1.8 - Explain the techniques used in penetration testing. Flashcards

Explain the techniques used in penetration testing.

1
Q

Penetration testing

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Known environment (Penetration testing)

A

-white box
-tests performed with full knowledge of underlying tech, configs, settings
-testers typically have net. diagrams, lists of sys, IP net. ranges, even creds to sys.
-test is often more complete since testers can get to every sys.
-may not provide accurate view of what external perp would see

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Unknown environment (Penetration testing)

A

-black box
-intended to replicate what perp would encounter
-testers not provided with access to or info about environ. > must gather info, discover vulns, make their own way thru infra/sys. like a perp would
-approach can be time consuming BUT can help provide reasonably accurate assessment of how secure target is against a perp

-quality + skillset of ur pen test team = v important

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Partially known environment - Rules of engagement (Penetration testing)

A

-gray box
-blend of white + black box
-may provide some info about environ. to testers wthout giving full access, creds, configs
-can help focus testers time + effort while providing more accurate view of what perp would actually encounter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Lateral movement (Penetration testing)

A

-occurs as perp uses initial sys. compromise to gain access to other sys. on target net.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Privilege escalation (Penetration testing)

A

-using hacking techniques to shift from initial access gained by perp to more advanced privileges (root access)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Persistence (Penetration testing)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Cleanup (Penetration testing)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Bug bounty (Penetration testing)

A

-

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Pivoting (Penetration testing)

A

-occurs as perp uses initial sys. compromise to gain access to other sys. on target net.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Passive and active reconnaissance

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Drones (Passive and active reconnaissance)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

War flying (Passive and active reconnaissance)

A

-use of drones/UAVs (unmanned aerial vehicles)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

War driving (Passive and active reconnaissance)

A

-drive by facilities in car equipped wth high end antennas
-attempt to eavesdrops on/connect to wireless nets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Footprinting (Passive and active reconnaissance)

A

-identify OS + apps in use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

OSINT (Passive and active reconnaissance)

A
17
Q

Red-team

A

-attckers who attempt to gain access to sys.

18
Q

Blue-team

A

-defenders who must secure sys. + nets. from attcks
-monitors environ. during exercise
-usually gets a head start to secure sys. b4 attack phase of exercise starts

19
Q

White-team

A

-observers + judges
-referees
->settle disputes over rules
->watch exercise to document Lessons learned
-able to observe activities of both red + blue teams
-responsible 4 ensuring exercise doesn’t cause prod. issues

20
Q

Purple-team

A

-at end of exercise red + blue teams get together to share info about tactics + Lessons learned (helps everyone learn from the process)
-combination of knowledge from red + blue teams