ARP poisoning - ARP poisoning refers to flooding the target machine's ARP cache with
forged entries.
Grey box testing - A combination of black box and white box testing that gives a full
inspection of the system, simulating both outside and inside attacks
NTP Enumeration - NTP stands for Ne...
ARP poisoning - ARP poisoning refers to flooding the target machine's ARP cache with
forged entries.
Grey box testing - A combination of black box and white box testing that gives a full
inspection of the system, simulating both outside and inside attacks
NTP Enumeration - NTP stands for Network Time Protocol and its role is to ensure that
the networked computer clocks are synchronized. NTP enumeration provides hackers
with information about the hosts that are connected to NTP server as well as IP
addresses, system names, and operating systems of the clients.
Active online attacks - Active online attacks require the attacker to communicate with
the target machine in order to crack the password.
Static malware analysis - Static analysis refers to analyzing malware without running or
installing it. The malware's binary code is examined to determine if there are any data
structures or function calls that have malicious behavior.
Access control - Access control attack is someone tries to penetrate a wireless network
by avoiding access control measures, such as Access Point MAC filters or Wi-Fi port
access control.
Password guessing attack steps - Find the target's username
Create a password list
Sort the passwords by the probability
Try each password
Sniffer - Packet sniffing programs are called sniffers and they are designed to capture
packets that contain information such as passwords, router configuration, traffic, and
more.
Data backup strategy steps - Identify important data
Choose the appropriate backup media
Choose the appropriate backup technology
,Choose the appropriate RAID levels
Choose the appropriate backup method
Choose the appropriate location
Choose the backup type
Choose the appropriate backup solution
Perform a recovery test
WPA2-Personal - WPA2-Personal encryption uses a pre-shared key (PSK) to protect
the network access.
Threat modeling - Threat modeling is an assessment approach in which the security of
an application is analyzed. It helps in identifying threats that are relevant to the
application, discovering application vulnerabilities, and improve the security.
Administrative security policies - Administrative policies define the behaviour of
employees.
Doxing - Doxing is revealing and publishing personal information about someone. It
involves gathering private and valuable information about a person or organization and
then misusing that information for different reasons.
Recovery controls - Recovery controls are used after a violation has happened and
system needs to be restored to its persistent state. These may include backup systems
or disaster recovery.
Confidentiality attack - Confidentiality attack is where an attacker attempts to intercept
confidential information transmitted over the network.
Proprietary Methodologies - Proprietary methodologies are usually devised by the
security companies who offer pentesting services and as such are kept confidential.
Examples of proprietary methodologies include:
-IBM
-McAfee Foundstone
-EC-Council LPT
Five stages of hacking - Reconnaissance
Scanning
Gaining access
Maintaining access
Clearing tracks
, Script kiddies - Script kiddies are hackers who are new to hacking and don't have much
knowledge or skills to perform hacks. Instead, they use tools and scripts developed by
more experienced hackers.
Application keylogger - Application keylogger is designed to observe the target's activity
whenever they type something. It can record emails, passwords, messages, browsing
activities, and more.
Ethical hacking guidelines - No test should be performed without an appropriate
permission and authorization
Keep the test results confidential (usually an NDA is signed)
Perform only those tests that the client had previously agreed upon
CVSS - The Common Vulnerability Scoring System (CVSS) provides a way to capture
the principal characteristics of a vulnerability, and produce a numerical score reflecting
its severity. The numerical score can then be translated into a qualitative representation
(such as low, medium, high, and critical) to help organizations properly assess and
prioritize their vulnerability management processes.
Man-in-the-middle attack - Man-in-the-middle attack is when an attacker gains access to
the communication channel between a target and server. The attacker is then able to
extract the information and data they need to gain unauthorized access.
Breaking WPA/WPA2 Encryption: Brute-force WPA Keys - Brute-Force WPA Keys is a
technique in which the attacker uses dictionary or cracking tools to break WPA
encryption keys. This attack takes a lot of time to break the key.
Web application threats - Attacks that take advantage of poorly written code and lack of
proper validation on input and output data. Some of these attacks include SQL injection
and cross-site scripting.
Out-of-band SQL injection - Out-of-band SQL injection is an injection attack in which the
attacker uses more channels to inject malicious queries and retrieve results.
Management zone - This is a secured zone which enforces strict policies and limits
access to a few authorized users.
List scanning - List scanning indirectly discovers hosts. This scan works by listing out IP
addresses and names without pinging the hosts and with performing a reverse DNS
resolution to identify the names of the hosts.
Types of penetration testing - Black box testing
Grey box testing
White box testing
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller EvaTee. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.
