Penetration Testing Overview

Questions and Answers

Which programming languages are commonly used by experienced penetration testers?

• Scratch, Pascal, and Assembly
• Perl, C, and Java (correct)
• Ruby, Swift, and Go
• HTML, CSS, and PHP

What characterizes the black box model of penetration testing?

• Full access to network architecture is provided
• The tester has partial information about the system
• The tester can access all internal and external documentation
• The tester does not receive any details about the network (correct)

What is one illegal action in terms of cybersecurity?

• Performing a Denial of Service attack (correct)
• Accessing a computer with permission
• Installing antivirus software
• Conducting a security assessment with client consent

Which of the following is NOT a characteristic of ethical hacking?

Ability to exploit systems for personal gain (B)

What is the purpose of a 'tiger box' in penetration testing?

A collection of operating systems and hacking tools (B)

Which statement about laws involving technology is true?

You should verify what is legal in your local area. (A)

Which of the following best defines a gray box model in penetration testing?

Tester receives partial information about the system (B)

What must one be aware of regarding the tools used in penetration testing?

Some tools might be illegal and require local compliance. (A)

What is a primary characteristic of Local Area Networks (LANs)?

They facilitate communication in a small geographical area. (A)

What is the primary function of the Transport layer in the TCP/IP model?

Error recovery and flow control (B)

Which device connects any combination of LANs and WANs according to the TCP/IP model?

Router (D)

What is a downside of using circuit switching for data transmission?

It is inefficient for bursty traffic. (A)

Which of the following steps is NOT part of the communication process in circuit switching?

Data encryption (A)

In the TCP/IP model, which layer is responsible for session management?

Session (B)

Which of the following best describes the purpose of the Presentation layer in the TCP/IP model?

Providing data independence (B)

In packet switching, how is data transmitted?

In short packets that are routed through the network. (D)

Why is circuit switching considered acceptable for voice communication?

It ensures maximum speed during data transfer. (D)

The TCP/IP model can be characterized by how many layers?

4 layers (D)

What does a packet contain in packet switching?

A header with routing information. (A)

Which of these layers does the Data Link layer in TCP/IP operate at?

Data Link layer (C)

What was the original purpose of the research that led to the development of TCP/IP protocols in the 1970s?

To establish ARPANET for military communication (B)

Which one of the following statements about WANs is true?

They are generally slower and more expensive than LANs. (C)

What is a notable feature of packet switching compared to circuit switching?

It allows links to be shared among different data transmissions. (B)

What device is used primarily to extend the span of a single LAN?

Hub (A)

What is the primary concept behind packet switching?

Data is divided into packets that are forwarded independently. (A)

What does each intermediate node maintain in packet switching?

A routing table for decision-making. (B)

How does the Virtual Circuit approach handle packet transmission?

A predetermined route is established before packet transmission begins. (C)

What is a disadvantage of the Datagram approach?

Packets may arrive at their destination out of order. (C)

Which statement accurately describes the operation of packet switching?

Packets can be prioritized during transmission when necessary. (D)

In the Datagram approach, what must every packet include?

Both source and destination addresses. (A)

What is a key feature of the Virtual Circuit approach concerning packet forwarding?

The virtual circuit number is used for forwarding decisions. (B)

Which characteristic differentiates packet switching from circuit switching?

Packet switching allows for better link utilization by sharing resources. (D)

What does the IP layer guarantee regarding packet delivery?

Unreliable delivery of packets (D)

What is the minimum size of an IP header expressed in 32-bit words?

5 (B)

Which field in the IP header is responsible for identifying the IP protocol version in use?

VER (A)

Which of the following statements about IP datagrams is true?

All packets are treated as independent by the IP layer (D)

What is the primary function of the Time to Live (TTL) field in the IP header?

To determine the maximum time a packet can exist in the network (A)

In IPv4, the length of the HLEN field specifies what aspect of the IP header?

The length of the header in 32-bit words (D)

What does the encapsulation process in the IP layer involve?

Prepending a header to the data chunk from higher layers (B)

Which of the following best describes the structure of an IP datagram?

Contains a fixed-size header and a variable size data payload (B)

Flashcards are hidden until you start studying

Study Notes

Penetration Testing

• Experienced penetration testers use various programming languages for creating scripts, including Perl, C, C++, Python, JavaScript, Visual Basic, SQL, and more.

Penetration Testing Methodologies

• A Tiger box is a collection of operating systems and hacking tools commonly found on a laptop. It assists penetration testers and security testers in vulnerability assessments and attacks.
• The white box model involves the tester having full knowledge of the network topology and technology. The tester can interview IT personnel and company employees, simplifying their task.
• The black box model restricts the tester from knowing any details about the network, requiring independent discovery.
• The gray box model combines elements of both the white and black box models, providing partial information to the tester.

Legal Considerations

• Technology laws evolve rapidly, making it crucial to understand local regulations. These laws vary geographically, so it is essential to be aware of permitted and prohibited activities.
• Certain tools might be illegal to possess. It is advisable to consult local law enforcement agencies before installing hacking tools.
• Written laws are subject to interpretation, and governments are increasing penalties for cybercrimes.

Illegal Activities

• Accessing a computer without authorization is illegal.
• Other prohibited actions include:
  • Installing worms or viruses
  • Denial of Service attacks
  • Denying users access to network resources
• It is important to ensure actions do not hinder customer workflow.

Ethical Hacking

• Ethical hacking requires:
  • Knowledge of network and computer technology
  • Effective communication with management and IT personnel
  • Understanding relevant laws
  • Proficiency in utilizing necessary tools

Ethical Hacking Course Outline

• The course will cover:
  • Relevant networking technologies
  • Basic cryptographic concepts
  • Case studies of secure applications
  • Unconventional attacks
  • Tool demonstrations

Networking Concepts

• A computer network is a communication system that interconnects computers or hosts.
• The primary reasons for using a network include:
  • Enhanced connectivity
  • Improved communication
  • Easier resource sharing
  • Bringing people together

Types of Networks

• A Local Area Network (LAN) connects hosts within a small geographical area, such as a room, building, or campus. It offers faster speeds and lower costs.
• A Wide Area Network (WAN) connects hosts spread over a wider geographic range, including campuses, cities, countries, or continents. WANs are slower and more expensive.

Data Communication over Networks

• Two main approaches for data communication:
  • Circuit switching establishes a dedicated communication path between two stations, following a fixed route with a logical channel on each physical link.
  • Packet switching involves transmitting data in short packets. Each packet contains a header with routing information.

Circuit Switching

• Circuit switching requires three steps:
  • Connection establishment: before data transmission
  • Data transfer: at maximum speed
  • Connection termination: after data transmission for resource deallocation

Circuit Switching Drawbacks

• Channel capacity is dedicated for the duration of communication, suitable for voice communication but inefficient for bursty traffic like data.
• Initial delay for connection establishment.

Packet Switching

• A modern form of long-distance data communication that shares network resources and allows for better utilization.
• Data is transmitted in short packets (around kilobytes).
• A message is divided into smaller chunks called packets, each containing a header with routing information.

Packet Switching Concept

• The store-and-forward concept is employed, where intermediate nodes receive the entire packet, determine the route, and forward it accordingly.

Packet Switching Advantages

• Improved link utilization due to resource sharing.
• Suitability for bursty computer traffic.
• Easy buffering and data rate conversion.
• Packet prioritization is possible if required.

Packet Transmission Approaches

• Two approaches for packet transmission:
  • Virtual circuits: similar to circuit switching but shares links.
  • Datagrams: each packet is transmitted independently without route establishment.

Virtual Circuit Approach

• Analogy: Telephone system
• A route is set up before packet transmission.
• Packets follow the same path but do not have dedicated links.
• Intermediate nodes use a table created during route establishment for packet forwarding.

Datagram Approach

• Analogy: Postal system
• No pre-established route.
• Packets are transmitted independently with no history maintained.
• Dynamic routing decisions are made by intermediate nodes using a routing table.

Datagram Approach Problems

• Packets may be delivered out of order.
• Packet loss during temporary node crashes.
• Duplicate packets may occur.
• Routes packets through point-to-point links.

Layered Network Architecture

• The layered network architecture defines communication functions for efficient data transfer.
  • Application layer: interface for user applications.
  • Presentation layer: provides data independence.
  • Session layer: manages network sessions.
  • Transport layer: ensures reliable end-to-end data transfer with error recovery and flow control.
  • Network layer: performs packet routing and addressing.
  • Data link layer: manages physical link errors.
  • Physical layer: governs physical transmission of data.

Data Flow

• Data flows through the layers, starting from the application layer down to the physical layer and back up, interacting with the corresponding layers on the receiving device.

Internetworking Devices

• Hub: extends the coverage of a single LAN.
• Bridge/Layer-2 switch: connects multiple LANs, operating at the data link layer level.
• Router/Layer-3 switch: connects various LANs and WANs, operating at the network layer level.

Typical Internetworking Structure

• Demonstrates connections between various devices and networks, including LANs, WANs, routers, and switches.

TCP/IP Protocol Stack

• TCP/IP (Transmission Control Protocol/Internet Protocol) is a foundational protocol for internet communication.
• It enables computers to communicate and share resources effectively.

TCP/IP Standard

• It serves as a standard to bridge the gap between incompatible platforms.
• Development of TCP/IP began in the 1970s, funded by the US Military's Advanced Research Project Agency (ARPA)

Network Layering in TCP/IP

• TCP/IP follows a simplified four-layer model instead of the seven-layer OSI model.

TCP/IP Layers

• The TCP/IP protocol stack comprises four layers:
  • Application
  • Transport
  • Internet
  • Network Access

TCP/IP Encapsulation

• TCP/IP encapsulates data by adding headers at each layer, providing information for routing and flow control.

TFTP Encapsulation

• Data is encapsulated with headers for TFTP, UDP, IP, and Ethernet at each layer.

The IP Layer

• The IP layer provides a connectionless, unreliable delivery system for packets.
  • Each packet functions independently.
  • It does not maintain a history.
  • Packets must contain source and destination addresses.
  • Delivery of packets is not guaranteed.

IP Layer Encapsulation

• The IP layer receives data from higher layers (TCP or UDP), prepends a header (minimum 20 bytes) with routing and flow control information.

IP Datagram Format

• An IP datagram includes:
  • Version (VER)
  • Header Length (HLEN)
  • Service Type
  • Total Length
  • Identification
  • Flags
  • Fragment Offset
  • Time to Live
  • Protocol
  • Header Checksum
  • Source IP Address
  • Destination IP Address
  • Options
  • Data

IP Header Fields

• Version (VER): Specifies the version of the IP protocol (typically 4).
• Header Length (HLEN): Describes the header length in 32-bit words (minimum 5, maximum 15).
• Service Type: Indicates the priority and type of service for the data.
• Total Length: Specifies the total length of the IP datagram, including header and data.
• Identification: A unique identifier for each datagram, used for fragmentation and reassembly.
• Flags: Control flags related to fragmentation, such as Don't Fragment (DF) and More Fragments (MF).
• Fragment Offset: Indicates the position of a fragment within an original datagram.
• Time to Live (TTL): Determines the maximum number of hops a datagram can traverse before being discarded.
• Protocol: Identifies the higher-layer protocol (e.g., TCP or UDP) carried within the datagram.
• Header Checksum: A checksum of the header, used to detect errors in the header during transmission.
• Source IP Address: The IP address of the sending host.
• Destination IP Address: The IP address of the receiving host.
• Options: Optional fields for advanced routing and security features.
• Data: The actual data being transmitted.