Pentesting

Question 1

Name the three different categories of pentesting

Answer 1

• blackbox pentesting: no knowledge of the system
• greybox pentesting: partial knowledge of the system
• white box pentesting: full knowledge of the system

Question 2

What are the steps of the typical pentesting process?

Answer 2

1. Reconnaissance
Gather information about the SUT, find vulnerabilities
2. Create a threat model
- identify assets
- use STRIDE
- visualize using attack/defense trees
3. Build an attack plan: designed in the form of test cases
4. Execute attack plan / test cases
5. Report found problems
Comprises:
- Executive Summary
- Technical details: source, probability of exploitation, impact of exposure, remediation suggestions
6. Postmortems

Question 3

Name 3 non-obvious parts of pentesting

Answer 3

• testing physical security
• wireless pentesting
• social engineering

Question 4

What is the objective of red-teaming?

Answer 4

Test the preparedness of the organization’s security and its ability to detect and respond to an attack

Question 5

What is the objective of blue-teaming?

Answer 5

Withstand attacks, proving the organization’s readiness agains security threats, or lack thereof -> more training/investment

Question 6

Name and describe the three different approaches to blue-teaming

Answer 6

• preventive: ensure security of applications and infrastructure
• reactive: detect and respond to cyber threats
• proactive: research cutting-edge threats and prepare for them