PenTest+ Study Notes 1

Question 1

** during pen-testing if your team discovers possible indications of an ongoing or previous compromise, you must immediately report the details to the appropriate stakeholder **

Answer 1

info

Question 2

??? are security measures implemented to monitor the adherence to organizational policies and procedures. Those include activities such as hiring and termination policies, employee training along with creating business continuity and incident response plans.

Answer 2

Admin Controls

Question 3

??? automate protection to prevent unauthorized access or misuse, and include Access Control Lists (ACL), and Intrusion Detection System (IDS)/ Intrusion Prevention System (IPS) signatures and anti-malware protection that are implemented as a system hardware, software, or firmware solution.

** all controls should use concept of Principle of Least Privilege **

Answer 3

Technical (Logical) Controls :

Question 4

Risk = Threat x Vulnerability

??? : represents something such as malware or a natural disaster, that can accidentally or intentionally exploit a vulnerability and cause undesirable results.

??? : is a weakness or flaw, such as a software bug, system flaw, or human error. A vulnerability can be exploited by a threat.

Risk Analysis : is a security process used to assess risk damages that can affect an organization.

Answer 4

Threat / Vulnerability

Question 5

??? when team meets stakeholders to outline a plan for the PenTest. Some info obtained is rules of engagement, budget, technical constraints along w/types of assessments, and selection of targets.

Answer 5

Step 1 in Pentesting Process : (1) Planning and Scoping

Question 6

??? gathering as much info as possible about target. Including search info on Internet, OSINT, and social networking sites and company websites.

Answer 6

Step 2 in PenTesting Process : (2) Reconnaissance

Question 7

??? critical phase which provides more info about available network resources. Scanning identifies live hosts, listening ports, and running services. Also team uses enumeration to gather more detailed info on usernames, network shares, services, and DNS details.

Answer 7

Step 3 in PenTesting Process : (3) Scanning

Question 8

??? In this phase, the team will attempt to gain access to the system, with the goal of seeing how deep into the network they can travel. Then once in, the team will attempt to access protected resources.

Answer 8

Step 4 in PenTesting Process : (4) Gaining Access

Question 9

??? once the team is in the system the goal is to maintain access undetected for as long as possible.

??? removes any evidence that the team was in the system, including executable files, rootkits, logs, and any user accounts that were used during the exercise.

Answer 9

Steps 5 and 6 of the PenTesting Process : (5) Maintaining access .. (6) Covering tracks

Question 10

??? occurs after the team has completed the exercise, and will go through the results of all activities, analyze the findings, and derive a summary of their risk rating.

??? will deliver the results and any remediation suggestions to the stakeholders, along with a realistic timeline of reducing risk and implementing corrective actions.

** Throughout the entire process, the team will constantly communicate with the stakeholders of any irregularities such as an indication of a possible breach **

Answer 10

Steps 7 and 8 of the PenTesting Process : (7) Analysis .. (8) Reporting / info