pen testing Flashcards
(17 cards)
Front
Back
What is penetration testing?
A simulated real-world cyberattack to assess how deeply an attacker could access a system under different knowledge scenarios.
What is ethical hacking?
A professional practice where trained individuals identify and fix vulnerabilities before malicious actors can exploit them.
What is a red team exercise?
An advanced simulation that mimics real adversary behavior to test organizational defenses, especially the blue team’s incident response.
How does JHD distinguish pentests from red team exercises?
Pentests aim to generate a report and evidence; red team exercises are operational drills testing the organization’s real-time responses.
What are the four types of penetration tests under PCI DSS?
- Network 2. Web application 3. Wireless 4. Social engineering.
What are the seven phases of a typical pentest?
- Pre-engagement 2. Intelligence Gathering 3. Threat Modeling 4. Vulnerability Analysis 5. Exploitation 6. Post-Exploitation 7. Reporting.
What is the difference between vulnerability scanning and pentesting?
Vulnerability scanning is automated and broad; pentesting is manual, deeper, and simulates a real attacker’s behavior.
What is an internal vulnerability scan?
A scan performed inside the organization every 3 months to detect and resolve high or critical vulnerabilities.
What is an external vulnerability scan?
Conducted by an Approved Scanning Vendor (ASV) from outside the organization at least quarterly to detect exposed issues.
What is required in a penetration testing methodology?
It must be documented and cover application and network layers, segmentation, threat history, and retention of findings.
What kinds of attacks must software be tested against?
Injection (e.g., SQL), cryptographic flaws, access control bypass, buffer/data attacks, business logic flaws, and all high-risk vulnerabilities.
What is a Software Bill of Materials (SBoM)?
An inventory of components (custom, third-party) used in software, aiding vulnerability and patch management.
What are ‘firewall’ requirements under PCI DSS?
Web-facing apps must have an automated system that detects and blocks or alerts on attacks, with active logging and updates.
What is a limitation of Web Application Firewalls (WAFs)?
Many WAFs are bypassed or run in alert-only mode, reducing effectiveness despite high costs and expectations for protection or compliance.
What tools are commonly used in pentesting?
Tools include both commercial and open source suites like Kali Linux, which bundles over 600 tools for varied testing needs.
What’s a key insight from real-world pentesting stories?
Success often involves guesswork, intuition, and exploiting poor design (e.g., overly privileged interfaces), showing the need for human creativity.
