Creado por DJ Perrone
hace casi 7 años
|
||
Pregunta | Respuesta |
What are a few types of assessment tools? | - Port Scanners - Vulnerability Scanners - Protocol Analyzer - Network Enumerator - Password Cracker - Fuzzer - Exploitation Tools/Frameworks |
What does a port scanner do? | Pings every port and protocol combination to attempt to find open ports on system. |
What does a protocol analyzer do? | Sniffs and collects raw packets from the network. |
What is a network enumerator? | Scans the network and gathers information about users, groups and shares that are visible. |
What is eavesdropping? | Malicious sniffing. |
What is fingerprinting? | Performing network enumeration. |
What is a fuzzer? | A tool that finds and exploits web application weaknesses. |
What is an HTTP interceptor? | Intercepts web traffic between a browser and a website. |
What are common exploitation tools and frameworks? | - Metasploit - CANVAS - IMPACT |
What CHAP and what is the process? | - Challenge Handshake Authentication Protocol - Router sends challenge message - Remote nodes responds with value (MD5) - Local router verifies hash. |
What is a core or memory dump? | When attackers gain access to sensitive data stored in buffers. |
What are 5 steps of penetration testing? | - Document - Gather information - Identify vulnerabilities - Execute attacks - Document results. |
What are 3 testing strategies? | - Blind test - Double Blind Test - Target Test |
What is a blind test? | - The testing team has limited knowledge of network systems and devices. - Uses only publicly available information. - Internal security team knows about test |
What is a double-blind test? | - Same as blind test except internal security team doesn't know about it either. - Requires equal effort from testing team and internal security team. |
What is a target test? | - When testing team and internal security team are given maximum information about network and type of test. |
What are 3 penetration test categories knowledge levels? | - Zero-knowledge test - Partial-knowledge test - Full-knowledge test |
What is a zero-knowledge test? | Testing team is provided no information about network. - Also called black-box (closed) testing. |
What is a partial-knowledge test? | Testing team has public knowledge about network. - Boundaries may be set. |
What is a full-knowledge test? | Testing team is provided with all information about network. |
What are three categories of penetration testing? | - Black Box - White Box - Gray Box |
What is fingerprinting? | Scanning a network and hosts to identify services and open ports. |
What are 2 forms of fingerprinting? | - Active - Passive |
What is active fingerprinting? | - When tools transmit packed to remote hosts and analyze replies for clues. |
What is passive fingerprinting? | Capturing packets sent across the network. |
What are the main 2 types of code review? | - Formal review - Lightweight |
What is a formal code review? | - Thorough, line-by-line inspection. - Time consuming |
What is a lightweight code review? | - Normal part of development process. |
What are some forms of lightweight code review? | - Pair programming - Email - Over the shoulder - Tool-assited |
What is pharming? | Pollutes the contents of a computers DNS so it re-routes web requests to bad sites. |
¿Quieres crear tus propias Fichas gratiscon GoConqr? Más información.