CompTIA PenTest+ Certification For Dummies. Glen E. Clarke

Чтение книги онлайн.

Читать онлайн книгу CompTIA PenTest+ Certification For Dummies - Glen E. Clarke страница 16

CompTIA PenTest+ Certification For Dummies - Glen E. Clarke

Скачать книгу

      Planning and scoping

      The first phase of the penetration testing process is planning and scoping. This phase is important as it is when you identify the goals of the penetration test, the timeframe, and the rules of engagement (the types of attacks you are allowed and not allowed to perform during the pentest).

      The planning and scoping phase should start with a pre-engagement meeting that determines the extent of the penetration test, such as whether the testing will include internal and external assets. In this phase, you will also determine what systems need to be tested, the best time for testing, and the types of attacks that are allowed and not allowed.

      An important part of the planning and scoping phase is to create a statement of work that specifies exactly what is to be tested and to get written authorization from a person of authority for the business that gives you permission to perform the penetration test. Remember that attacking and exploiting systems without prior authorization is illegal.

      Fortheexam For the PenTest+ certification exam, remember to get written authorization from an authorized party such as the company owner or an upper-level manager before moving on to phase two of the penetration testing process.

      Chapter 2 covers planning and scoping.

      Information gathering and vulnerability identification

      The second phase of the penetration testing process is the information gathering and vulnerability identification phase, which is also known in other pentest models as the “reconnaissance phase.” This phase can be broken into two subphases: information gathering as the first subphase, and vulnerability identification as the second subphase.

      Information gathering

      The information gathering part of the penetration test is a time-consuming part of the penetration test. It involves both passive and active information gathering.

      Active information gathering involves using tools to communicate with the company’s network and systems to discover information about its systems. For example, doing a port scan to find out what ports are open on the company’s systems is considered active because in order to know what ports are open on each system, you have to communicate with those systems. Once you start communicating with the company’s network, you risk detection, which is why these techniques are categorized differently than passive information gathering techniques. Note that active information gathering is also known as active reconnaissance.

      Vulnerability identification

      Once the information gathering subphase is complete, you should now have a listing of the ports open on the system and potentially a list of the software being used to open those ports. In the vulnerability identification subphase, you research the vulnerabilities that exist with each piece of software being used by the target. Vulnerability identification also involves using a vulnerability scanner to automate the discovery of vulnerabilities that exist on the target networks and systems.

      Chapters 3 and 4 cover information gathering and vulnerability identification.

      Attacks and exploits

      The third phase of the penetration testing process is to perform the attacks and exploit systems. In this phase, with knowledge of the vulnerabilities that exist on the targets, you can then break out the penetration tools to attack and exploit the systems. This involves social engineering attacks, network attacks, software attacks such as SQL injection, and wireless attacks against wireless networks.

      Once a system is compromised, you can then perform post-exploitation tasks, which involve collecting more information about the system or planting a backdoor to ensure you can gain access at a later time.

      Chapters 5 through 10 cover attacks and exploits.

      Reporting and communication

      The fourth and final phase of the penetration testing process is reporting and communication. These tasks are the reason the penetration test was performed in the first place: to report on the findings and specify remediation steps the customer can take to reduce or eliminate the threats discovered.

      During this phase, you will write a report of the actions you performed during the penetration test and the results of the testing. You will also include recommendations on how to better secure the systems in the report. The report will be delivered to the customer in the sign-off meeting, and the customer will sign-off on the completion of the penetration test.

      Chapter 11 covers reporting and communication.

Illustration summarizing the 4 phases of the CompTIA penetration testing process: 1. Planning and scoping; 2. Information gathering; 3. Attack and exploit; 4. Reporting and communicating results.

      Graphic designed and created by Brendon Clarke.

      This chapter highlights a number of concepts and terminology related to penetration testing that you should be familiar with when preparing for the CompTIA PenTest+ certification exam. Following is a quick review of some of the key points to remember from this chapter:

       Two reasons to conduct a penetration test are to better secure the company assets, or to be compliant with regulations governing your organization.

       You can have a penetration test performed by internal staff or an external third party. If internal staff is used, be sure those conducting the penetration test are not members of the team responsible for managing or configuring the systems being tested.

       You

Скачать книгу