Soft Skills - scoping, risk, reporting, engagement lifecycle Flashcards

1
Q

list the phases of a penetration test lifecycle

A
requirements elicitation
scoping
testing
reporting
remediation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What’s the difference between ‘whitebox’ and ‘blackbox’

A

Whitebox - you have credentials and full access to the target, you’re identifying findings within the application that could be exploited by attacker with credentials, and without. This is the context from which most web application tests are conducted

Blackbox - you start from nothing, you are an attacker with network access to the target, and you go from there. - this is the format that most network penetration tests are conducted from.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

list the phases of a basic methodology of a network penetration test

A
Port scan
Enumeration
Exploitation
Privilege Escalation
Loot
Cover Tracks
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Describe the core elements to include when explaining a finding to a client

A

What is the impact
what is the likelihood
what is the fix - how much effort is it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

When describing the impact of a finding, what elements are used to describe this?

A

Confidentiality
Integrity
Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

When debriefing a client, what elements should you include

A

The findings that were identified
how they relate to the client’s objectives
what changes were made to the system (if any)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the benefits of penetration testing?

A

It emulates an attacker, shows you where the holes in security are
it assists in compliance with standards and law

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Where is penetration testing not useful

A

When the client doesn’t need it
When the client is not in a final state of development for a project
When the client’s concerns cannot be answered by penetration testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What risks can penetration testing present?

A

DoS - Availability
Compromise of sensitive information - confidentiality
Modification of sensitive information - integrity

These can all have legal consequences on the client and yourselves (this human rights act, data protection act)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what should you do if a system stops responding during testing?

A

Stop operations against that host
Inform the client
gather information on what was happening at that time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What impacts can DoS conditions have on an organisation?

A

Loss of income (if an ecommerce site goes down)
Loss of productivity (such as a very important fileshare)
SLAs - if it’s some kind of SaaS app

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The core 2 elements in calculating the risk of an issue is what?

A

Impact

Likelihood

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the potential issues associated with poor record keeping during a penetration test?

A

Being unable to ‘cover your ass’

  • without records that you are doing the right thing, you may be blamed for doing the wrong thing
  • without records you may be blamed for not completing tasks
  • you may be accused of hacking under the CMA

Being unable to prove vulnerabilities

  • sysadmins are bastards, you need proof
  • you will also be unable to demonstrate your ‘l33tness’ to executives
    • people respond to real impacts, without evidence you will be unable to impress upon readers the importance of your findings.
  • you will be unable to revisit issues, your colleagues will be unable to audit your work for completeness or crapness
How well did you know this?
1
Not at all
2
3
4
5
Perfectly