Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
44 Cards in this Set
- Front
- Back
Penetration Testing |
Simulate an attack and look for holes |
|
Penetration Testing Steps |
1. Verify a Threat Exists 2. Bypass Security Controls 3. Actively Test Security Controls 4. Exploit Vulnerabilities |
|
Verify a Threat Exists |
You need to find the threats that the system is vulnerable to which can include such things as open ports, unpatched software, weak passwords, and so on. |
|
Bypass Security Controls |
Check to see if it is possible to get around the security that you think is there. |
|
Actively Test Security Controls |
Security controls need to be constantly tested to verify that they catch/stop what they should. |
|
Exploit Vulnerabilities |
Once a vulnerability is found, it is imperative to ascertain the extent to which it can be exploited. |
|
Vulnerability Scanning |
looking for weaknesses in networks, computers, or even applications.
Ex. Nessus, Retina |
|
5 Major Tasks |
1. Passively Testing Security Controls 2. Interpreting Results 3. Identifying Vulnerability 4. Identifying Lack of Security Controls 5. Identifying Common Misconfigurations |
|
Passively Testing Security Controls |
The vulnerability scanner can test the security controls without doing any actual harm.
It looks only for the openings that are there and reports them back to you. |
|
Interpreting Results |
Interpret the results of their fi ndings and deliver a report that can be shared with management. |
|
Identifying Vulnerability |
Just knowing that the port is open means little unless you canassociate it with the vulnerability tied to it.
Ex. port 23 being open is a problem since it is commonly associated with Telnet. |
|
Identifying Lack of Security Controls |
You want to know not just what is weak, but what is missing altogether. |
|
Identifying Common Misconfigurations |
Applications and services are improperly configured in which those misconfigurations |
|
Ethical Hacking |
Identifying vulnerabilities that exist in a system for which they have authorization |
|
Black Box Testing |
Administrator acts as if they have no prior knowledge of the network in which they do not know what safeguards are in place, systems used, or any related information.
Blind |
|
White Box Testing |
Premise of knowing something about the
Full disclousure |
|
Gray Box Testing |
Between black box and white box testing.
The usual scenario trying to be re-created is that an outsider is working in conjunction with an insider who has given them some information.
Partial disclosure |
|
Risk |
What is the actual danger under consideration?
Likelihood of an attack being successful. |
|
Threat |
What are the likely causes associated with the risk?
The means and source of the potential attack. |
|
Vulnerability |
Where is the system weak?
Identify the flaws, the holes, the areas of |
|
Baseline Reporting |
Checks to make sure things are operating status quo, and change detection is used to alert when modifications are made. |
|
Code Review |
Look at all custom written code for holes that may exist.
Opportunities for injection to occur (SQL, LDAP, code, etc.), crosssite request forgery, and authentication. |
|
Determine Attack Surface |
Those who are authenticated and more importantly those who are not.
It can include the services, protocols, interfaces, and code. |
|
Architecture |
Involves using a control framework to focus on the foundational infrastructure.
WAN, the extranet, the Internet, and the intranet. |
|
Design Review |
Examines the ports and protocols used, the rules, segmentation, and access control. |
|
Rule-Based Management |
The access is granted to the object based on both the object’s sensitivity label and the user’s sensitivity label.
Ex. Top Secret, Secret, etc. |
|
Port Security |
1. MAC Limiting and Filtering 2. 802.1X 3. Disable Unused Ports |
|
Working With 802.1X |
Port-based security for wireless network access control. |
|
Flood Guards and Loop Protection |
Flood guard is a protection feature built into many firewalls that allow the administrator
Loop protection is a similar feature that works in layer 2 switching configurations and is |
|
Network Bridging |
Occurs when a device has more than one network adapter card installed and the opportunity presents itself for a user on one of the networks to which the device is attached to jump to the other. |
|
Preventing Network Bridging |
you can configure your network such that when bridging is detected, you shut off/disable that jack.
You can also create profiles that allow for only |
|
Log Analysis |
Crucial to identifying problems that occur related to security as an administrator, |
|
Manual Bypassing of Electronic Controls |
Failsafe, the application stops all work, reports an error, and closes out/exits.
Failopen, is for the application to stop running and let you know that it encountered the unexpected character. |
|
Monitoring System Logs |
These are event logs, security logs, access logs and audit logs. |
|
Security Logs/Access Logs |
The Security Logs are accessed beneath Windows Logs in Event Viewer, and each event is preceded by either a key (audit success) or a lock (audit failure). |
|
Audit Logs |
You want to verify not only that the program is running but also that the defi nition |
|
Security Posture |
The security posture is the approach a business takes to security.
Planning phase to implementation and everything in between: hardware, software, |
|
Initial Baseline Configuration |
The starting point needs to always be documented and used as the basis from which to begin making changes.
Examination of access controls, cryptography controls, integrity/auditing/monitoring controls, privacy policy, application standards, security policies, and configuration management. |
|
Continuous Security Monitoring |
Taking a snapshot of the situation at a moment in time fails to give sufficient authority, and it is important to always monitor the current environment. |
|
Remediation |
Identify the solutions to those problems and act on them. |
|
Reporting |
Almost every department generates |
|
Alarms |
Indications of a problem currently going on; think of a siren sounding when someone kicks in the door to a home. |
|
Alerts |
These are issues that you need to pay attention to but are not bringing the system to its knees at this very moment. |
|
Trends |
By focusing on trends, you can identify weaknesses in your system and areas where you need to devote more resources to |