Question 1
Part A
The scanning stage of the CEH methodology involves reviewing the target system to identify
vulnerabilities and entry points (Packetlabs, 2023).
Two tactics from the MITRE ATT&K matrix that can be applicable in the CEH scanning stage:
“Active Scanning” and “Network Service Scanning” the former involves systematically
probing the target network for active services to uncover vulnerabilities, while the latter
scans the adversary network for active services and open ports, unveil vulnerabilities and
entryways. These tactics align with the scanning stage’s objectives.
Two tactics from the MITRE matrix that are not directly applicable to the scanning stage: “OS
Credential Dumping” which involves obtaining login and password information from the
target operating system, and “Command and Script Interpreter” which utilises execute
commands and script on target systems. While essential in later stages of the attack life
cycle, they do not directly contribute to the scanning process.
, Z7138375
Part B
The Computer Misuse Act (1990) delineates illegal use of digital operations in the UK.
Section 1 criminalises ‘unauthorised access to computer material’, individuals knowingly at
the time of accessing or performing any function to secure access to a system, knew that
they were unauthorised to do so.
Section 2 criminalises ‘intent to commit or facilitate commission of further offences. Once
guilty under Section 1, can be found guilty under this section even though the facts are such
that a further offence is impossible.
Section 3 relies on a crime under Section 1 having been committed and adds further offences
of ‘acts with intent to impair; or with recklessness as to impairing, operations of computers’,
acts that damage or alter the content of a computer system, through introducing malware,
or the effects caused by the unauthorised access.
Two penetration test breaches of the Act include unauthorised access, regardless of intent,
and system damage intentionally or unintentionally without authorisation.
To safeguard themselves, penetration testers must adhere and stay within the limitations set
in the pre-engagement and scope stages. The Penetration Testing Execution Standards (PTES)
(2022) which underscore that neglecting to thoroughly prepare and complete this stage may
result in legal repercussions/complications. Preparing and obtaining written permission
before testing are crucial steps to avoid legal consequences. Figure 1.0 summarises
protective measures against unlawful testing (Parker, 2023).
Part A
The scanning stage of the CEH methodology involves reviewing the target system to identify
vulnerabilities and entry points (Packetlabs, 2023).
Two tactics from the MITRE ATT&K matrix that can be applicable in the CEH scanning stage:
“Active Scanning” and “Network Service Scanning” the former involves systematically
probing the target network for active services to uncover vulnerabilities, while the latter
scans the adversary network for active services and open ports, unveil vulnerabilities and
entryways. These tactics align with the scanning stage’s objectives.
Two tactics from the MITRE matrix that are not directly applicable to the scanning stage: “OS
Credential Dumping” which involves obtaining login and password information from the
target operating system, and “Command and Script Interpreter” which utilises execute
commands and script on target systems. While essential in later stages of the attack life
cycle, they do not directly contribute to the scanning process.
, Z7138375
Part B
The Computer Misuse Act (1990) delineates illegal use of digital operations in the UK.
Section 1 criminalises ‘unauthorised access to computer material’, individuals knowingly at
the time of accessing or performing any function to secure access to a system, knew that
they were unauthorised to do so.
Section 2 criminalises ‘intent to commit or facilitate commission of further offences. Once
guilty under Section 1, can be found guilty under this section even though the facts are such
that a further offence is impossible.
Section 3 relies on a crime under Section 1 having been committed and adds further offences
of ‘acts with intent to impair; or with recklessness as to impairing, operations of computers’,
acts that damage or alter the content of a computer system, through introducing malware,
or the effects caused by the unauthorised access.
Two penetration test breaches of the Act include unauthorised access, regardless of intent,
and system damage intentionally or unintentionally without authorisation.
To safeguard themselves, penetration testers must adhere and stay within the limitations set
in the pre-engagement and scope stages. The Penetration Testing Execution Standards (PTES)
(2022) which underscore that neglecting to thoroughly prepare and complete this stage may
result in legal repercussions/complications. Preparing and obtaining written permission
before testing are crucial steps to avoid legal consequences. Figure 1.0 summarises
protective measures against unlawful testing (Parker, 2023).
