1.8 Explain the techniques used in penetration testing Flashcards
Penetration Testing
A malicious attack from a outsider that is a simulation. purpose is to test the network/systems for a vulnerability.
Known Environment
A pen tester that has full information the targeted system. It is given to them.
Unknown Environment
A pen tester that has NO information on the targeted system.
Partially Known Environment
A mix of known and unknown. Some info on a target key system.
Rules of Engagement
Defines the purpose and scope of the test. Let you know the 5 W’s of the test.
Lateral Movement
Gaining access to a system, then MOVING TO OTHER DEVICES on the network. Can be by privilege escalation.
Persistence
Creating a way back into a system once you have access.
Pivoting
Gaining access to a system then attacking another system to access that one.
War Driving
Gathering wireless network info. while driving around.
War Flying
Combining war driving and a drone. Used to gain physical access to a secured area and gather wireless network info.
OSINT (relating to passive reconnaissance)
Gathering Public/Open Source data that a pen tester can use.
Passive Reconnaissance
Not interacting directly with your target.
Active Reconnaissance
Interacting directly with your target. May be discovered.
Foot printing
Using ethical hacking technique to gather as much info on a target.
Ping sweep, tracert analysis, Nmap, Extracting DNS Info.
Red Team
Offense
