Created by Lyndsay Badding
over 1 year ago
|
||
Question | Answer |
Pen Test Step 1 | Verify a threat exists done through research, social engineering, scanning, vuln assess tools, or OSINT |
Pen Test Step 2 | Bypass security controls test all weaknesses previously discovered |
Pen Test Step 3 | Actively testing security controls check for config vulnerabilities such as weak passwords |
Pen Test Step 4 | Exploit vulnerabilities prove the vuln exists and the risk is high |
Pen Test Life Cycle #1 | Persistence the ability to reconnect to a compromised system at will |
Pen Test Life Cycle #2 | Privilege Escalation horizontal or vertical |
Pen Test Life Cycle #3 | Lateral Movement gaining control over endpoints and devices not initially exploited |
Pen Test Life Cycle #4 | Pivoting gaining access to another device using remote access or tunneling protocols |
Pen Test Life Cycle #5 | Actions on Objectives the pen tester is showing that it's possible to exfiltrate data, deface a website, or more |
Pen Test Life Cycle #6 | Cleanup remove any backdoors, tools, software, files, etc that was used for the pen test |
Want to create your own Flashcards for free with GoConqr? Learn more.