1.8: Pen Testing

Question 1

Pentest

Answer 1

Simulate an attack
similar to vul scanning, try to actually exploit vulnerabilities to see if access can be gained.

Question 2

Rules of Engagement

Answer 2

define purpose of Pen test, scope for people performing the test.

Question 3

Working Knowledge

Answer 3

Unknown environment: pentester knows nothing about the systems under attack, ‘blind’ test.
Known environment: full disclosure.

Question 4

Exploiting Vulnerabilities

Answer 4

Trying to break into the system
potential for DoS or loss of data.
Buffer overflow can cause instability
Good pen test will try a variety of techniques (brute force, social engineering, database injections, buffer overflows)

Question 5

Bug Bounty

Answer 5

reward for discovering vulnerabilities and reporting them for cash rewards.

Question 6

Reconnaissance

Answer 6

Gathering a digital footprint
understanding security posture(firewalls, configs)
minimize the attack area
Create a network map (identify routers, networks, remote sites)

Question 7

Wardriving

Answer 7

combine wifi monitoring and a gps
search from your car or plane(warflying, searching from drone)
Grabbing SSID’s, encryption type

Question 8

Security Teams

Answer 8

Red Team: Ethical hackers (pen testers)
Blue Team: Defensive security, day to day security to keep devices/networks safe. Incident response.
Purple Team: Red and blue working on the same team.
White team: manages the interactions between red and blue team. Enforce rules/resolve issues.