1.4 Explain penetration testing concepts Flashcards

1
Q

Which of the following penetration steps should a tester perform after obtaining a persistent foothold on the network and internal reconnaissance?

A

Obtain a pivot point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

During which type of penetration test does the tester specifically include the reconnaissance phase of the test?

A

Black box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following is a system susceptible to, if a user with system access can obtain keys from the system memory or pagefiles and scratch disks?

A

Privilege escalation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What type of pen test allows the tester to use default credentials to log into the system, after discovering a vulnerability on a server?

A

Passive reconnaissance

Vulnerability scanning generally uses passive reconnaissance techniques. Passive reconnaissance is not likely to alert the target of the investigation as it means querying publicly available information.

Active reconnaissance has more risk of detection. Active techniques might involve gaining physical access to premises or using scanning tools on the target’s web services and other networks.

Action on objectives refers to the adversary or penetration tester stealing data from one or more systems (data exfiltration).

In the initial exploitation (a.k.a. weaponization) phase, an exploit is used to gain some sort of access to the target’s network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Initial exploitation cannot perform under which of the following circumstances?

A

Host scanning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

During which type of penetration test does the tester skip the reconnaissance phase of the test?

A

White box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the difference between vulnerability scanning and penetration testing?

A

Vulnerability scanning is passive and penetration testing is active.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which phase of a penetration test uses a phishing email and payload, or obtains credentials via social engineering to gain access to the target’s network?

A

Initial exploitation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A pen tester gathers some information about a target to find ways for remote access. After gaining access, what other penetration techniques should a tester perform before performing further reconnaissance?

A

Persistence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A pen tester discovered that a certain vulnerability did not get patched on an SQL server. The pen tester then exploited the vulnerability with code injection and owned the server. Which of the following best describes this technique?

A

Active reconnaissance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What type of pen test allows the tester to use default credentials to log into the system, after discovering a vulnerability on a server?

A

Passive reconnaissance

Vulnerability scanning generally uses passive reconnaissance techniques. Passive reconnaissance is not likely to alert the target of the investigation as it means querying publicly available information.

Active reconnaissance has more risk of detection. Active techniques might involve gaining physical access to premises or using scanning tools on the target’s web services and other networks.

Action on objectives refers to the adversary or penetration tester stealing data from one or more systems (data exfiltration).

In the initial exploitation (a.k.a. weaponization) phase, an exploit is used to gain some sort of access to the target’s network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly