Develop an Attack & Penetration Plan
1. List the 5 steps of the hacking process.
* Gaining Access
* Maintaining Access
* Covering Tracks
2. In order to exploit or attack the targeted systems, the first initial step I would do to collect as much information as possible about the targets prior to devising an attack and penetration test plan would be reconnaissance. I would use passive reconnaissance as this pertains to information gathering.
3. The reconnaissance phase can have many different faces, and depending on the goal of the attacker, various tools and applications can be used. Nslookup can ...view middle of the document...
Social engineering includes scams such as obtaining passwords by pretending to be an employee, leveraging social media to identify new employees who might be more easily tricked into providing customer information, and basically any other method to attempt to breach security by obtaining trust. The major forms of social engineering are Phishing, Baiting, and Diversion Theft.
5. Enumeration is the first attack on a target network. It is the process to gather information about a target machine by actively connecting to it. It means to identify the user account, system account, and administrative accounts. Enumeration is the same as scanning a system for vulnerabilities that can be used to attack the system itself. This is vital to any hacker’s goal since it reveals the information needed to access the target. It can include a list of usernames, groups, applications, banner settings, and auditing information.
6. In most cases, an; attacker tries to avoid detection, and will do so by covering their tracks by purging information from the system to destroy any evidence of the crime. You must be careful when doing so because sometimes it is not what was covered up or deleted, it is what is not there that can get the hacker busted.
7. If an attacker wants to regain access to an already penetrated system, depending on the goals of the attacker, they may leave behind a backdoor on the system for later use. They can be used to regain access, as well as allow any number of different scenarios to take place, such as privilege escalations or remotely controlling a system.
8. When asked to perform an intrusive penetration test that involves cracking into the organizations WLAN, and you are able to retrieve the authentication key, you should use this and continue your penetration testing. Record your results and report your findings when you are finished. But if you can get the authentication key, what else are you really able to get? You should see how far your penetration test will get you. The more information you can gather, the better off the organization will be when they know how many holes and weaknesses are in their system, and the better they can fix and maintain them.
9. NIST 800-42 encompasses security testing and penetration testing. It includes how network security testing fits into the system development life cycle and the organizational roles and responsibilities related to security testing. It also introduces the aspect of available testing techniques, their strengths and weaknesses, and the recommended frequencies for testing. Finally, it gives strategies for deploying network security testing, including how to prioritize testing activates.
10. There are four phases of penetration testing, according to NIST. They are planning, discovery, attack, and reporting. In the...