Importance of testing for all possible input values in a web form during a pentest
This will make it possible to identify potential security loopholes before an attacker does so and identify possible vulnerabilities in a network. In the long-run, this will serve to provide information that can Help security teams to alleviate vulnerabilities and develop a control mechanism for attacks (Basta, Basta, & Mary Brown, 2013).
Source data and how applications should handle this common error.
When creating an application, and especially, a web application, most developers fail to sufficiently validate the source of data. This has a ‘data hygiene’ impact in that it can enable void data to enter a database even introducing security challenges. As such, the input fields can be used to inject malicious scripts into the application. This can thus be handled by validating input client side and validating the server side.
Why applications must use the appropriate form action method
Using the appropriate form action serves to tell the web browser how to send the form data to a server as well as tell the browser the form contents to add to the end of URL.
Importance of a penetration tester to being familiar with protocols like HTTP
Being familiar with the protocol will serve to inform the penetration tester about the scope within which they should operate. Normally, the scope describes what systems, methods, locations and tools to be utilized in a penetration test. Limiting the scope goes a long way in Helping to focus the team members and defenders on the systems the organization controls.
Why a SQL injection attack can be so devastating for an application
A SQL injection attack can lead to the loss, theft or deletion of confidential data (Khan, & Mahapatra, 2012). It can also lead to the defacing of websites, unauthorized access to accounts or systems, and eventually, compromise of whole networks or individual machines.
Why it is critical that system administrators properly secure the ports that database servers listen on.
Ports are possible at risk of attacks. Therefore, properly securing the ports aims at protecting the services that are listening on those ports from exploits. Furthermore, the surface area exposed by services is reduced thus eliminating the risk of cyber attacks (Basta, Basta, & Mary Brown, 2013).
Why discovery of an active hit on TCP/UDP port 1433 does not confirm that Microsoft SQL server is present.
This is because port 1433 is the recognized standard for SQL servers. According to Internet Assigned Numbers Authority (IANA), although this port is registered in the name of Microsoft, getting a hit from this port does not provide a guarantee that this hit is an MSSQL server.
Why a penetration tester would prefer to target a server actively listening on UDP port 1434 versus another server that is not listening but is a confirmed Microsoft SQL server.
A penetration tester would opt targeting a server that is actively listening on UDP port 1434 since it makes sure that there is an established link between the host and the server (Faircloth et al., 2016). In addition, this implies that an exception has been put into the firewall s that traffic passes through the port, making it an attack vector that is exposed.
The difference between a virus and a Trojan
A virus denotes to a program that does not have the ability to self replicate and thus depends on the host file being spread. A virus has malicious intent. On the other hand, a Trojan denotes to a program that is run by misleading the user into appearing to be something genuine, but has malicious intent (Hausman, Barrett, & Weiss, 2013)
The type of malicious software may be invisible to a penetration tester
This malicious software is known as the ‘invisible’ memory based malware. This kind of attack leavers testers with nearly no evidence that an attack actually occurred, and any sign of an incident is gotten rid of when the system is rebooted.
Processes are normally associated with the McAfee VirusScan Enterprise product.
The processes associated with McAfee VirusScan Enterprise product include:
• Trouble shooting
• Virus scanning
• Rebooting
Heuristic analysis
Heuristic analysis refers to a technique that is employed by multiple computer antivirus programs developed to identify computer viruses that were previously unknown as well as new viruses’ variants already in the “wild.”
References
Basta, A., Basta, N., & Mary Brown, C. (2013). Computer Security and Penetration Testing. Cengage Learning.
Faircloth, J., Beale, J., Temmingh, R., Meer, H., Walt, C. V., & Moore, H. (2016). Penetration Tester’s Open Source Toolkit. Elsevier.
Hausman, K. K., Barrett, D., & Weiss, M. (2013). Security+. Que Publishing.
Khan, S., & Mahapatra, R. P. (2012). Sql Injection Attack and Countermeasures. LAP
Lambert Academic Publishing.
