Lab 1

Topics: Computer security, Information security, Information technology security audit Pages: 3 (567 words) Published: May 26, 2014
Lab #1
1. List the five (5) steps of the Hacking process.

Reconnaissance, Scanning, Gaining Access, Maintaining Access, Covering Tracks

2. In order to exploit or attack the targeted systems, what can you do as an initial first step to collect as much information as possible about the targets prior to devising an attack and penetration test plan?

The first step would be the reconnaissance or footprinting step of the hacking process.

3. What applications and tools can be used to perform this initial reconnaissance and probing step?

Whois query, ping sweeps, Nmap, etc

4. How can social engineering be used to gather information or data about the organization’s IT infrastructure?

Social engineering is being used to by tricking people into giving out information that is not normally publicly available.

5. What does the enumeration step of the five (5) step hacking process entail and how is it vital to the hacker’s objective?

Enumeration is used to extract more-detailed and useful information from a victim’s system.

6. Explain how an attacker will avoid being detected following a successful penetration attack?

Attacker would avoid detection by covering tracks step of the hacking process where they cover up their tracks in the system they hacked into.

7. What method does an attacker use to regain access to an already penetrated system?

The hacker will use a backdoor into the system

8. As a security professional, you have been asked to perform an intrusive penetration test which involves cracking into the organization’s WLAN for a company. While performing this task, you are able to retrieve the authentication key. Should you use this and continue testing, or stop here and report your findings to the client?

You should follow the plan that was laid out in the planning stage of the penetration test

9. Which NIST standards document encompasses security testing and penetrating testing?

NIST 800-42 guideline on network...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • MKT 571 Quizzes week 1 6 Essay
  • benetton images 1 Essay
  • APUSH Chapter 1 Cornell Notes Essay
  • Computer Lab Rules & Regulations Essay
  • Computer Lab Managemetn System Essay
  • Essay about Online Computer Labs Monitoring System
  • Campus Computer Labs: The Issue at Hand Research Paper

Become a StudyMode Member

Sign Up - It's Free