Question

In: Computer Science

A company contracted security consultant to perform a remote white box penetration test. The company wants...

A company contracted security consultant to perform a remote white box penetration test. The company wants the consultant to focus on internet-facing services without negatively impacting Production Services. Which of the following is the consultant most likely to use to identify the company's attack surface? Select 2

  1. Web crawler

  2. WHOIS registry

  3. DNS records

  4. companies firewall ACL

  5.   internal routing tables

  6. directory service queries

Solutions

Expert Solution

Solution for the above question

An attack surface is simply the possible number ways an attacker can get into the system. So to prevent such conditions, Consultant must use the following to identify the attack surface.

1. WHO IS registry :

  • WHOIS is a domain name internet registrar and they manages the reservations of internet domain names.
  • Using WHOIS, one can query multiple WHOIS databases on the internet locating the suspected IP allocations or finding the suspected domain names etc.

2. Company's firewall ACL

  • ACLs are used to permit or deny requests on the system.
  • Routers in our network has ACLs that filters traffic.
  • We always want to include a deny ip any any statement in our ACL at the end.
  • This is not necessary to drop traffic, but it does have the router keep statistics on the number of matches on this statement.
  • This can be useful in determining whether an attack is occurring.
  • ACLs are most common is determining DOS attacks.
  • Reasons why rest of the options are not preffered but they can help in some way.

1. Web Crawler :

  • Web crawler's job is to get the requested page in the internet.
  • And since web crawlers get infected or malicious and also the fact that they just get the pages and have no logs about it so there is no efficient way of extracting any information from the web crawler.

2.DNS record :

  • DNS Record provide information regarding domain names.
  • It can only be used to get the IP information about the domain names that are suspected.
  • Whereas WHOIS registry can give a lot more information that that.

3. Internet Routing Tables :

  • Routing tables just typicaly stores the routing addresses of all the routers in the networks.
  • They can only be used to know the address of an suspected router and nothing more.

4. Directory service queries :

  • They are used to extract information about the network addresses given we have the network resources or vice versa.
  • This is also not a great help in determining the attack surfaces.

venereology answered 9 months ago
Next > < Previous

Related Solutions

As a penetration tester and security consultant, you have been engaged by a company to assist...
As a penetration tester and security consultant, you have been engaged by a company to assist them in selecting an Intrusion Detection System (IDS) for their infrastructure. They're considering installing a signature or anomaly based IDS product. They've asked you to provide a concise analysis of the strengths and potential weaknesses of each of the IDS types. Discuss and explain the strengths and weaknesses of each type of IDS and any considerations they should make in selecting one over the...
Vulnerability Assessment and Penetration Testing 1.Which of the following security test types would be best defined...
Vulnerability Assessment and Penetration Testing 1.Which of the following security test types would be best defined as an engagement that focuses on the discovery of vulnerabilities within an environment to improve security for the organization but does not actively exploit those vulnerabilities to show the potential impact on the organization. a)Security Audit b) Penetration test c)Red team engagement d)Vulnerability 2. You are about to conduct a penetration test as a third party consultant. They have given you limited details about...
A security professional wants to test a piece of malware that was isolated on a user's...
A security professional wants to test a piece of malware that was isolated on a user's computer to document its effect on a system. Which of the following is the FIRST step the security professional should take? A.Create a sandbox on the machine. B.Open the file and run it. C.Create a secure baseline of the system state. D.Hardon the machine
Suppose a researcher wants to perform an hypothesis test to decide whether the mean systolic blood...
Suppose a researcher wants to perform an hypothesis test to decide whether the mean systolic blood pressure for adults aged 20-29 is lower than the mean systolic blood pressure for adults aged 30-39. State the null and alternative hypothesis for the hypothesis test. Discuss the basic strategy for performing this hypothesis test, based on independent samples.
You have joined a company as a security consultant, discuss the vulnerabilities of the company’s data...
You have joined a company as a security consultant, discuss the vulnerabilities of the company’s data and systems and propose a plan to protect company assets.
31. An instructor wants to test whether attending class influences how students perform on an exam....
31. An instructor wants to test whether attending class influences how students perform on an exam. There are 54 students in the class. There are 25 students who attended the class and passed the exam, 6 students who attended class and failed the exam, 8 students who skipped the class and passed the exam, 15 students who skipped the class and failed class. Please perform a statistical test and indicate whether attending class influence the exam performance. a) Parametric or...
A market research consultant hired by a leading soft-drink company wants to determine the proportion of...
A market research consultant hired by a leading soft-drink company wants to determine the proportion of consumers who favor its low-calorie drink over the leading competitor's low-calorie drink in a particular urban location. A random sample of 250 consumers from the market under investigation is provided in the file P08_17.xlsx. a. Calculate a 95% confidence interval for the proportion of all consumers in this market who prefer this company's drink over the competitor's. Round your answers to three decimal places,...
Perform the indicated goodness-of-fit test. 33) A company manager wishes to test a union leader's claim...
Perform the indicated goodness-of-fit test. 33) A company manager wishes to test a union leader's claim that absences occur on the different week days with the same frequencies. Test this claim at the 0.05 level of significance if the following sample data have been compiled. Day Mon Tue Wed Thur Fri Absences 37 15 12 23 43 Please show how to calculate this answer on ti-83
A bus company wants to test the hypothesis that the proportions of the six types of...
A bus company wants to test the hypothesis that the proportions of the six types of passengers it carries on a certain route are EQUAL. The six types are: commuters, shoppers, college students, tourists, children, and mall employees. it carries on a certain route are EQUAL. The six types are: commuters, shoppers, college students, tourists, children, and mall employees. On the basis of the following sample of four hundred eighty bus riders, should the company accept this hypothesis at the...
Following a recent network intrusion, a company wants to determine the current security awareness of all...
Following a recent network intrusion, a company wants to determine the current security awareness of all of its employees. Which of the following is the BEST way to test awareness? A. Conduct a series of security training events with comprehensive tests at the end B. Hire an external company to provide an independent audit of the network security posture C. Review the social media of all employees to see how much proprietary information is shared D. Send an email from...
ADVERTISEMENT
Subjects
ADVERTISEMENT
Latest Questions
ADVERTISEMENT