in?

A

In wargames, the blue team is the defensive team, trying to stop the attackers.

What they do is they construct, maintain, and keep an eye on security controls that encompass a large variety of items

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

In wargames, who is the white team? What do they do? What cybersecurity function are they acting in?

A

In wargames, the white team serves as the judges/referees of the operation.

They can settle arguments between the teams and make sure that the systems being used are working well, including the technical environment.

Lastly, they keep track of the results.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are wargames useful for?

A

Wargames are useful for educating security pros on current tactics used by attackers and defenders

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Practice (89 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions