Security+ Penetration Testing Steps and Life Cycle

Description

CompTIA Information Technology (Security+ ) Flashcards on Security+ Penetration Testing Steps and Life Cycle, created by Lyndsay Badding on 26/04/2023.
Lyndsay Badding
Flashcards by Lyndsay Badding, updated more than 1 year ago
Lyndsay Badding
Created by Lyndsay Badding over 1 year ago
5
0

Resource summary

Question Answer
Pen Test Step 1 Verify a threat exists done through research, social engineering, scanning, vuln assess tools, or OSINT
Pen Test Step 2 Bypass security controls test all weaknesses previously discovered
Pen Test Step 3 Actively testing security controls check for config vulnerabilities such as weak passwords
Pen Test Step 4 Exploit vulnerabilities prove the vuln exists and the risk is high
Pen Test Life Cycle #1 Persistence the ability to reconnect to a compromised system at will
Pen Test Life Cycle #2 Privilege Escalation horizontal or vertical
Pen Test Life Cycle #3 Lateral Movement gaining control over endpoints and devices not initially exploited
Pen Test Life Cycle #4 Pivoting gaining access to another device using remote access or tunneling protocols
Pen Test Life Cycle #5 Actions on Objectives the pen tester is showing that it's possible to exfiltrate data, deface a website, or more
Pen Test Life Cycle #6 Cleanup remove any backdoors, tools, software, files, etc that was used for the pen test
Show full summary Hide full summary

Similar

CCNA Security 210-260 IINS - Exam 3
Mike M
Application of technology in learning
Jeff Wall
Innovative Uses of Technology
John Marttila
Ch1 - The nature of IT Projects
mauricio5509
The Internet
Gee_0599
CCNA Answers – CCNA Exam
Abdul Demir
SQL Quiz
R M
Professional, Legal, and Ethical Issues in Information Security
mfundo.falteni
System Analysis
R A
Flash Cards Networks
JJ Pro Wrestler
EDUC260- Multimodal Literacies for a Digital Age
angelwoo2002