4. Devices and Testing Flashcards
MDM (Mobile Device Management Solution)
Set of tools and features that allow an organization to centrally manage its devices under a single system
How do you stop jailbreaking?
You can attach it to an external management solution, which installs its own apps to provide additional security
Vulnerability Assessment Tool Exs (2)
Qualys
Nessus
Mapping Environments
Shows what devices are present in the network by interrogating every IP address in the network
Ex tool: Nmap
Active discovery of new hosts
Goes IP by IP and interrogates each to see whether anything responds
Passive discovery/scanning of new hosts
Placing a device at a network choke point, such as routers or switches, to eavesdrop on traffic flowing through the infrastructure
Unauthenticated scans
Don’t require credentials for the host you’re scanning or any access other than network connectivity to the host in question
Authenticated scans
Uses valid credentials, generally admin
Container
Entirely self contained and ready to run virtual instance designed to allow easy scaling up/down of portions of the environment seeing variable levels of load
Penetration Testing AKAs (2)
Pentesting
Ethical Hacking
Penetration testing steps (5)
↓ Scoping - Rules of engagement (BEFORE)
↓ Recon - Research before attack attempt
↓ Discovery - Run vulnerability
assessments (ACTIVE)
↓ Exploitation - Attack vulnerabilities
(ACTIVE)
↓ Reporting - Document (AFTER)
Black box testing
Tester has no knowledge of the environment other than the testing scope
White box testing
Gives tester all info about the environment - More thorough
Grey box testing
Some info given to the tester - More common penetration testing
Internal vs. External penetration tests
Kinds of access the tester is granted
What kind of person/team is conducting the test
Network penetration testing
Broad testing of hosts for vulnerabilities, issues specific to web apps, and emplyees who might be vulnerable to social engineering attacks
Static analysis
Directly analyze the app source code and resources
Dynamic analysis
Testing the app while its in operation - Testing the compiled binary form or the running web app
Bug Bounty Program
Organization offers rewards to people who discover vulnerabilities in their resources
Penetration testing teams (3)
Red team - attacks
Blue team - defends
Purple team - ensures both teams operate efficiently
FIM Tools
File integrity monitoring tools - monitor the integrity of the app and OS files on a machine
