Ethical Hacking & Penetration Testing Module Quiz

Questions and Answers

Which of the following best describes the primary goal of the Ethical Hacking and Penetration Testing module?

To provide students with an overview of computer networks.

To teach students how to develop secure software applications.

To train students to become cybersecurity consultants.

To equip students with the skills to identify and address vulnerabilities in computer systems. (correct)

The module leader's office is permanently located in MAE 329.

False

Name one of the two lecturers who teach the Ethical Hacking and Penetration Testing module.

Nemitari Ajienka or Kwame Assa-Agyei

Module specifications can be found in the Learning Room on ______.

NOW

Match the learning outcomes with their respective categories:

Demonstrate an understanding of penetration testing methodologies = Knowledge and Understanding Apply penetration testing techniques to identify and exploit vulnerabilities = Skills, qualities and attributes Demonstrate an understanding of ethical considerations. = Knowledge and Understanding

What accreditation does the Module Leader, Dr Nemitari Ajienka hold?

Certified Security Testing Associate

The module focuses solely on the theoretical aspects of penetration testing, excluding practical skills.

False

According to the description, what is one aspect of penetration testing that students will assess in this module?

the ethical and legal considerations

Proper pre-engagement activities are essential to mitigate risks like unsatisfied customers, scope creep, and potential legal issues.

True

What is the primary purpose of defining the scope in a penetration test?

All of the above

What is the difference between a network penetration test and a web penetration test?

A network penetration test focuses on vulnerabilities within the network infrastructure, including routers, switches, firewalls, and servers. A web penetration test specifically targets vulnerabilities within web applications, such as login forms, data input fields, and web server configurations.

During a penetration test, if a system is compromised, the testing team should determine how to proceed based on the ______ guidelines.

engagement

Match the type of penetration test with its relevant questions:

Network Penetration Test = How many IP addresses are being tested? Web Penetration Test = How many web applications are being assessed? Wireless Penetration Test = How many wireless networks are in place? Physical Penetration Test = How many locations are being assessed?

Which of the following factors would be considered during a physical penetration test?

All of the above

When assessing a guest wireless network, it is not necessary to determine if authentication is required.

False

What is the significance of understanding the square footage of coverage for a wireless network during a wireless penetration test?

Knowing the square footage of coverage helps the penetration tester determine the range of the wireless network and identify potential vulnerabilities related to signal strength and coverage gaps.

What should you do after validating the country in penetration testing?

Review the laws of the specific country

You should register on Immersive Labs using any email address.

False

What is the code used to register on Immersive Labs?

CYBER-MILLION

The section on information gathering and footprinting will cover __________ techniques.

reconnaissance

Match the following resources with their purpose:

Immersive Labs = Interactive lab platform for practice Penetration Testing Cheat Sheet = Resource for penetration testing techniques Google Dorks Lab = Exercise for searching vulnerabilities online Virtual Box/VMWare = Software for virtual machine hosting

What is a primary motivation for black hat hackers?

To break into systems and exploit vulnerabilities

Grey hats are typically engaged in illegal hacking without any professional responsibilities.

False

What type of hacker is motivated by political and ideological concerns?

Hacktivists

Black hats break into systems and share ___________ to exploit vulnerabilities.

malicious code

Match the types of hackers with their descriptions:

Black Hats = Malicious hackers who exploit vulnerabilities White Hats = Ethical hackers who improve security Grey Hats = Hackers straddling ethical lines Hacktivists = Political or ideological motivated hackers

Which of the following is NOT a motivation for hackers?

Boredom

Ethical hackers do not require permission to test systems.

False

What can result from operating outside the parameters of permitted activity in ethical hacking?

Dangerous consequences

What is the primary purpose of ethical hacking?

To protect systems by identifying and fixing vulnerabilities

A 'blackhat hacker' is known for their ethical intentions.

False

What role do 'script kiddies' play in the hacking community?

They use scripts created by others to hack without understanding the underlying technology.

A _____ is a hacker who uses skills for unlawful acts or mischief.

cracker

Which of the following is NOT a tool required for penetration testing?

Photoshop

Match the following hacker types with their descriptions:

Blackhat Hacker = Engages in illegal hacking for personal gain Ethical Hacker = Uses hacking skills to improve security Cracker = Deliberately creates mischief using their skills Script Kiddie = Uses scripts created by others without full understanding

The Internet provides an advantage to hackers by allowing them to attack from anywhere.

True

Name one strategy included in defensive security tools.

Controls, Auditing or Policies

Which of the following is NOT a primary focus of ethical hacking?

Exploiting vulnerabilities for financial gain

Penetration testing is solely concerned with identifying vulnerabilities and not with documenting findings.

False

What is the purpose of using OSINT in the context of penetration testing?

To gather publicly available information about a target.

The process of gathering information about a target before conducting penetration testing is known as __________.

reconnaissance

Which tool is commonly used for exploitation in penetration testing?

Metasploit

Match the following aspects of penetration testing with their respective descriptions:

Vulnerability Assessment = Identifying and assessing software vulnerabilities Exploitation = Interacting with systems to gain unauthorized access Legal Considerations = Ensuring compliance with laws related to hacking Reporting = Documenting findings and recommending security measures

Social engineering techniques are not relevant to penetration testing.

False

Mention one method used in vulnerability assessment to identify weaknesses in systems.

Common Vulnerabilities and Exposures (CVE)

Study Notes

Ethical Hacking and Penetration Testing - Module Overview

• The module is COMP40741
• Module Leader: Dr. Nemitari Ajienka, Senior Lecturer, Certified Security Testing Associate (7Safe, GCHQ Accredited)
• Module Team: Dr. Kwame Assa-Agyei, Lecturer
• Module aims to equip students with knowledge, skills, and ethical considerations to identify and address vulnerabilities in computer systems
• The module aims to introduce students to ethical hacking and penetration testing principles, methodologies, and tools
• The module will develop practical skills to identify and exploit vulnerabilities in computer systems
• The module will evaluate ethical and legal considerations surrounding penetration testing
• The module will cover the importance of risk assessment and mitigation in cybersecurity

Module Specification

• Module information is available online in the NOW learning room
• It covers overview and aims, module content, delivery methods and schedule, indicative reading, learning outcomes, and assessment

Learning Outcomes

• Knowledge and understanding:
  • Demonstrate understanding of penetration testing methodologies
  • Demonstrate understanding of ethical hacking principles and methodologies
  • Evaluate legal and ethical implications of penetration testing
  • Identify, analyse and assess vulnerabilities and threats in computer systems
• Skills, qualities, and attributes:
  • Apply penetration testing techniques to identify and exploit vulnerabilities
  • Develop effective strategies for securing computer systems and networks
  • Communicate security findings and recommendations through comprehensive reports
  • Demonstrate critical thinking in risk assessment and mitigation

Assessment

• 30%: Online in-class test (Individual, K1-K3) - assesses theoretical aspects of penetration testing, ethical hacking, and legal/ethical considerations
• 70%: Report (Individual, K1, K4, S1-S4) - assesses practical hands-on penetration testing project, demonstrating ability to identify and exploit vulnerabilities, mitigate risks, provide actionable recommendations, and communicate findings

Provisional Module Content

• Weeks 1-3: Introduction to Ethical Hacking and Pentesting, Overview of penetration testing methodologies, Information Gathering and Footprinting, Scanning and Enumeration
• Weeks 4-5: Vulnerability Assessment
• Weeks 6-8: Exploitation Techniques and tools, Windows and Linux machines, Password Cracking, Post-exploitation strategies and privilege escalation
• Week 9: Legal and Ethical considerations, Reporting and documentation standards, Risk Assessment and Mitigation
• Week 10: Social engineering techniques/tactics and Support Sessions

Resources/Reference Texts

• Graham, D. G. (2021). Ethical hacking: a hands-on introduction to break in
• Oriyano, S-P. (2017). Penetration testing essentials
• Khawaja, G. (2021). Kali Linux penetration testing bible
• Sabih, Z. (2018). Learn ethical hacking from scratch.
• Baloch, R. (2015). Ethical Hacking and Penetration Testing Guide

Web-based Resources and Tools

• Immersive Labs, Digital Cyber Academy, VMware/Virtual Box, Kali Linux, Metasploitable, Seedubuntu, Ubuntu

Best Security Strategy

• Defensive: Controls, Auditing, Policies, Standards, Guidelines, Designing and Implementing Secure Network Architecture
• Offensive:Pen Testing, Ethical Hacking, Security Assessment, Risk Assessments, Stress Testing

Unfair Security Challenge

• The internet allows attackers to target systems from anywhere worldwide.
• Security needs to address every vulnerability

Who is the Enemy?

• In the 1960s and 1970s, "hacker" referred to a computer expert
• By the 1970s onwards, the term "hacker" became associated with those gaining unauthorized access or engaging in computer-related criminal activities.

Other names for the enemy

• Crackers: Hackers who use their skills for unlawful acts or mischief
• Script Kiddies: Use scripts to perform unauthorized acts without full understanding
• Blackhat hackers: Engage in cybercrimes for profit, espionage, vandalism, or ideological purposes

Their motivations

• Profit (ransomware, scareware, financial data or intellectual property theft)
• Fun/Challenge (e.g., hacking a NASA system)
• Information Systems Criminals (Espionage, fraud, abuse to gain a competitive edge)
• Vandals (Motivated by Anger)
• Political and Ideological (e.g., hacktivism)
• Power/Anger/Sadistic

Goodies or Baddies?

• Black Hats: Break into systems, develop tools

• Grey Hats: Work as security professionals during the day and hackers at night

• White Hats: Part of the security community, help find flaws and make security improvements

• Ethical hacking is for educational purposes only, not real-world attacks.

Permission/Privacy

• Obtain permission and understand what's allowed in ethical hacking
• Permission doesn't grant a free license to do anything
• Sensitive information must remain confidential

Responsible Disclosure

• Informing companies of security vulnerabilities to help prioritize patching
• Negotiate a period of time for patching before public disclosure to minimize potential exploitation

Legislations

• Laws exist globally regarding computer misuse and unauthorized access. (e.g., Computer Misuse Act 1990 (UK), Computer Fraud and Abuse Act 1986 (USA))

What is Ethical Hacking / Penetration Testing?

• It's a legal and authorized attempt to exploit computer systems to improve security
• Probing vulnerabilities, "Proof of Concept" attacks. Finding weaknesses
• Recommendations for addressing issues
• The idea is that security professionals use the same tools as malicious hackers to find and exploit vulnerabilities, but ethically

Importance of Studying Ethical Hacking/Penetration Testing

• Career prospects, EC-Council Cyber Career Paths list
• Vulnerability Assessment and Penetration Testing (VAPT) Career Paths
• Penetration Testing Framework: Information gathering, Target Scanning, Vulnerability Assessment, Exploitation of Weaknesses, Privilege Escalation, Retaining Access, Covering Tracks

Types of Penetration Testing

• Network / Infrastructure pentest
• Database pentest
• Web pentest
• Wireless pentest
• Social Engineering pentest
• Physical pentest

Types of Penetration Tests

• Black box - No prior information given
• White box - Penetration testers have all details of the network/application
• Grey box - Penetration testers have some details about the target

Pre-Engagement

• Conversations with the client (target) to determine the exact requirements
• Different levels of penetration tests
• Simple IP addressing tests
• Single physical location
• Simulate complete attack by a real attacker
• Requires written permission to perform tests

Topics for Pre-engagement

• Scope, Documentation, Rules of Engagement, Third-Party-Hosted/Cloud Environments, Success Criteria, Review of Past Threats/Vulnerabilities, Avoiding scan interference on security appliances

Defining Scope

• Important part in penetration testing, but easily overlooked
• Pre-engagement helps avoid issues like scope creep, unsatisfied customers, and legal problems, by specifying what will be tested

Questions - Network Penetration Test

• Customer reasons for penetration testing
• Timing for various aspects of the test
• Number and range of IP addresses to be tested
• Existing devices (firewall, IDS/IPS, WAF, load balancers) which influence the test
• How the test team should proceed if a system is penetrated

Questions - Web Penetration Test

• Number of web applications/login/static/dynamic pages
• Availability of source code
• Documentation requirements
• Role-based/credentialed scans

Questions - Wireless Penetration Test

• Number of wireless networks
• Guest network requirements
• Encryption types and Coverage
• Rogue device enumeration
• Assessment of wireless client and network attacks

Questions - Physical Penetration Test

• Number of locations, shared facilities
• Which floors and areas are in scope
• Bypassing security guards
• Entry points
• Use of tools (lock picks, bump keys)
• Compliance with policies/procedures, audit purposes
• Security measures, video cameras
• Access to video camera data storage
• Alarm systems

Questions - Social Engineering Testing

• Email/phone lists
• Social Engineering attack focus
• Unauthorized physical access approval

Scope Creep

• Scope creep is a common issue in penetration testing
• Defining start/end dates, IPs/domains
• Dealing with third-party involvement is key
• Security between different data domains

ISP (Internet Service Provider)

• Verify ISP terms of service
• Involving MSSPs (Managed Security Service Providers) for systems/services they manage
• If testing response times is part of the test, MSSP notification might not be the best approach
• Validate hosting server locations, reviewing local laws

This Week's Lab

• Complete introductory material on Immersive Labs, with the code CYBER-MILLION for registration
• Utilize VM software to practice

Reading List

• Penetration Testing Cheat Sheet

Next Week

• Information Gathering and Footprinting: Passive/Active info gathering, Open-source intelligence (OSINT) techniques

Description

Test your understanding of the Ethical Hacking and Penetration Testing module. This quiz covers key aspects such as learning outcomes, accreditation, and the practical applications of penetration testing. Dive into the differences and importance of various penetration testing approaches.