8. Penetration Testing and Exercises

Question 1

Gathering Information

Penetration testing

Answer 1

Initial phase of penetration testing where attackers collect information about the target system.

Question 2

Rules of Engagement (ROE)

Penetration testing

Answer 2

Formal document specifying the scope and permitted techniques for a penetration test.

Question 3

White-Box, Black-Box, Grey-Box Testing

Penetration testing

Answer 3

Different approaches in penetration testing based on the level of knowledge the attacker has about the system.

Question 4

Discovery Phase

Penetration testing

Answer 4

Involves active and passive reconnaissance to identify potential vulnerabilities and attack paths.

Question 5

Attack Phase

Penetration testing

Answer 5

The stage where penetration testers attempt to gain access to the target system and escalate privileges.

Question 6

Lateral Movement

Penetration testing

Answer 6

The process of browsing through a network to find new systems and expand the attacker’s reach.

Question 7

Pivoting

Penetration testing

Answer 7

A technique used in penetration testing where testers leverage a compromised system to attack other systems on the same network.

Question 8

Persistence

Penetration testing

Answer 8

The practice of installing backdoors to maintain access to a system even after vulnerabilities are patched.

Question 9

Cleanup and Restoration

Penetration testing

Answer 9

The final phase of a penetration test, involving the removal of traces of the attack and restoring systems to their original state.

Question 10

Bug bounty program

Bug bounty

Answer 10

A formal process that encourages security researchers to responsibly report vulnerabilities in exchange for rewards.

Question 11

Controlled environment

Bug bounty

Answer 11

A secure setting where organizations open their systems to inspection by researchers as part of bug bounty programs.

Question 12

Automated scanning tools

Bug bounty

Answer 12

Programs used by opportunistic attackers to search for vulnerable systems on the internet.

Question 13

Channeling attacker efforts

Bug bounty

Answer 13

Directing the skills of attackers towards identifying and reporting vulnerabilities through bug bounty programs.

Question 14

Vendor assistance

Bug bounty

Answer 14

Specialized vendors who help design, implement, and operate bug bounty programs for organizations.

Question 15

Validating vulnerability reports

Bug bounty

Answer 15

The process of verifying the accuracy and severity of reported vulnerabilities in bug bounty programs.

Question 16

Defense posture enhancement

Bug bounty

Answer 16

Increasing the overall strength of an organization’s defensive capabilities through the existence of bug bounty programs.

Question 17

Uncovering unknown vulnerabilities

Bug bounty

Answer 17

The success of bug bounty programs in discovering previously unidentified security weaknesses in organizations’ systems.