The Questions:
1. What is a "honeypot"?
Honeypot is usually used as network intrusion detection systems. A honeypot will contain fake/false data and information and performance like a computer or server to trap any unauthorized use of information system. Normally honeypot will be isolated from “real network” and used for monitor and alarm system to alert network administrator if detect any malicious or suspicious activity.
2. What is "blackholing"?
When there is incoming or outgoing traffic is silently discarded or dropped in a network, then blackholing is happening. Blackholing is commonly used to defence against spam or DDOS attack. When there is DDOS attack happen, the Internet Service Provider will blocks the packets from the sources domain
…show more content…
Define the term "exploit".
By using the advantage of bug or vulnerability to manipulate a software or system.
15. What is “vulnerability”?
A weakness of a system or a security hole of a system.
16. In 1989 Clifford Stoll wrote a book called "The Cuckoo's Egg". Explain the relevance of the book's title.
Tracking a spy through the maze of computer espionage.
17. Define dictionary attacks and brute force attacks. How are they similar, and different?
Dictionary attacks is an attack that used for defeating a cipher or authentication mechanism by trying to guess its decryption key by using words from dictionary.
Bruce force attack is an attack that systematically checks all possible combination of keys or password until the correct one has being found. Bruce force is more effective on short password.
18. Explain the difference between a penetration test and a security audit.
Penetration test is software testing on a system that looks for security hole or vulnerability. The main goal is to identify the high-risk vulnerabilities and fix it before attacker fined it.
Security audit is a measurable technical assessment of a system. Penetration test is a part of security audit. At the end of security audit process, there will be report-generated use for future reference and mitigation plan if
The oppressive nature of our environment inevitably degrades inherent human qualities. One Flew Over the Cuckoo’s Nest was influenced by Kesey’s paradigm of the 1960’s and representative of a generation which believed they could alter the consciousness of themselves and their nation through drugs, sex and rebellion against societal regulations. Kesey portrays the mental ward as a metaphorical microcosm of an oppressed society and thus critiques this notion. Through the rendition of Dale Harding’s mannerism in the metaphor “We'd be rabbits wherever we were—we're all in here because we can't adjust to our rabbithood”, Kesey is able to symbolise the destruction of the human quality; self-awareness. The negative connotation of the rabbit portrays the
The most common type of DOS attack is ending traffic to a network address. This will cause the network to slow down. The attacker must already know a weakness of some sort on the network, or the attacker just goes
9. NIST 800-42 encompasses security testing and penetration testing. It includes how network security testing fits into the system development life cycle and the organizational roles and responsibilities related to security testing. It also introduces the aspect of available testing techniques, their strengths and weaknesses, and the recommended frequencies for testing. Finally, it gives strategies for deploying network security testing, including how to prioritize testing activates.
Essentially, performing a penetration test on a web application or web server, prior to implementation, is critical to exposing and/or correcting any existing security flaws. In fact, such penetration testing is critical to ensuring the confidentiality, integrity, and availability (CIA) of a given web application or service. Also, penetration testing should be performed on a regular basis, or whenever a given web application or service is modified, in order to detect any possible security vulnerabilities and/or flaws.
• Brute Force: is considered to be a passive attack in which the intruder will generate every possible
12. What constitutes a situation in which a penetration tester should not compromise or access a system as part of a controlled penetration test?
The chosen software tools are offline password attack (John the Ripper) and (RainbowCrack) which they both are from similar Cyber Security attacks under password cracking tools. John the Ripper is free on multi-platform as it combines various password cracking features in one package. RainbowCrack uses rainbow crack tables that are updated periodically. After calculations, the results are stored, which were obtained in the tables is called a rainbow table. The process of creating rainbow tables takes very long time, but when the program works it’s done very fast.
Defining Vulnerabilities are challenging most of the time, because it is not known what to look for? What is the threat an attacker is interested to take in looking for vulnerability? Most of the cases, when attacker obtains a copy of software or OS they are targeting and conduct their testing in their own environment, there is very little risk in finding vulnerabilities. This situation happens most often, where attacker tries to replicate the real world scenario in lab. However, it is not always possible for an attacker to replicate as the real world scenario is too elaborate and
Penetration testing is when a company pays a specialist to try and break into their network and relay back to them any vulnerabilities they may find. Now
Cain and Able is a tool used to recover or crack passwords by means of Cryptanalysis, Brute-Force and Dictionary. Cryptanalysis makes password cracking feasible by means of Faster Cryptanalytic time-memory trade off (Montoro). This hacking method uses large collection of encrypted passwords referred to as Rainbow tables to increase the recovery time. During the lab exercise, only the Brute-Force and Dictionary hacking method were used with LAN Manager (LM) and NT LAN Manager (NTLM) hashing algorithm.
After completing the penetration test, discovering the vulnerabilities and exploits in a company’s network and systems, a report must be compiled to present to the board members and management so they can understand what exactly you did as a penetration tester. Writing the penetration report is overlooked by many beginner and unethical penetration testers because the job has been done but now the results and findings need to be communicated back to the people that hired you for the job.
Network and web application penetration testing offer great means which the Department of Health and Human Services' (HHS) Office of Inspector General (OIG) has utilized to determine just that. Both of these methods are helping the OIG to determine security effectiveness.
In cutting edge business situations that depend vigorously on data innovation, the system security review or evaluation is a crucial part of system support and repair. A system security advisor will regularly play out a review as the primary stage in giving counseling administrations to a business. Notwithstanding, these establishment building reviews, organizations should likewise perform system security reviews or appraisals all the time to guarantee ideal execution.
Vulnerability assessment is to find weak points and take a more holistic view of safety. Penetration testing is a concentrated attack one or more vulnerabilities that are widely known already exist or are suspected of existing. Vulnerability scale now beyond technology operational processes such as patch management and incident management have a significant impact on the life cycle analysis vulnerability. Vulnerability can predict the effectiveness of the proposed measures and assess their actual effectiveness after they are put into use.