Ethical Hacking, and Steps for Conducting Ethical Hacking Flashcards
Briefly explain the workings of spyware.
Spyware is a type of malicious software that is designed to secretly gather information about a user’s activities and transmit it to a remote attacker. It typically infects a user’s computer through email attachments, software downloads, or web browsing.
Once installed on a victim’s computer, spyware can record keystrokes, take screenshots, capture passwords, and steal sensitive data such as credit card numbers and personal information. It can also track a user’s web browsing habits, display unwanted advertisements, and redirect the user to malicious websites.
Describe a countermeasure to spyware attacks.
To protect against spyware, it is important to regularly update your operating system and antivirus software, avoid downloading suspicious software or opening email attachments from unknown sources, and regularly scan your computer for malware.
Analyse the potential consequences of a stored Cross Site Scripting (XSS) attack.
The attacker can use the injected code to steal sensitive information from users, such as login credentials, credit card numbers, or personal information. They can also use the code to hijack user sessions and gain access to sensitive areas of the website or application.
Additionally, the attacker can use the injected code to redirect users to malicious websites, install malware on their devices, or spread the attack to other users through social engineering techniques.
Describe a countermeasure to stored XSS attacks.
To protect against stored XSS attacks, web developers should implement secure coding practices, such as input validation and sanitization, and use frameworks and libraries that provide protection against such attacks. Web application users should also be cautious when entering sensitive information on websites and be aware of any suspicious behavior or unusual pop-ups that may indicate a stored XSS attack.
Name the five phases of the ethical hacking lifecycle.
Reconnaissance, scanning, gaining & maintaining access, clearing tracks and reporting.
Assess the importance of the reporting phase of the ethical hacking lifecycle.
Communicating Results: The reporting phase provides an opportunity for the ethical hacker to communicate their findings and recommendations to the relevant stakeholders. These stakeholders may include management, IT staff, and other relevant parties. The report should be clear, concise, and presented in a way that is easily understood by non-technical stakeholders.
Providing a Basis for Action: The report provides a basis for action. The findings and recommendations can be used by the organization to improve its security posture, address vulnerabilities, and implement new security measures. Without the report, the organization may not be aware of the security risks it faces or have a clear plan for addressing them.
Demonstrating Value: The reporting phase is an opportunity for the ethical hacker to demonstrate the value of their work. A well-written report that clearly identifies vulnerabilities and provides recommendations for addressing them can demonstrate the impact of the ethical hacking process.
Compliance Requirements: Many industries and organizations have compliance requirements that require regular security assessments, vulnerability testing, and reporting. The reporting phase is essential to meeting these requirements and demonstrating compliance.
Name all the stages in the Penetration Testing Execution Standard (PTES) methodology .
Pre-engagement Interactions, Intelligence Gathering, Threat Modeling, Vulnerability Analysis, Exploitation, Post-exploitation, Reporting
In the PTES model, describe the intelligence gathering stage.
Intelligence Gathering: In this stage, the tester collects information about the target systems and applications, such as IP addresses, domain names, and system architecture. This stage also involves passive reconnaissance and open-source intelligence (OSINT) gathering.
Explain the main objective of the threat modeling stage in PTES.
Threat Modeling: This stage involves assessing the potential risks and vulnerabilities of the target systems and applications based on the collected intelligence. This stage helps the tester to prioritize the areas to focus on during the testing.
Why is vulnerability assessment important in the PTES model?
It’s important because this is when the tester scans the target systems and applications for vulnerabilities, such as outdated software versions or misconfigured systems.
