Penetration Testing in Cybersecurity
25 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Get most fleeting information ____________________

first

Create 1:1 copies of evidence (imaging) to preserve the original system in the ____________________

evidence locker

Always work on ____________________ of evidence, never the original

copies

Deleted files may be recovered from ____________________ space

<p>slack</p> Signup and view all the answers

Data can be hidden in other data through a process called ____________________

<p>steganography</p> Signup and view all the answers

Locating hidden or encrypted data is difficult and might even be ____________________

<p>impossible</p> Signup and view all the answers

Event reconstruction requires utilization of system and external information, including ____________________ files

<p>log</p> Signup and view all the answers

A compromised system can be identified by comparing it against a known good ____________________

<p>state</p> Signup and view all the answers

The authorship analysis determines who or what kind of person created a ____________________

<p>file</p> Signup and view all the answers

An investigator may have to appear in court as an expert ____________________

<p>witness</p> Signup and view all the answers

Get most fleeting information ____________________

<p>first</p> Signup and view all the answers

Create 1:1 copies of evidence (imaging) to preserve the original system in the ____________________

<p>evidence locker</p> Signup and view all the answers

Always work on ____________________ of evidence, never the original

<p>copies</p> Signup and view all the answers

Deleted files may be recovered from ____________________ space

<p>slack</p> Signup and view all the answers

Data can be hidden in other data through a process called ____________________

<p>steganography</p> Signup and view all the answers

Locating hidden or encrypted data is difficult and might even be ____________________

<p>impossible</p> Signup and view all the answers

Event reconstruction requires utilization of system and external information, including ____________________ files

<p>log</p> Signup and view all the answers

A compromised system can be identified by comparing it against a known good ____________________

<p>state</p> Signup and view all the answers

The authorship analysis determines who or what kind of person created a ____________________

<p>file</p> Signup and view all the answers

An investigator may have to appear in court as an expert ____________________

<p>witness</p> Signup and view all the answers

Federated identity management allows users to use different identification credentials for each network they access.

<p>False</p> Signup and view all the answers

Most sophisticated attacks only target vulnerable victims.

<p>False</p> Signup and view all the answers

Next-generation 911 call centers are not vulnerable to cyberattacks because they use traditional landlines.

<p>False</p> Signup and view all the answers

Cyberattacks are no longer a major concern for national and economic security.

<p>False</p> Signup and view all the answers

A telephone denial of service (TDoS) attack uses email spam against a target network.

<p>False</p> Signup and view all the answers

Study Notes

Penetration Testing

  • A penetration test (pentest) evaluates the strengths of all security controls on a computer system, including procedural, operational, and technological controls.
  • Organizations that need penetration testing include banks, financial institutions, government organizations, online vendors, and any organization processing and storing private information.
  • Certifications often require or recommend regular penetration testing to ensure system security.
  • Penetration testing can be performed from an external or internal viewpoint, and can be overt or covert.
  • The phases of penetration testing include:
    • Reconnaissance and Information Gathering: discovering information about a target without making network contact.
    • Network Enumeration and Scanning: discovering existing networks and live hosts.
    • Vulnerability Testing and Exploitation: checking for known vulnerabilities and assessing their severity.
    • Reporting: organizing and documenting information found during the test.

Phases of Penetration Testing

Reconnaissance and Information Gathering

  • Purpose: to discover as much information about a target as possible without making network contact.
  • Methods:
    • Organization info discovery via WHOIS
    • Google search
    • Website browsing

Network Enumeration and Scanning

  • Purpose: to discover existing networks and live hosts.
  • Methods:
    • Scanning programs (Nmap, autoscan)
    • DNS Querying
    • Route analysis (traceroute)

Vulnerability Testing and Exploitation

  • Purpose: to check for known vulnerabilities and assess their severity.
  • Methods:
    • Remote vulnerability scanning (Nessus, OpenVAS)
    • Active exploitation testing
    • Login checking and brute forcing
    • Vulnerability exploitation (Metasploit, Core Impact)
    • Post-exploitation techniques to assess severity

Reporting

  • Purpose: to organize and document information found during the test.
  • Methods:
    • Documentation tools (Dradis)
    • Organizing information by hosts, services, identified hazards, and risks

How to Become a Penetration Tester

  • Stay up to date on recent developments in computer security.
  • Become proficient in C/C++ and a scripting language like PEARL.
  • Consider obtaining certifications like Microsoft, Cisco, and Novell.
  • Penetration testing certifications include CEH and GPEN.

Digital Forensics

  • Emerging discipline in computer security.
  • Investigation that takes place after an incident has happened.
  • Goals: to answer questions about who, what, when, where, why, and how.
  • Branches of digital forensics:
    • Computer Forensic
    • Firewall Forensic
    • Database Forensic
    • Network Forensic
    • Mobile Device Forensic
    • Forensic Data Analysis

Digital Evidences

  • Definition: any data recorded or preserved on a digital device that can be read or understood by a person or computer system.
  • Characteristics:
    • Admissible
    • Authentic
    • Fragile
    • Accurate
  • Examples of digital evidence:
    • Email
    • Digital photographs
    • ATM transaction logs
    • Word processing documents
    • Internet browser history

Types of Digital Evidences

  • Persistence Data: data remains intact when the digital device is turned off.
  • Volatile Data: data would be lost if the digital device is turned off.
  • Location of Evidence:
    • Internet history file
    • Temporary internet file
    • Newsgroup
    • File storage dates
    • Personal chatroom records

Investigation Phases

Phase 1: Acquisition

  • Purpose: to recover as much evidence as possible without altering the crime scene.
  • Methods:
    • Documenting as much as possible
    • Maintaining Chain of Custody
    • Determining if an incident actually happened
    • Determining the type of system to be investigated
    • Acquiring fleeting information first
    • Creating 1:1 copies of evidence
    • Locking up the original system in the evidence locker

Phase 2: Recovery

  • Purpose: to extract data from acquired evidence.
  • Methods:
    • Working on copies, not originals
    • Extracting data, deleted data, and "hidden" data
    • File systems and metadata
    • Recovering deleted files
    • Slack space analysis
    • Steganography analysis
    • Encrypted data analysis

Phase 3: Analysis

  • Purpose: to locate contraband material, reconstruct events, determine if a system was compromised, or perform authorship analysis.
  • Methods:
    • Locating specific files
    • Determining if existing files are illegal
    • Utilizing system and external information
    • Establishing a timeline of events
    • Comparing against known good state

Phase 4: Presentation

  • Purpose: to present findings in a clear and concise manner.
  • Challenges:
    • Presenting complex technical information to non-technical audiences
    • Ensuring the integrity of the evidence
    • Ensuring the accuracy of the analysis

Forensics Tools

  • Acquisition:
    • dd, pdd
    • SafeBack, etc.
  • Recovery:
    • Encase
    • TCT and Sleuth Kit
  • Analysis:
    • ?Presentation
    • ?DF Investigator Profile

DF Investigator Profile

  • Understanding of relevant laws
  • Knowledge of file systems, OS, and applications
  • Knowledge of tools and how to use them
  • Ability to explain technical concepts in simple terms

Penetration Testing

  • A penetration test (pentest) evaluates the strengths of all security controls on a computer system, including procedural, operational, and technological controls.
  • Organizations that need penetration testing include banks, financial institutions, government organizations, online vendors, and any organization processing and storing private information.
  • Certifications often require or recommend regular penetration testing to ensure system security.
  • Penetration testing can be performed from an external or internal viewpoint, and can be overt or covert.
  • The phases of penetration testing include:
    • Reconnaissance and Information Gathering: discovering information about a target without making network contact.
    • Network Enumeration and Scanning: discovering existing networks and live hosts.
    • Vulnerability Testing and Exploitation: checking for known vulnerabilities and assessing their severity.
    • Reporting: organizing and documenting information found during the test.

Phases of Penetration Testing

Reconnaissance and Information Gathering

  • Purpose: to discover as much information about a target as possible without making network contact.
  • Methods:
    • Organization info discovery via WHOIS
    • Google search
    • Website browsing

Network Enumeration and Scanning

  • Purpose: to discover existing networks and live hosts.
  • Methods:
    • Scanning programs (Nmap, autoscan)
    • DNS Querying
    • Route analysis (traceroute)

Vulnerability Testing and Exploitation

  • Purpose: to check for known vulnerabilities and assess their severity.
  • Methods:
    • Remote vulnerability scanning (Nessus, OpenVAS)
    • Active exploitation testing
    • Login checking and brute forcing
    • Vulnerability exploitation (Metasploit, Core Impact)
    • Post-exploitation techniques to assess severity

Reporting

  • Purpose: to organize and document information found during the test.
  • Methods:
    • Documentation tools (Dradis)
    • Organizing information by hosts, services, identified hazards, and risks

How to Become a Penetration Tester

  • Stay up to date on recent developments in computer security.
  • Become proficient in C/C++ and a scripting language like PEARL.
  • Consider obtaining certifications like Microsoft, Cisco, and Novell.
  • Penetration testing certifications include CEH and GPEN.

Digital Forensics

  • Emerging discipline in computer security.
  • Investigation that takes place after an incident has happened.
  • Goals: to answer questions about who, what, when, where, why, and how.
  • Branches of digital forensics:
    • Computer Forensic
    • Firewall Forensic
    • Database Forensic
    • Network Forensic
    • Mobile Device Forensic
    • Forensic Data Analysis

Digital Evidences

  • Definition: any data recorded or preserved on a digital device that can be read or understood by a person or computer system.
  • Characteristics:
    • Admissible
    • Authentic
    • Fragile
    • Accurate
  • Examples of digital evidence:
    • Email
    • Digital photographs
    • ATM transaction logs
    • Word processing documents
    • Internet browser history

Types of Digital Evidences

  • Persistence Data: data remains intact when the digital device is turned off.
  • Volatile Data: data would be lost if the digital device is turned off.
  • Location of Evidence:
    • Internet history file
    • Temporary internet file
    • Newsgroup
    • File storage dates
    • Personal chatroom records

Investigation Phases

Phase 1: Acquisition

  • Purpose: to recover as much evidence as possible without altering the crime scene.
  • Methods:
    • Documenting as much as possible
    • Maintaining Chain of Custody
    • Determining if an incident actually happened
    • Determining the type of system to be investigated
    • Acquiring fleeting information first
    • Creating 1:1 copies of evidence
    • Locking up the original system in the evidence locker

Phase 2: Recovery

  • Purpose: to extract data from acquired evidence.
  • Methods:
    • Working on copies, not originals
    • Extracting data, deleted data, and "hidden" data
    • File systems and metadata
    • Recovering deleted files
    • Slack space analysis
    • Steganography analysis
    • Encrypted data analysis

Phase 3: Analysis

  • Purpose: to locate contraband material, reconstruct events, determine if a system was compromised, or perform authorship analysis.
  • Methods:
    • Locating specific files
    • Determining if existing files are illegal
    • Utilizing system and external information
    • Establishing a timeline of events
    • Comparing against known good state

Phase 4: Presentation

  • Purpose: to present findings in a clear and concise manner.
  • Challenges:
    • Presenting complex technical information to non-technical audiences
    • Ensuring the integrity of the evidence
    • Ensuring the accuracy of the analysis

Forensics Tools

  • Acquisition:
    • dd, pdd
    • SafeBack, etc.
  • Recovery:
    • Encase
    • TCT and Sleuth Kit
  • Analysis:
    • ?Presentation
    • ?DF Investigator Profile

DF Investigator Profile

  • Understanding of relevant laws
  • Knowledge of file systems, OS, and applications
  • Knowledge of tools and how to use them
  • Ability to explain technical concepts in simple terms

Penetration Testing

  • A penetration test (pentest) evaluates the strengths of all security controls on a computer system, including procedural, operational, and technological controls.
  • Organizations that need penetration testing include banks, financial institutions, government organizations, online vendors, and any organization processing and storing private information.
  • Certifications often require or recommend regular penetration testing to ensure system security.
  • Penetration testing can be performed from an external or internal viewpoint, and can be overt or covert.
  • The phases of penetration testing include:
    • Reconnaissance and Information Gathering: discovering information about a target without making network contact.
    • Network Enumeration and Scanning: discovering existing networks and live hosts.
    • Vulnerability Testing and Exploitation: checking for known vulnerabilities and assessing their severity.
    • Reporting: organizing and documenting information found during the test.

Phases of Penetration Testing

Reconnaissance and Information Gathering

  • Purpose: to discover as much information about a target as possible without making network contact.
  • Methods:
    • Organization info discovery via WHOIS
    • Google search
    • Website browsing

Network Enumeration and Scanning

  • Purpose: to discover existing networks and live hosts.
  • Methods:
    • Scanning programs (Nmap, autoscan)
    • DNS Querying
    • Route analysis (traceroute)

Vulnerability Testing and Exploitation

  • Purpose: to check for known vulnerabilities and assess their severity.
  • Methods:
    • Remote vulnerability scanning (Nessus, OpenVAS)
    • Active exploitation testing
    • Login checking and brute forcing
    • Vulnerability exploitation (Metasploit, Core Impact)
    • Post-exploitation techniques to assess severity

Reporting

  • Purpose: to organize and document information found during the test.
  • Methods:
    • Documentation tools (Dradis)
    • Organizing information by hosts, services, identified hazards, and risks

How to Become a Penetration Tester

  • Stay up to date on recent developments in computer security.
  • Become proficient in C/C++ and a scripting language like PEARL.
  • Consider obtaining certifications like Microsoft, Cisco, and Novell.
  • Penetration testing certifications include CEH and GPEN.

Digital Forensics

  • Emerging discipline in computer security.
  • Investigation that takes place after an incident has happened.
  • Goals: to answer questions about who, what, when, where, why, and how.
  • Branches of digital forensics:
    • Computer Forensic
    • Firewall Forensic
    • Database Forensic
    • Network Forensic
    • Mobile Device Forensic
    • Forensic Data Analysis

Digital Evidences

  • Definition: any data recorded or preserved on a digital device that can be read or understood by a person or computer system.
  • Characteristics:
    • Admissible
    • Authentic
    • Fragile
    • Accurate
  • Examples of digital evidence:
    • Email
    • Digital photographs
    • ATM transaction logs
    • Word processing documents
    • Internet browser history

Types of Digital Evidences

  • Persistence Data: data remains intact when the digital device is turned off.
  • Volatile Data: data would be lost if the digital device is turned off.
  • Location of Evidence:
    • Internet history file
    • Temporary internet file
    • Newsgroup
    • File storage dates
    • Personal chatroom records

Investigation Phases

Phase 1: Acquisition

  • Purpose: to recover as much evidence as possible without altering the crime scene.
  • Methods:
    • Documenting as much as possible
    • Maintaining Chain of Custody
    • Determining if an incident actually happened
    • Determining the type of system to be investigated
    • Acquiring fleeting information first
    • Creating 1:1 copies of evidence
    • Locking up the original system in the evidence locker

Phase 2: Recovery

  • Purpose: to extract data from acquired evidence.
  • Methods:
    • Working on copies, not originals
    • Extracting data, deleted data, and "hidden" data
    • File systems and metadata
    • Recovering deleted files
    • Slack space analysis
    • Steganography analysis
    • Encrypted data analysis

Phase 3: Analysis

  • Purpose: to locate contraband material, reconstruct events, determine if a system was compromised, or perform authorship analysis.
  • Methods:
    • Locating specific files
    • Determining if existing files are illegal
    • Utilizing system and external information
    • Establishing a timeline of events
    • Comparing against known good state

Phase 4: Presentation

  • Purpose: to present findings in a clear and concise manner.
  • Challenges:
    • Presenting complex technical information to non-technical audiences
    • Ensuring the integrity of the evidence
    • Ensuring the accuracy of the analysis

Forensics Tools

  • Acquisition:
    • dd, pdd
    • SafeBack, etc.
  • Recovery:
    • Encase
    • TCT and Sleuth Kit
  • Analysis:
    • ?Presentation
    • ?DF Investigator Profile

DF Investigator Profile

  • Understanding of relevant laws
  • Knowledge of file systems, OS, and applications
  • Knowledge of tools and how to use them
  • Ability to explain technical concepts in simple terms

Cybersecurity and Data Power

  • Great businesses have been created by collecting and harnessing the power of data and data analytics.
  • These businesses have the responsibility to protect this data from misuse and unauthorized access.
  • The growth of data has created great opportunities for cybersecurity specialists.

Cybersecurity Domains

  • Cyber experts now have the technology to track worldwide weather trends, monitor the oceans, and track the movement and behavior of people, animals, and objects in real-time.
  • New technologies, such as Geospatial Information Systems (GIS) and the Internet of Everything (IoE), have emerged.
  • These technologies depend on collecting and analyzing tremendous amounts of data.

Cybersecurity Criminals

  • Hackers can be categorized into three types:
    • White hat attackers: break into networks or computer systems to discover weaknesses and improve security.
    • Gray hat attackers: may find a vulnerability and report it to the owners of the system if it coincides with their agenda.
    • Black hat attackers: unethical criminals who violate computer and network security for personal gain or malicious reasons.

Cybersecurity Criminals (Cont.)

  • Script Kiddies: teenagers or hobbyists with little or no skill, often using existing tools or instructions found on the Internet to launch attacks.
  • Vulnerability Brokers: gray hat hackers who attempt to discover exploits and report them to vendors for prizes or rewards.
  • Hacktivists: gray hat hackers who rally and protest against different political and social ideas.
  • Cyber Criminals: black hat hackers who are either self-employed or working for large cybercrime organizations.
  • State Sponsored Hackers: either white hat or black hat hackers who steal government secrets, gather intelligence, and sabotage networks.

Thwarting Cyber Criminals

  • Coordinated actions to limit or fend off cyber criminals include:
    • Vulnerability Database: National Common Vulnerabilities and Exposures (CVE) database provides a publicly available database of all known vulnerabilities.
    • Early Warning Systems: The Honeynet project provides a HoneyMap which displays real-time visualization of attacks.
    • Share Cyber Intelligence: InfraGard is an example of sharing cyber intelligence to prevent hostile cyberattacks.
    • ISM Standards: The ISO 27000 standards provide a framework for implementing cybersecurity measures within an organization.

Common Threats

  • Cybersecurity threats are particularly dangerous to certain industries and the type of information they collect and protect.
  • Threats can come from:
    • Personal Information
    • Medical Records
    • Education Records
    • Employment and Financial Records
    • Network services like DNS, HTTP, and Online Databases
    • Packet sniffing and forgery
    • Rogue devices, such as unsecured Wi-Fi access points

Spreading Cybersecurity Threats

  • Threats can originate from within an organization or from outside.
  • Internal threats can cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices.
  • External threats can exploit vulnerabilities in networked devices or use social engineering to gain access.

Spreading Cybersecurity Threats (Cont.)

  • Vulnerabilities of Mobile Devices: the inability to centrally manage and update mobile devices poses a growing threat to organizations that allow employee mobile devices on their networks.
  • Emergence of Internet-of-Things (IoT): the connection of various devices to the Internet increases the amount of data that needs protection.
  • Impact of Big Data: big data poses both challenges and opportunities based on three dimensions: volume, velocity, and variety.

Spreading Cybersecurity Threats (Cont.)

  • Threat Complexity:
    • Advanced Persistent Threats (APTs): continuous computer hacks that occur under the radar against a specific object.
    • Algorithm attacks: track system self-reporting data and use it to select targets or trigger false alerts.
    • Intelligent selection of victims: sophisticated attacks only launch if the attacker can match the signatures of the targeted victim.

Threat Complexity (Cont.)

  • Broader Scope and Cascade Effect:
    • Federated identity management: multiple enterprises that let their users use the same identification credentials to gain access to the networks of all enterprises in the group.
  • Safety Implications:
    • Emergency call centers in the U.S. are vulnerable to cyberattacks that could shut down 911 networks, jeopardizing public safety.
    • Telephone denial of service (TDoS) attacks: use phone calls against a target telephone network, tying up the system and preventing legitimate calls from getting through.

Studying That Suits You

Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

Quiz Team

Description

This quiz evaluates your understanding of penetration testing, a crucial aspect of cybersecurity. Penetration testing is a simulated cyber attack against a computer system, network, or web application to assess its security.

More Like This

Are You a Network Penetration Testing Pro?
6 questions
Network Penetration Testing
5 questions

Network Penetration Testing

ComfortableBowenite avatar
ComfortableBowenite
Network Security Scanning
39 questions

Network Security Scanning

FresherGyrolite5304 avatar
FresherGyrolite5304
Use Quizgecko on...
Browser
Browser