5.5 Penetration Tests

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/8

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

9 Terms

1
New cards

Physical Penetration Testing

A security assessment focused on gaining unauthorized physical access to a facility.

  • Physical access to a device can bypass nearly all digital protections.

  • An attacker could alter the boot process, load their own media, or tamper with system files.

  • Servers are typically housed in secure data centers.

  • Testers attempt to enter a building without proper credentials, exploring all possible entry points like doors, windows, and elevators to evaluate the strength of physical security measures

2
New cards

Red team

Offense

  • They attack systems, they look for vulnerabilities, and they attempt to exploit those vulnerabilities.

3
New cards

Blue Team

Defensive

  • Identify the attacks coming in real time and block any of these attacks from occurring

4
New cards

Purple team

The best combination would be to integrate these two teams together

  • Have a system that is constantly providing feedback on itself.

  • You’ll have the red team constantly attacking systems.

  • And when they identify an opening, they pass that information to the blue team to be able to patch it and better identify it next time.

5
New cards

Known environment

Full disclosure of all of the systems that we’ll be attacked during this penetration test.

6
New cards

Partially Known Environment

Only some of that information is provided to the pen tester.

  • A mix between the known environment and the unknown environment.

  • Often used when you want the pen testers to be sure to attack certain systems within your environment.

7
New cards

Unknown environment

No information is provided to the pen tester.

  • Have to find all of the information on their own.

  • Often referred to as a blind test

8
New cards

Passive Reconnaissance

Gathering information from sources that don’t tie us directly back to the customer’s network.

  • Finding information on social media about the customer’s networks.

  • There might be details on a corporate website where you can browse and learn more about the company.

  • Online forums or Reddit posts that can gather information about what’s in that company’s infrastructure.

  • Perform social engineering to try to get information out of people who may work in the company.

  • Talk to third-party companies that do business with that organization to learn what they might know about that customer’s infrastructure.

9
New cards

Active Reconnaissance

A much more direct way to gather information because you’re going into the network and querying devices that might be there.

  • We can be easily seen on this network because we’re sending packets across their network

  • Very often the evidence that we were there is stored in log files that may be on a firewall or some other device.

Examples

  • A ping scan or a port scan of a device

  • Perhaps a DNS query to the corporate DNS server

  • Performing operating system scans or operating system fingerprinting.

Explore top notes

Explore top flashcards