CS6262 - Penetration testing Questions And Quality Answers
Pentesting Methodology - Correct Answer Footprinting, Scanning, Enumeration, Gaining
Access, Escalating Privileges, Pilfering, Covering Tracks, Creating Back Doors
Footprinting - Correct Answer Recon and Information gathering; Target IP discovery;
Namespace acquisition; Network topology
Scanning - Correct Answer Find target machine, ports, services (versions & configs); ID related
vulnerabilities and focus on most promising
Enumeration - Correct Answer ID valid user accounts or poorly protected resources shares;
More intrusive probing than scanning
Gaining Access - Correct Answer ID a vulnerability of the target from scannning; Exploit the
vuln.
Escalating privileges - Correct Answer If only user-level access was obtained in the last step,
seek to gain complete control of the system
Pilfering - Correct Answer Gather info to allow access of trusted systems
Covering Tracks - Correct Answer Once total ownership of the target is secured, hiding this fact
from sysadmins becomes paramount
Creating backdoors - Correct Answer Trap door will be laid in various parts of the system to
ensure that privilege access is easily regained whenever the intruder decides
Events that trigger a pentest - Correct Answer Added or modified infrastructure
Pentesting Methodology - Correct Answer Footprinting, Scanning, Enumeration, Gaining
Access, Escalating Privileges, Pilfering, Covering Tracks, Creating Back Doors
Footprinting - Correct Answer Recon and Information gathering; Target IP discovery;
Namespace acquisition; Network topology
Scanning - Correct Answer Find target machine, ports, services (versions & configs); ID related
vulnerabilities and focus on most promising
Enumeration - Correct Answer ID valid user accounts or poorly protected resources shares;
More intrusive probing than scanning
Gaining Access - Correct Answer ID a vulnerability of the target from scannning; Exploit the
vuln.
Escalating privileges - Correct Answer If only user-level access was obtained in the last step,
seek to gain complete control of the system
Pilfering - Correct Answer Gather info to allow access of trusted systems
Covering Tracks - Correct Answer Once total ownership of the target is secured, hiding this fact
from sysadmins becomes paramount
Creating backdoors - Correct Answer Trap door will be laid in various parts of the system to
ensure that privilege access is easily regained whenever the intruder decides
Events that trigger a pentest - Correct Answer Added or modified infrastructure
