Keywords Flashcards
What is a pen test
Penetration, testing, attempt to exploit vulnerabilities in order to help, strengthen the security systems of an organization by displaying their weaknesses.
This provides a clear picture of their nature as well.
What are the three different types of information security?
Confidential
Approved individuals may access information
Availability
Insurance information is accessible to all authorized members
Integrity
insures information is correct and unaltered
What is an advanced persistent threat? APT
Detects use innovative tools, and once a system is infected, they silently extract data over an extended period of time(persistent). APTs are most commonly associated with state actors.
Threat actor
An individual or entity responsible for cyber incidence against the technology equipment of enterprises and users
Script kiddies
Individuals who want to perform attack yet like technical knowledge to carry them out
They can be found download in through the available, automated software, and use it to attack
Hacktivists
Individuals that are strongly motivated by ideology, for the sake of their principles or beliefs
State actors
Governments are increasingly employing their own state, sponsored attackers for launching cyber attacks against foes
Many security researchers, think that they are the deadliest of any threat actors
State actors are often involved in multiyear intrusion campaigns targeting highly sensitive, economic, proprietary, or national security information.
Insiders
Employees, contractors, and business partners compose an insider threat of manipulating data from the position of a trusted employee.
These attacks are harder to recognize because they come from within the enterprise.
What is a creep
And expansion beyond the initial set of the test limitations
What is phase 1 of a penetration test called?
Reconnaissance
What are the two parts of phase 1 of a penetration test?
Active and passive reconnaissance
What is active reconnaissance?
Involves directly probing for vulnerabilities and useful information
What is passive reconnaissance?
Passive reconnaissance occurs when the tester uses tools that do not raise any alarms.
This may include searching online for publicly accessible information called open source intelligence (OSINT) that can reveal valuable insight about the system
What is phase 2 of a penetration test called?
And what is it?
Penetration
A pen test is intended to stimulate the actions of threat actor
Footprinting
To perform preliminary information gathering from outside the organization
What are the rules of engagement ?
These are the limitations or parameters of a pen test
A penetration test can easily veer off course and not accomplish the desired results, take too long to produce timely, results, or test assets that are not necessary to test
What is the timing parameter?
When the test will occur. Usually consisting of start dates of the test.
The time of the test subject to change based on the vulnerabilities found within the test .
What is the scope of a pen test?
The scope of a pen test is what should be tested
Scope involves several elements that defined the relevant test boundaries. These test elements include the following technical boundaries.
Environment should the pen test be conducted on the live production environment?
This option has the advantage of producing the most accurate test, however, the disadvantage is that it would likely disrupt the normal business operations. As an alternative, a simulated environment could be created but this option comes with additional work and costs.
Internal targets. Before starting a penetration test, all internal targets must be identified clearly for an external third-party gray box test or white box test (blackbox testers are responsible for finding internal targets ).
These internal targets are owned by the customer, and information about them, may include specific, IP addresses, network, ranges, or domain names. Also, the scope of internal targets must account for system, such as firewalls, intrusion detection, systems, intrusion prevention, systems, and networking equipment between the tester and the final target.
External targets (scope)
External targets have to deal with penetration testing a service, her application by a third-party, like cloud, service, providers, or Internet service providers
Target locations (scope)
Because laws vary among states, provinces, and countries, testing planners, must identify the physical location of the targets, and, if necessary, I just discover the test.
Authorization pen test
The receipt of prior written approval to conduct the Pentecost. Formal written document must be signed by all parties before a penetration test begins. Naturally, disapproval includes people within the organization being tested however, other levels of authorization are frequently overlooked.
What is a vulnerability scan?
A frequent and ongoing process that continuously identify the monitor Cybersecurity progress
What does conducting a vulnerability scan involve?
Knowing what to scan and how often?
Selecting the appropriate type of scan
Interpreting vulnerability information
Why shouldn’t you conduct around the clock vulnerability scans? (Two reasons.)
Workflow interruptions
Technical constraints
A more focused approach is to know the location of data, so that specific systems with high value data can be scanned more frequently .
