Professional Documents
Culture Documents
Question 01. Elaborate the necessity of the Penetration Testing Execution Standard
(PTES).
Answer:
Question 02. Simply list down, the seven phases of the PTES.
Answer:
Pre-engagement analysis
Intelligence gathering
Threat modeling
Vulnerability analysis
Exploitation
Post exploitation
Reporting
Question 03. Elaborate the seven phases of the PTES in as much detail as you can.
Answer:
Pre-engagement interactions
In this phase, the interactions span form the first contact between the client
and the pen tester to the final negotiation before the pen test begins. In this
interaction, the Goal of the pen test, Scope of the analysis and Rules of the
engagement are discussed.
Intelligence gathering
This phase represents the start of the actual test. It consists of three levels.
Level 1 is basic information gathering which is to gather information
from simple sources.
Level 2 is executing the information-gathering process by using
automated and manual tools to gain much better understanding
about target.
Level 3 is aggressive and complete level. In this level, the team is
involved to gather intimate details about the target.
Threat modeling
This phase involves mapping out the particular asset that are most likely to
be targeted by the ethical hacker, as well as the resources that will be used to
target these assets. The tester will identify the assets that are most valuable and
assets that are most vulnerable. The PTES specifies distinct four-steps process
for threat modeling:
Gathering documents
Categorizing assets (primary and secondary)
Categorizing threats (primary and secondary)
Mapping threat communities corresponding to assets.
Vulnerability analysis
This phase involves further gathering of information, this time related to
specific flaws or weaknesses in the client’s system. This stage finally uses all
intelligence to prioritize specific known or suspected vulnerabilities. The analysis
comprises of two main modes and they are Passive and Active analysis.
Exploitation
Once a target has been scanned and vulnerabilities are determined, the
actual penetration of the target can proceed. This step is intended to exploit
weakness found in the system with the intention of compromising the system and
gaining some level of access. Password cracking, Traffic sniffing, session
hijacking, brute-force attacks and man-in-the-middle attacks are the possible
attacks during this phase.
Post exploitation
Now that you are in the system, the first thing you must do is to maintain
that access. You could plant a key logger on the system with the goal of capturing
keystrokes and perhaps passwords or similar information. You could locate
encryption keys on the system and take control of them. You could even use this
time to plant a backdoor on the system and cover your tracks to avoid detection.
Reporting
The report should start with a brief overview of the penetration-testing
process. This section will be followed by an analysis of what vulnerabilities were
discovered during the test. Vulnerabilities should be organized in a way that draws
attention to their respective security levels such as critical, important or even low.
The report should also contain summary of any successful penetration scenarios,
detailed list and description of all vulnerabilities found. It should also contain
suggestions and techniques to resolve vulnerabilities that are discovered.
Question 04. List down 4 common network vulnerabilities and elaborate them in detail.
Answer:
Question 05. List down and elaborate any 2 web application vulnerabilities in brief.
Answer:
Answer: