Offensive Cyber Security Testing Flashcards
Cyber security risk
Cyber Security Risk = f(Threat, Vulnerability, Impact)
high-level penetration testing process
- Scoping
- Cyber attack
- Reporting
Scoping
The main aim of penetration test is to find all vulnerabilities within a given scope.
Before proceeding with any hacking, the cyber security organisation and their client must
both be clear on:
* What is going to be tested
- How it is going to be tested
- When it is going to be tested
- Why it is going to be tested
- Where it is going to be tested
Cyber attack
Techniques and methodology depend highly on the outcome of scoping
It may be based on a particular technology, against a target of limited scope, or exclude pertinent techniques
Target may be infrastructure (servers, services, etc.), a website, a mobile app,
hardware, a physical building, or a person
Certain techniques may be prioritised based on the goal of the test
Reporting
The value of a penetration test is all in the report
Recipient of the penetration test report can be anyone from business owner (non-specialist) to technical staff who have to implement the recommended changes (specialist)
The types of offensive security testing
- Vulnerability scanning
- Penetration testing
- Red teaming
Vulnerability scanning
- Automated tooling to identify all possible vulnerabilities by service versions, within a given scope
- Does not verify vulnerabilities by exploiting them
- Conducted frequently by any size organisation to manage vulnerabilities
Penetration testing
- Manual process to identify and exploit all possible vulnerabilities, within a given scope
- Verifies vulnerabilities by exploiting them
Red teaming
- Simulate a highly capable adversary conducting an advanced attack on an organisation
- Aim is to test an organisation’s response and recovery to a cyber attack rather than find vulnerabilities
