Domain 6, Security Assessments and Testing Flashcards
Dynamic Testing
tests code, while it’s being executed
Fuzzing
‘black box’ testing that submits random malformed data as inputs to software to see if it crashes
pen test
authorized attempt to break in
Static testing
Tests code passively, code is not running
Synthetic transactions
AKA Synthetic monitoring, involves building scripts or tools that simulate activities normally performed by an application.
Scope of assessment
What are we testing? Why are we testing that?
War Dialing
Uses a modem to dial a series of phone numbers looking for other Modems.
Social Engineering
Trick people into letting you in.
zero knowledge test
blind test. Hacker has zero knowledge of what they’re testing.
Full knowledge test
AKA Crystal Box
Pen tester has all network info availalbe to help with testing
Partial knowledge test
Tests are in between zero and full knowledge.
Metasploit
open source framework for exploitations.
Pen testing Methodology
- Planning
- Reconnaissance
- Scanning (enumeration)
- Vulnerability assessment
- Exploitation
- Reporting
Vulnerability Testing/Scanning
Scans a network/system for a list of predefined vulnerabilities.
Nessus
Vuln scan tool
Nessus
Vuln scan tool
CVSS
Common Vulnerability Scoring System.
List of vulnerabilities and way to score a client.
CVSS
Common Vulnerability Scoring System.
List of vulnerabilities and way to score a client.
Security assessment
Holistic approach to the effectiveness of access control. Broad Scope. Includes assessment of many controls across multiple domains.
Internal audit
Structured and unstructured audits. Done by internal employee/team
3rd party audit
Outisde view, expert consultation. Teaching moment.
Log Reviews
Look at sec audit logs.
NIST 800-92
Describes logs that should be getting collected
NIST 800-92
Describes logs that should be getting collected
White box software testing
Gives tester access to program source code, data structures, variables, etc.
Tracability matrix
Can be used to map customers requirements for software test plan. Traces the requirements
Combinatorial Software Testing
Black box testing method that seeks to identify and test all unique combos of software inputs.
Unit testing
low level test of software components, such as objects, procedures, or functions.
Install testing
Testing software as it gets installed
Integration testing
Testing multiple software components as they are combined into a working system.
Reression testing
test software after updates, mods, patches.
Acceptance testing
Test to ensure software meets the operational requirements. When done by customer, called user acceptance testing.
Mis-use case testing
Intentionally misuse software to see if you can break or cause it to misbehave.
Interface testing
Testing all interfaces exposed by the application.
test coverage analysis
attempts to identify the degree to which code testing applies to the application. confirm there aren’t large gaps in testing.
Security Audit
A test against a published standard. An Auditor verifies that a site or organization meets the published standards.
Breach and Attack Simulations
BAS, AKA Breach Attack Simulations:
BAS combines elements of vulnerability scanning and automated penetration testing. BAS tools utilize a continuously refreshed database of attack methods and newly discovered vulnerabilities to test the ability for the organization to withstand newly evolved threats.
