Domain 6, Security Assessments and Testing

Question 1

Dynamic Testing

Answer 1

tests code, while it’s being executed

Question 2

Fuzzing

Answer 2

‘black box’ testing that submits random malformed data as inputs to software to see if it crashes

Question 3

pen test

Answer 3

authorized attempt to break in

Question 4

Static testing

Answer 4

Tests code passively, code is not running

Question 5

Synthetic transactions

Answer 5

AKA Synthetic monitoring, involves building scripts or tools that simulate activities normally performed by an application.

Question 6

Scope of assessment

Answer 6

What are we testing? Why are we testing that?

Question 7

War Dialing

Answer 7

Uses a modem to dial a series of phone numbers looking for other Modems.

Question 8

Social Engineering

Answer 8

Trick people into letting you in.

Question 9

zero knowledge test

Answer 9

blind test. Hacker has zero knowledge of what they’re testing.

Question 10

Full knowledge test

Answer 10

AKA Crystal Box

Pen tester has all network info availalbe to help with testing

Question 11

Partial knowledge test

Answer 11

Tests are in between zero and full knowledge.

Question 12

Metasploit

Answer 12

open source framework for exploitations.

Question 13

Pen testing Methodology

Answer 13

• Planning
• Reconnaissance
• Scanning (enumeration)
• Vulnerability assessment
• Exploitation
• Reporting

Question 14

Vulnerability Testing/Scanning

Answer 14

Scans a network/system for a list of predefined vulnerabilities.

Question 15

Nessus

Answer 15

Vuln scan tool

Question 16

Nessus

Answer 16

Vuln scan tool

Question 17

CVSS

Answer 17

Common Vulnerability Scoring System.

List of vulnerabilities and way to score a client.

Question 18

CVSS

Answer 18

Common Vulnerability Scoring System.

List of vulnerabilities and way to score a client.

Question 19

Security assessment

Answer 19

Holistic approach to the effectiveness of access control. Broad Scope. Includes assessment of many controls across multiple domains.

Question 20

Internal audit

Answer 20

Structured and unstructured audits. Done by internal employee/team

Question 21

3rd party audit

Answer 21

Outisde view, expert consultation. Teaching moment.

Question 22

Log Reviews

Answer 22

Look at sec audit logs.

Question 23

NIST 800-92

Answer 23

Describes logs that should be getting collected

Question 24

NIST 800-92

Answer 24

Describes logs that should be getting collected

Question 25

White box software testing

Answer 25

Gives tester access to program source code, data structures, variables, etc.

Question 26

Tracability matrix

Answer 26

Can be used to map customers requirements for software test plan. Traces the requirements

Question 27

Combinatorial Software Testing

Answer 27

Black box testing method that seeks to identify and test all unique combos of software inputs.

Question 28

Unit testing

Answer 28

low level test of software components, such as objects, procedures, or functions.

Question 29

Install testing

Answer 29

Testing software as it gets installed

Question 30

Integration testing

Answer 30

Testing multiple software components as they are combined into a working system.

Question 31

Reression testing

Answer 31

test software after updates, mods, patches.

Question 32

Acceptance testing

Answer 32

Test to ensure software meets the operational requirements. When done by customer, called user acceptance testing.

Question 33

Mis-use case testing

Answer 33

Intentionally misuse software to see if you can break or cause it to misbehave.

Question 34

Interface testing

Answer 34

Testing all interfaces exposed by the application.

Question 35

test coverage analysis

Answer 35

attempts to identify the degree to which code testing applies to the application. confirm there aren’t large gaps in testing.

Question 36

Security Audit

Answer 36

A test against a published standard. An Auditor verifies that a site or organization meets the published standards.

Question 37

Breach and Attack Simulations

Answer 37

BAS, AKA Breach Attack Simulations:

BAS combines elements of vulnerability scanning and automated penetration testing. BAS tools utilize a continuously refreshed database of attack methods and newly discovered vulnerabilities to test the ability for the organization to withstand newly evolved threats.