Which of the following is BEST utilized to actively test security controls on a particular system?
A.
Port scanning
B.
Penetration test
C.
Vulnerability scanning
D.
Grey/Gray box
Explanation:
Penetration testing is the most intrusive type of testing because you are actively trying to circumvent the system’s security controls to gain access to the system.
Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could
exploit. Pen tests can be automated with software applications or they can be performed manually. Either way, the process includes gathering information about the
target before the test (reconnaissance), identifying possible entry points, attempting to break in (either virtually or for real) and reporting back the findings.
The main objective of penetration testing is to determine security weaknesses. A pen test can also be used to test an organization’s security policy compliance, its
employees’ security awareness and the organization’s ability to identify and respond to security incidents. Penetration tests are sometimes called white hat attacks
because in a pen test, the good guys are attempting to break in.
Pen test strategies include:
Targeted testing
Targeted testing is performed by the organization’s IT team and the penetration testing team working together. It’s sometimes referred to as a “lights-turned-on”
approach because everyone can see the test being carried out.
External testing
This type of pen test targets a company’s externally visible servers or devices including domain name servers (DNS), e-mail servers, Web servers or firewalls. The
objective is to find out if an outside attacker can get in and how far they can get in once they’ve gained access.
Internal testing
This test mimics an inside attack behind the firewall by an authorized user with standard access privileges. This kind of test is useful for estimating how much
damage a disgruntled employee could cause.
Blind testing
A blind test strategy simulates the actions and procedures of a real attacker by severely limiting the information given to the person or team that’s performing thetest beforehand. Typically, they may only be given the name of the company. Because this type of test can require a considerable amount of time for
reconnaissance, it can be expensive.
Double blind testing
Double blind testing takes the blind test and carries it a step further. In this type of pen test, only one or two people within the organization might be aware a test is
being conducted. Double- blind tests can be useful for testing an organization’s security monitoring and incident identification as well as its response procedures.
Incorrect Answers:
A: A port scanner is a software application designed to probe a server or host for open ports. This is often used by administrators to verify security policies of their
networks and by attackers to identify running services on a host with the view to compromise it. A port scan or portscan can be defined as a process that sends
client requests to a range of server port addresses on a host, with the goal of finding an active port. While not a nefarious process in and of itself, it is one used by
hackers to probe target machine services with the aim of exploiting a known vulnerability of that service. However the majority of uses of a port scan are not attacks
and are simple probes to determine services available on a remote machine. Port scanning does not actively test security controls on a system. Therefore, this
answer is incorrect.
C: A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. The threats and vulnerabilities are then
evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as missing
patches or security updates. A vulnerability scan is considered passive in that it doesn’t actually attempt to circumvent the security controls of a system to gain
access (unlike a penetration test). Therefore, this answer is incorrect.
D: Gray box testing, also called gray box analysis, is a strategy for software debugging in which the tester has limited knowledge of the internal details of the
program. A gray box is a device, program or system whose workings are partially understood. Gray box testing does not actively test security controls on a system.
Therefore, this answer is incorrect.http://searchsoftwarequality.techtarget.com/definition/penetration-testing http://en.wikipedia.org/wiki/Port_scanner
http://searchsoftwarequality.techtarget.com/definition/gray-box