Exam (elaborations)
D484 Pentest with complete solutions 2025
- Course
- Institution
D484 Pentest with complete solutions 2025
[Show more]
Content preview
D484: Pentest with completesolutions 2025
Threat Actor Process
Reconnaissance
scanning
gain access
maintain access
cover tracks
Structured Pentesting Process
planning/scoping
reconnaissance
scanning
gain acess
maintain access
cover tracks
analysis
reporting
Previous
Play
Next
Rewind 10 seconds
Move forward 10 seconds
Unmute
0:01
/
0:15
Full screen
Brainpower
Read More
planning/scoping
, when the team meets with the stakeholders to outline a plan for the
PenTest. Some of the information obtained includes the rules of
engagement, budget, technical constraints along with the types of
assessments, and selection of targets.
reconnaissance
focuses on gathering as much information about the target as possible.
This process includes searching information on the Internet, using Open-
Source Information Gathering Tools (OSINT), along with social networking
sites and company websites.
scanning
is a critical phase as it provides more information about available network
resources. identifies live hosts, listening ports, and running services. In
addition, the team uses enumeration to gather more detailed information
on usernames, network shares, services, and DNS details.
gaining access
occurs after the team has gathered information on the network. In this
phase, the team will attempt to gain access to the system, with the goal of
seeing how deep into the network they can travel. Then once in, the team
will attempt to access protected resources.
maintaining access
once the team is in the system the goal is to maintain access undetected
for as long as possible
covering tracks
removes any evidence that the team was in the system, including
executable files, rootkits, logs, and any user accounts that were used
during the exercise.
analysis
occurs after the team has completed the exercise, and will go through the
results of all activities, analyze the findings, and derive a summary of
their risk rating.
reporting
will deliver the results and any remediation suggestions to the
stakeholders, along with a realistic timeline of reducing risk and
implementing corrective actions.
4 Steps of CompTIA PenTesting Process
Planning and scoping
Information gathering and vulnerability scanning
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller BRAINBOOSTERS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
77254 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now