Audits and Assesments

Question 1

Define Penetration Testing

Answer 1

Simulated cyber-attack that helps in the assessment of computer systems for exploitable vulnerabilities

Question 2

Name the different types of penetration testing

Answer 2

> Physical Pentesting
Offensive Pentesting
Defensive Pentesting
Integrated Pentesting

Question 3

Define Physical Pentesting

Answer 3

It involves testing an organization’s physical security through testing locks, access cards, security cameras, and other protective measures.

Question 4

Define Offensive Penetration testing (Red Teaming)

Answer 4

it’s a proactive approach that simulates real-world attacks. It seeks and exploits system vulnerabilities so orgs learn to recognize and defend against such threats.

Question 5

Define Defensive Pentesting (Blue Teaming)

Answer 5

A reactive approach that entails (involves) fortifying systems, identifying and addressing attacks, and enhancing incident response times.

Question 6

Define Integrated Penetration Testing (Purple Teaming)

Answer 6

Offensive and defensive pentest combined.

Question 7

Define Reconnaissance

Answer 7

It’s an initial phase where critical information about a target system is gathered to enhance an attack’s effectiveness and success. Such as IP addresses, domain details, mail servers, and any potential security or detection systems.

Question 8

Define Active Reconnaissance

Answer 8

The attacker engages with the target system directly. It gives more info to the attacker but it also comes with a higher risk of detection.