Chapter 1.4 Flashcards
action on objectives
Action on objectives refers to the adversary or penetration tester stealing data from one or more systems (a.k.a. data exfiltration).
passive reconnaissance
Vulnerability scanning generally uses passive reconnaissance techniques. A vulnerability scanner would probe the network or application to try to discover issues but would not attempt to exploit any vulnerabilities found.
Vulnerability scanning
Vulnerability scanning is the process of auditing a network (or application) for known vulnerabilities. Vulnerability scanning does not exploit any vulnerabilities discovered.
Active reconnaissance
Penetration testing is an active reconnaissance technique, and requires active testing of security controls, such as exploiting vulnerabilities.
