1.8 Explain the techniques used in Penetration Testing Flashcards
Explain Penetration Testing
You are actively trying to gain access into a system. This is supposed to simulate an attack that would be done by an attacker that is external to your organization. Usually a third-party will conduct these tests on a regular basis.
Explain Penetration Testing in a known environment
There is full disclosure on the systems given to the pentester, especially if you are performing a test on yourself.
Explain Penetration Testing in an unknown environment
A pentester knows nothing about the systems under attack. They will have to build out a database of information as they go. This is a blind test.
Explain Penetration Testing in a partially known environment
A pentester will be given a mix of known and unknown. The provider to the third-parties may only give the essential information about the systems to the testers and everything else, the pentesters will have to figure and document for themselves.
Explain the Rules of Engagement for Penetration Testing
These are important documents that are designed to define the scope and purpose of the penetration test and makes everyone aware of the test parameters. These can define the type of test performed. There will be a list of devices that are in-scope and those that are out-of-scope. It also goes over how to handle sensitive data.
Explain lateral movement in penetration testing
It is when a pentester moves from system to system while inside of a network. The network is very weak on the inside.
Explain Privilege escalation in penetration testing
It is when a pentester elevates the privileges in order to carry out or have access to permissions or content that would be restricted otherwise.
Explain persistence in penetration testing
This is where a pentester will create multiple ways in which they can regain access to the system easier without having to execute the exploiting again. Setting up backdoors, making user accounts, changing registries, etc.
Explain cleanup in penetration testing
A pentester will want to revert the systems back to the way they are prior to the testing performed so they will try to leave the network in its original state, remove any binaries or temporary files, remove backdoors, delete user accounts created during the test, etc.
Explain a bug bounty in Penetration Testing
In some cases, people are able to make a living on performing penetration tests and discovering bugs for companies that will pay good money for the discovery of these bugs.
Explain pivoting in penetration testing
It is a system that will be the jumping off point that can be used to access other systems that would normally be inaccessible. It can also mask the attacker’s actual information by impersonating a device on a system carrying out the attacks.
Explain passive and active reconnaissance
Before you attack a system, network, or application, you need to gather information and learn everything you can. Things like firewalls, security configs, etc need to be learned.
Explain drones in passive or active reconnaissance
Drones can be used to fly over organizations to start gathering information from wireless networks, physical security, devices being used, etc.
Explain war flying in passive or active reconnaissance
It is used to combine wifi monitoring and a GPS to get an idea of the wireless network you are trying to get information from. You can get more info on the wireless network, like the APs, network name, type of device being used, etc. For flying
Explain War driving in passive or active reconnaissance
It is used to combine wifi monitoring and a GPS to get an idea of the wireless network you are trying to get information from. You can get more info on the wireless network, like the APs, network name, type of device being used, etc. For driving.
