Penetration Testing 5.5 Flashcards
1
Q
Physical Penetration Test
A
- Circumventing the operating system security through physical means.
- Assessing and testing the physical security of an organization.
2
Q
Red Team
A
- Tests the vulnerabilities of a system.
- Attacks the system.
3
Q
Blue Team
A
- Identifies attack in real time.
- Prevent any unauthorized access.
4
Q
Partially Known Environments
A
- A mix of known and unknown
- Focuses on certain systems or applications.
5
Q
Unknown Environment
A
- The pentester knows nothing about the systems under attack.
- Considered a “blind” test.
6
Q
Reconnaissance
A
- Need information before the attack.
- Gathering a digital footprint
- Understand the security posture.
- Minimize the attack area.
- Create a network map.
7
Q
Passive Reconnaissance
A
- Learn as much as you can about the organization and system through an open source.
8
Q
Sources for Passive Reconnaissance
A
- Social Media
- Corporate web site
- Online forums such as Reddit
- Dumpster diving
- Reaching out to the third party extensions.
9
Q
Active Reconnaissance
A
- Attacker engages with the system directly.
- Typically conducting a port scan to find any open ports.
- Usually involves packets that can be traced.