You are conducting penetration testing for a customer with a tight schedule. You are now trying to gain control over a server in the DMZ. Which of the following is least likely to happen? (Wentz QOTD)
A. Scan ports using nmap
B. Gather host information using nslookup
C. Send ICMP messages with routes using ping
D. Install the weapon payload and reboot to take effect
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. Install the weapon payload and reboot to take effect.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams, and an informative reference for security professionals.
All the four options in this question may occur in a penetration test. However, pen-testing should avoid disrupting business operations. Rebooting a system will hinder availability and service level; before doing so, pen-testing rules of engagement should be considered.
Because of the nature and the intent of penetration testing, such testing in a production environment during normal business hours may impact business operations, and attempts to avoid disruption may increase the time, resources and complexity of the testing. This is especially important for high availability systems that may be impacted by penetration testing in a production environment. To avoid disruptions and to speed up testing, a separate environment that is identical to the production environment may be used for testing instead of the production environment.Source: PCI-DSS Information Supplement: Penetration Testing Guidance
Penetration Testing and Rules of Engagement
In military jargon, “Rules of Engagement” are the laws of war, the rules set forth that dictate the conditions and limitations under which military forces will initiate or continue an engagement.
Penetration Testing is a simulated offensive attack on a set of resources (sounds a little militaristic) and the rules of engagement (ROE) are meant to dictate the conditions and limitations under which the penetration tester will initiate or continue and engagement.Source: Emagined Security
- CISSP PRACTICE QUESTIONS – 20210309
- Penetration Testing Rules of Engagement (Microsoft Azure)
- Penetration test
- Penetration Testing: Step-by-Step Guide, Stages, Methods and Application
- Major Limitations of Penetration Testing You Need to Know
- Kill chain
- What is source-routing?
- IPv6 Ping Pong
- Source routing concepts
- Dual internet connections
- About IP Source Route Attacks
- DMZ to inside LAN
- Building and securing a corporate DMZ in preparation for a Data Center Migration
- Windows Server 2019 source routing must be configured to the highest protection level to prevent Internet Protocol (IP) source routing.
- Internal PenTesting approval forms
- Beginners Guide To Web Application Penetration Testing
您正在為客戶進行一個時程緊迫的雙盲(double-blind)滲透測試。你目前正試圖控制DMZ中的一台伺服器。以下哪種情況最不可能發生？ (Wentz QOTD)