Domain 1: Planning and Scoping Flashcards
What are the 6 overall steps in the PenTest process?
- Planning and Scoping
- Information Gathering
- Vulnerability Analysis
- Explotation
- Post Exploitation
- Reporting
What happens during the planning and scoping phase during a Penetration Test?
- Discuss with the client their requirements for the test
- Define the scope
What is Risk?
The proability that a threat will be realised.
What is a Vulnerability?
Any weakness in a systems design or implementation
What is a Threat?
In relation to IT Security
Anything that could cause harm, loss, damage or compromise to IT systems
Where does Risk exsist?
When there is an overlap between vulnerability and threat
What is Inherent Risk?
Occurs when risk is identified but no mitigation factors are applied.
What is Residule Risk?
Occurs when risk is calculated after applying mitigations and security controls.
What is Risk Exception?
Risk created due to a security exemption being granted or failure to comply with corporate policy.
What is Risk Avoidance?
▪ Stops a risky activity or chooses a less risky alternative
▪ Eliminates the hazards, activities, and exposures with potential negative
effects
What is Risk Transfer?
Passes the risk to a third party, such as an insurance company
What is Risk Acceptance?
Accepts the current level of risk and the costs associated with it if that
risk were realized
What is Risk Appetite?
▪ The amount of risk an organization is willing to accept in pursuit of its
objectives
▪ Also called risk attitude and risk tolerance
What is Risk Tolerance?
Specific maximum risk the organization is willing to take
about a specific identified risk
What are the seven different types of controls?
- Compensative
- Corrective
- Detective
- Deterrent
- Directive
- Preventitive
- Recovery
What are Corrective controls?
● Reduces the effect of an undesirable event or attack
● Examples: fire extinguishers and antivirus solutions
What are Compensative controls?
● Used in place of a primary access control measure to mitigate a
given risk
● Example: dual control
What are Detective controls?
● Detects an ongoing attack and notifies the proper personnel
● Examples: alarm systems, closed circuit television systems, and
honeypots
What are Deterrent controls?
● Discourages any violation of security policies, both by attackers
and insiders
● Example: surveillance camera sign
What are Directive controls?
● Forces compliance with the security policy and practices within
the organization
● Example: Acceptable Use Policy (AUP)
What are Preventitive controls?
● Prevents or stops an attack from occurring
● Examples: password protection, security badges, antivirus
software, and intrusion prevention systems
What are Recovery controls?
● Recovers a device after an attack
● Examples: Disaster Recovery Plans (DRPs), backups, and continuity
of operations plans
What are the three broad catagories which covers controls?
- Administrative (Managerial)
- Logical (Technical)
- Physical
What are Administrative controls?
● Manages personnel and assets through security policies,
standards, procedures, guidelines, and baselines
● Examples: proper data classification and labeling, supervision of
personnel, and security awareness training
-
What are Logical controls?
● Implemented through hardware or software and used to prevent
or restrict access to a system
● Examples: firewalls, intrusion detection systems, intrusion
prevention systems, authentication schemes, encryption, new
protocols, auditing or monitoring software, and biometrics
Whats the difference between an Audit and Monitoring?
An Audit is a point in time evaluation whilst Monitoring is a ongoing process
What does continuous monitoring include?
● Change management
● Configuration management
● Log monitoring
● Status report analysis
What are physical controls?
● Protects the organization’s personnel and facilities
● Examples: fences, locks, security badges, proximity cards for entry
into the building, guards, access control vestibules, biometrics,
and other means of securing the facility
What is a PenTest Methodology?
▪ The systematic approach a pentester uses before, during, and after a
penetration test, assessment, or engagement
▪ Penetration tests use the same steps taken by threat actors or hackers
What are the 4 stages of the CompTIA PenTest+ methodology?
What is the name of NIST’s PenTest methodology?
NIST SP 800-115
What are the steps of the EC Council CEH PenTest methodology?