28 - Cyber Reconnaissance

Question 1

In order to attack a system, you nee to ___ a pillar

Answer 1

Violate

Question 2

What are the different barriers that make up an “information system”?

Answer 2

1. Network Barrier (Outermost)
2. Host Barrier (Middle)
3. The Privilege Barrier (Inside)

Question 3

Describe the Network Barrier

Answer 3

Between the Internet and the Host’s network

• Protection
  
  • ​Perimeter Firewall
  • Network Address Translation

Question 4

Describe the Host Barrier

Answer 4

(Attacker doesn’t have Admin/Root privileges yet)

• Protection
  
  • ​Authentication
  • Host-Barrier Firewall

Question 5

Describe the Privilege Barrier

Answer 5

Attacker has Admin/Root acces

• Trying to perform “privilege escalation”
• Protection
  
  • ​Admin accounts
  • Encrypting sensitive files

Question 6

What are the three phases of a Cyber Attack?

Answer 6

1. Reconnaissance
2. Infiltration & Maneuver
3. Exfiltration & Maintaining Access

Question 7

What are the two kinds of Reconnaissance?

Answer 7

1. Active
   
   1. Interacting with target network directly (ping, traceroute, netcat)
2. Passive
   
   1. Minimize interaction with target network (friends, facebook)

Question 8

What are some tools for Active Recon?

Answer 8

• Ping
• traceroute
• netkitten (nk)
• Scanning
  
  • NMAP (Network Mapper)