Domain 5: Reporting & Communication Flashcards
What are the two types of Domain 5 questions I should expect?
- ‘Given a scenario’ for report writing and migration strategies
- ‘Explain’ for post-report delivery activity and communication during the process
Why do I need to communicate as a pentester?
Three reasons for this:
- Situational Awareness
- De-confliction
- De-escalation
What will trigger communication?
- Stages
- Critical Findings
- Indicators of Prior Compromise
What does communication paths dictate?
This dictates not only how the internal pentest team will communicate with one another, but who they are able/authorized to contact within the organization to communicate important details/emergencies.
When writing your report, what is an important step to take with respect to data?
When doing this, it is important to normalize, aggregate, and correlate your data in order for it to make sense.
What is normalization?
This is the process of combining data from multiple sources and in different formats into a common and consistent event format.
What are the primary sections of a written report?
- Executive Summary
- Methodology
- Finding and remediations
- Metrics and Measures
- Conclusion
In the ‘findings and remediation’ section of a report, what is an important consideration.
In this section an important consideration is the risk appetite of the organization.
How long do you keep the pentest report?
This all depends on the contract that was signed and the organization it was signed with.
In a report, where are your solutions coming from?
These are coming from
- Technology
- Processes
- People
What are the two main ways to correct SQL injection vulns?
- Sanitize User Input
- Parameterize Queries
Why is it important to keep detailed notes come post-report activities?
Doing this will allow you to inventory and remove shells, tools, and creds that were created during the penetration test.
What is built post-report that provides clients with evidence of your findings?
This is called the Attestation of Findings
What is a good habit to develop after your pentest?
After this, A good habit is to review lessons learned