Penetration Testing 5.5 Flashcards

1
Q

Physical Penetration Test

A
  • Circumventing the operating system security through physical means.
  • Assessing and testing the physical security of an organization.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Red Team

A
  • Tests the vulnerabilities of a system.
  • Attacks the system.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Blue Team

A
  • Identifies attack in real time.
  • Prevent any unauthorized access.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Partially Known Environments

A
  • A mix of known and unknown
  • Focuses on certain systems or applications.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Unknown Environment

A
  • The pentester knows nothing about the systems under attack.
  • Considered a “blind” test.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Reconnaissance

A
  • Need information before the attack.
  • Gathering a digital footprint
  • Understand the security posture.
  • Minimize the attack area.
  • Create a network map.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Passive Reconnaissance

A
  • Learn as much as you can about the organization and system through an open source.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Sources for Passive Reconnaissance

A
  • Social Media
  • Corporate web site
  • Online forums such as Reddit
  • Dumpster diving
  • Reaching out to the third party extensions.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Active Reconnaissance

A
  • Attacker engages with the system directly.
  • Typically conducting a port scan to find any open ports.
  • Usually involves packets that can be traced.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly