Chapter 13 - Social Engineering & Pen Test

Question 1

Spear Phishing

Answer 1

Targeting a person or a group with a phishing attack

Question 2

Whaling

Answer 2

going after CEOs or other C-level Executives

Question 3

Pharming

Answer 3

use of malicious code that redirects a user’s traffic

Question 4

Spimming

Answer 4

sending spam over instant message

Question 5

Netcraft Toolbar

Answer 5

Phishing tool

Question 6

PhishTank Toolbar

Answer 6

Phishing tool

Question 7

Fave Antivirus

Answer 7

very prevalent attack; pretends to be anti-virus but is malicious

Question 8

Mobile-based attack - ZitMo

Answer 8

Zeus in the Mobile - banking malware that was ported to Android

Question 9

Security Assessment

Answer 9

Test perfromed in order to assess the level of security on a network or system

Question 10

Security Audit

Answer 10

Policy and procedure focused; tests whether organization is following specific standards and policies

Question 11

Vulnerability Assessment

Answer 11

Scans and tests for vulnerabilities but does not intentionally exploit them.

Question 12

Pen Test - External Assessment

Answer 12

Analyzes publicly available information; conducts network scanning, enumeration and testing from the network perimeter.

Question 13

Pen Test - Internal Assessment

Answer 13

Performed from within the organization, from various network access points.

Question 14

Red Team vs Blue Team

Answer 14

Red Team - Pen Test team that is doing the attacking. Blue Team - Pen test team that is doing the defending

Question 15

Purple Team

Answer 15

Pen test team that is doing both attacking and defending

Question 16

Codenomicon

Answer 16

Utilizaes fuzz testing that learns the tested system automatically; allows for pen testers to enter new domains such as VoIP assessment, etc.

Question 17

Core Impact Pro

Answer 17

Best known, all-inclusive automated testing framework; tests everything from web applications and individual systems to network devices and wireless.

Question 18

Metasploit

Answer 18

Framework for developing and executing code against a remote target machine

Question 19

CANVAS

Answer 19

hundreds of exploits, automated exploitation system and extensive exploit development framework.

Question 20

What are the phases of a Pen Test?

Answer 20

1. Pre-attack phase - reconaissance and data-gathering. 2. Attack Phase - Attempts to penetrate the network and execute attacks. 3. Post-Attack Phase - Cleanup to return a system to pre-attack condition and deliver reports.

Question 21

Comprehensive Report Parts of Pen Test

Answer 21

• Executive summary or org’s security posture. - Names of all participants and dates of tests. - List of all findings, presented in order of risk. - Analysis of each finding and recommended mitigation steps. - Log files and other evidence

Question 22

Types of insiders - Pure Insider

Answer 22

Employee with all rights and access associated with being an employee

Question 23

Types of Insiders - Elevated Pure Insider

Answer 23

Employee who has admin privileges

Question 24

Tyeps of Insiders - Insider Affiliate

Answer 24

Spouse, friend or client of an employee who uses the employee’s credentials to gain access.

Question 25

Types of Insiders - Outside Affiliate

Answer 25

Someone outside the organization who uses an open access channel to gain access to an organization’s resources.