PenTest+ Module 23 - Attacking Specialized Systems

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/43

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 2:16 AM on 7/3/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

44 Terms

1
New cards

Specialized Systems

Refers to non-traditional computing environments such as industrial control systems and technologies involving NFC

2
New cards

Jailbreaking

Enables a user to obtain root privileges, sideload apps, change or add carriers, and customize the interface of an iOS device

Biggest security risk is the removal of vendor security protections

3
New cards

Rooting

Enables a user to obtain root privileges, sideload apps, change or add carriers, and customize the interface of an Android device

Biggest security risk is the removal of vendor security protections

4
New cards

Custom Firmware / Custom ROM

A new Android OS image that can be applied to a device

5
New cards

Systemless Root

Does not modify system partitions or files and is less likely to be detected than a custom ROM

6
New cards

Sideloading

Installs an app on a mobile device directly from an installation package instead of an official store

7
New cards

Device Configuration Profiles / Protocols

Implement settings and restrictions for mobile devices from centralized mobile device management systems

8
New cards

MicroSD Hardware Security Module (HSM)

Stores the different cryptographic keys securely inside the mobile device, like a TPM module in a desktop or laptop

9
New cards

Operating System Layer - VPN

Always on

10
New cards

Application Layer - VPN

Per-app basis

11
New cards

Web-Based Layer - VPN

Location masking

12
New cards

Location Services

Refers to how a mobile device is allowed to use cellular data, Wi-Fi, GPS, and Bluetooth to determine its physical location

13
New cards

Geolocation

Uses a device’s ability to detect its location to determine if access to a particular resource should be granted

14
New cards

Geofencing

Creates virtual boundaries based on geographical locations and coordinates

15
New cards

Geotagging

Adds location metadata to files or devices

16
New cards

Mobile Security Framework (MobSF)

Automated, all-in-one mobile application pentesting framework that can perform static and dynamic analysis

17
New cards

APK Files and IPA Files

APK is the package file format used by Android OS for the distribution and installation of mobile apps

IPA files are the equivalent for Apple’s iOS

18
New cards

Frida

Open-source tool that provides powerful capabilities for penetration testing across various operating systems

Used for dynamic analysis and hooking into running applications to inspect and manipulate data during mobile penetration testing

19
New cards

Drozer

A comprehensive security and attack framework for Android

20
New cards

Android Debug Bridge (ADB)

Versatile command-line tool that allows testers to communicate with an Android device

21
New cards

Bluejacking

Practice of sending unsolicited messages to Bluetooth-enabled devices, this can be done using the device’s Bluetooth messaging feature

22
New cards

Bluetooth Spamming

Sends multiple unsolicited messages or files to Bluetooth devices, often to overwhelm or spread malware

23
New cards

Radio Frequency Identification (RFID)

A form of radio frequency transmission modified for use in authentication systems

24
New cards

EM4100

Older RFID badges relied on this system which uses 125 kilohertz technologies

25
New cards

Near Field Communication (NFC)

Uses radio frequency to send electromagnetic charge containing the transaction data over a short distance

26
New cards

Prompt Injection Attacks

Targets AI systems that rely on user inputs to generate responses

Implement input validation and sanitization

27
New cards

Model Manipulation

Tampering with an AI model’s parameters, training data, or operational environment to alter its behavior

  1. Ensure the integrity of the training data

  2. Monitor the training process for any anomalies

  3. Safeguard the AI model’s environment with robust security measures

  4. Implement continuous monitoring and validation of the model’s outputs

28
New cards

Operational Technology (OT)

Designed to implement an industrial control system rather than business and data networking systems

Think about technology that interacts with the real world

29
New cards

Industrial Control System (ICS)

Provides the mechanisms for workflow and process automation by using embedded devices

Single plant or system

30
New cards

Fieldbus

Links different programmable logic controllers together

31
New cards

Programmable Logic Controller (PLC)

Enables automation in assembly lines, autonomous field operations, robotics, and other applications

Can be programmed to conduct an action based on an input it receives from a given sensor

32
New cards

Human-Machine Interface (HMI)

Input and output controls on a PLC that allow a user to configure and monitor the system

33
New cards

Ladder Logic

Programming language entered into the system through the creation of a graphical diagram used in the PLCs

34
New cards

Data Historian

Aggregates and catalogs data from multiple sources within an ICS by collecting all the events generated from the control loop

35
New cards

Supervisory Control and Data Acquisition (SCADA)

A type of ICS that manages large scale, multiple-site devices and equipment over a geographic region from a host computer

Many different ICS and / or DCS plants interconnected through a wide area network

36
New cards

Controller Area Network (CAN)

Designed to allow communications between embedded programmable logic controllers

With a car-based CAN, a user can connect to the controller area network using the OBD-II port

37
New cards

On-Board Diagnostic II (OBD II) Port

Designed for troubleshooting by plugging a diagnostic tool into the OBD-II port and receiving a code indicating the vehicle issue

38
New cards

Controller Area Network (CAN) Bus

A contention-based network like Ethernet, meaning devices send data and, if a collision occurs, they resend the data

39
New cards

Modbus

Gives control servers and the SCADA host the ability to query and change configurations of each PLC over a network

40
New cards

Data Distribution Service (DDS)

Provides network interoperability and facilitates the required scalability, performance, and QoS features

41
New cards

Safety Instrumented System (SIS)

Composed of sensors, logic solvers, and control elements to return an industrial process to a safe state after detecting a predetermined condition

42
New cards

Wireshark

A network protocol analyzer that captures and inspects packets in real-time

43
New cards

Tcpdump

A command-line packet analyzer used to capture and display packet headers

44
New cards

Scapy

Used for packet crafting, manipulation, and network testing