Chapter 1.8 - Penetration Testing Flashcards
Explain techniques in penetration testing
Penetration Testing (Pentest)
Authorized simulated cyberattack on a computer system, performed to evaluate the security of the system
Pentest - Known Environment
Performed by a security expert trained to identify and document issues that are present in an environment
Pentest - Unknown Environment
Performed by a security expert that knows nothing about the systems under attack
“Blind” test
Pentest - Partially Known Environment
Performed by a security expert that has partial knowledge or access to an internal network or web application
Pentest - Rules of Engagement
Meant to list out the specifics of your penetration testing project to ensure that both the client and the engineers working on a project know exactly what is being testing, when its being tested, and how its being tested
Pentest - Lateral Movement
Once in the network, can move from system to system
Pentest - Persistence
Once in a system, you need to make sure there is a way back in
Examples: backdoor, change passwords, etc.
Pentest - Cleanup
Removing all malicious activity from the pentest attack, leave the network in its original state
Examples: remove backdoors, change passwords back
Bug Bounty
A reward offered to a person who identifies an error or vulnerability in a computer program or system
Pivoting
Using a compromised system to spread between different computer systems once inside the network, simulating the behavior of a real attacker
Passive Reconnaissance
Attempt to gain information about targeted computers and networks without actively engaging with the systems
Active Reconnaissance
Attempt to gain information about targeted computers and networks by actively engaging with the systems
War Flying
Used with a drone and a wireless network detector to find wifi wireless network locations
Active Footprinting
Process of using tools and techniques, like using the traceroute commands or a ping sweep – Internet Control Message Protocol sweep – to collect data about a specific target
Passive Footprinting
Collecting data without actively engaging with the target system
Open Source Intelligence (OSINT)
The collection and analysis of information from many open sources
War Driving
Drive around with a wireless network detector to find wifi wireless network locations
Red Team
The offensive security team
Hired ethical hackers
Blue Team
The defensive security team
White Team
Not on a team
Manages the interactions between the red teams and blue teams
Referees
Purple Team
Red and blue teams working together
Both share their findings to see how it can benefit the organization