Week 1 Flashcards
What is included in network security?
The information and functionality within the own network
Difference between pen testing or ethical hacking?
They are the same, but pentesting is often limited in time and scope, while ethical hacking is more of an ongoing process.
What are the different boxes in pen testing?
White box means full knowledge of target systems, black box means no knowledge.
What is the difference between cyber dependent crime and cyber enabled crime?
Crime that requires cyber elements vs traditional crimes that simply use cyber
What is OSINT?
Open Source Intelligence
What is enumeration?
Scanning the target to know more about its technical properties
What is horizontal privilege escalation?
Gaining access to an account with similar privileges - alternative is vertical escalation
What is post-exploitation?
When a true attacker would realise their attack objectives
What are some characteristics of black box testing?
Most similar to a real attack, captures recon-aspects of an attack, very time-consuming/expensive
What are some advantages of grey box testing?
Because some knowledge is given to the tester it speeds up the test, limits costs and can target the test on a specific aspect of security
What is a ROE document?
A rules of engagement document outlines the playing-field for the test in question. It outlines permission, scope and rules
What is an attack tree?
A way to represent a malicious objective and different paths to achieve that objective
What is a cyber kill chain?
A model which outlines the seven phases of an attack
What are the 7 steps of the cyber kill chain?
1.Reconnaisance
2.Weaponisation
3.Delivery
4.Exploitation
5.Installation
6.Command and Control
7.Actions on objectives
What is MITRE ATT&CK?
A knowledge base and model for cyber adversary behaviour. Oriented around tactics which include techniques
