Lesson 3 - Security Assessments Flashcards
What is the purpose of using ipconfig?
It is the configuration assigned to network interface(s) in Windows and whether the address is static or assigned by DHCP.
Which command should be used to display the local machine’s address resolution protocol cache?
arp (Address Resolution Protocol)
What is the difference between tracert and traceroute?
Tracert uses ICMP probes to report the round trip time for hops between local host and a host on a remote network.
Traceroute performs route discovery from a Linux host; uses UDP probes by default.
When there is a need to quickly scan ports, which is the best command to use?
-sS, TCP SYN
What is the UDP scans (-sU)?
Scans UDP ports; can take a long time and can be combined with a TCP scan
Identify the command that can be used to detect the presence of a host on a particular IP address?
Ping
What are the appropriate methods for packet capture?
Wireshark and tcpdump are packet sniffers. A sniffer is a tool that captures packets or frames, moving over a network.
What is a vulnerability that is exploited before the developer knows about it or can release a patch?
Zero Day
Encryption vulnerabilities allow unauthorized access to protected data. Which component is subject to brute-force enumeration?
A weak cipher
Compare and contrast vulnerability scanning and penetration testing.
Vulnerability scanning by eavesdropping is passive, while penetration testing with credentials is active.
Hosts that hold the most valuable data are not normally able to access external networks directly is…?
Pivoting
What are the differences between a black box, white box, and a gray box penetration test?
Black Box - contractor receives no privileged information so they must perform reconnaissance.
White Box - pen tester has complete access and skips reconnaissance.
Gray Box - tester has some, but not all information and requires partial reconnaissance.
What are the different exercise types and their purpose?
Red Team - offense
Blue Team - defense
White Team - sets rules of engagement and monitors exercise
Purple Team - red and blue teams meet for debriefs while the exercise is ongoing
What is persistence?
The tester’s ability to reconnect to the compromised host and use it as a remote access tool (RAT) or backdoor.
Remote Access Trojan (RAT)
Malware that gives an adversary the means of remotely accessing the network
What is the command line client for performing data transfers over many types of protocol?
curl
What are the main types of security assessment usually classed as?
Vulnerability, Assessment, Threat Hunting
What is penetration testing and what is it also referred to as?
Also referred to as Ethical Hacking.
Authorized hacking to discover exploitable weaknesses in the target’s security systems.
Methods and tools by which an attacker transfers data without authorization from the victim’s systems to an external network or media.
Data exfiltration
The command that shows state of TCP / UDP ports on the local machine.
netstat