Security Testing Design: Difference between revisions
(Created page with "'''Students must be able to describe the purpose and importance of international standards in Information Security and describe advantages of compliance for stakeholders and o...") |
No edit summary |
||
| Line 38: | Line 38: | ||
In terms of analysing an organization's security, black box testing may be used to identify vulnerabilities or weaknesses in the organization's systems and infrastructure that are visible from the outside. Grey box testing may be used to identify vulnerabilities or weaknesses that are not visible from the outside, but that may be discovered through partial knowledge of the internal workings of the system. White box testing may be used to identify vulnerabilities or weaknesses that are not visible from the outside, and that can only be discovered through complete knowledge of the internal workings of the system. | In terms of analysing an organization's security, black box testing may be used to identify vulnerabilities or weaknesses in the organization's systems and infrastructure that are visible from the outside. Grey box testing may be used to identify vulnerabilities or weaknesses that are not visible from the outside, but that may be discovered through partial knowledge of the internal workings of the system. White box testing may be used to identify vulnerabilities or weaknesses that are not visible from the outside, and that can only be discovered through complete knowledge of the internal workings of the system. | ||
'''Students must be able to discuss each stage of the security testing cycle (Planning and reconnaissance; Discovery; Enumeration; Gaining access; Maintaining access; Privilege escalation; Documenting; Reporting) and justify their choice of tools and approach to meet the objectives of each stage. | |||
''' | |||
The security testing cycle is a systematic process for testing the security of a system or network. It typically consists of the following stages: | |||
Planning and reconnaissance: In this stage, the tester defines the scope and objectives of the testing engagement, and gathers information about the target system or network. This may involve researching the system or network, identifying potential vulnerabilities, and determining the appropriate tools and approach for the testing. | |||
Discovery: In this stage, the tester actively searches for systems or devices that are connected to the target network. This may involve using tools to scan the network for open ports, services, or devices, or accessing public records or online resources to gather information about the network. | |||
Enumeration: In this stage, the tester attempts to gather as much information as possible about the target system or network. This may involve accessing system or network resources, querying databases, or attempting to access system accounts or user accounts. | |||
Gaining access: In this stage, the tester attempts to gain unauthorized access to the target system or network. This may involve exploiting vulnerabilities or weaknesses in the system or network, or using social engineering techniques to trick users into divulging their credentials. | |||
Maintaining access: In this stage, the tester focuses on maintaining access to the system or network and preventing detection. This may involve installing backdoors or other means of gaining access, or attempting to cover their tracks by deleting logs or other evidence of their activity. | |||
Privilege escalation: In this stage, the tester attempts to gain higher levels of access or privileges on the system or network. This may involve exploiting vulnerabilities or weaknesses in the system or network to gain access to higher-level accounts or resources. | |||
Documenting: In this stage, the tester documents all of the steps taken during the testing process, as well as any vulnerabilities or weaknesses that were discovered. This documentation is typically used to create a report of the testing engagement. | |||
Reporting: In this final stage, the tester prepares a report detailing the findings of the testing engagement, including any vulnerabilities or weaknesses that were discovered and recommendations for addressing them. | |||
In terms of justifying their choice of tools and approach for each stage, the tester would consider the specific objectives of the stage and select tools and approaches that are best suited for achieving those objectives. For example, in the planning and reconnaissance stage, the tester might use a tool like Nmap to scan the network for open ports and services, or they might use a tool like Maltego to gather information about the network from public records or online resources. Similarly, in the gaining access stage, the tester might use a tool like Metasploit to exploit a vulnerability in the system, or they might use a tool like Aircrack-ng to crack wireless network passwords. | |||
Latest revision as of 12:17, 3 January 2023
Students must be able to describe the purpose and importance of international standards in Information Security and describe advantages of compliance for stakeholders and organisations.
International standards in information security provide a common set of guidelines and best practices for protecting and securing information and systems. These standards are developed by international organizations such as the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), and they provide a framework for organizations to follow in order to ensure that their information and systems are secure.
The purpose of these standards is to help organizations protect their information assets and prevent unauthorized access, use, disclosure, disruption, modification, or destruction of information. They can also help to ensure that information is handled and processed in a consistent and secure manner, which can help to prevent data breaches and other security incidents.
There are several advantages to compliance with these standards for stakeholders and organizations:
Improved security: Compliance with international standards can help organizations to improve the security of their information and systems, which can reduce the risk of data breaches and other security incidents. This can help to protect the organization's reputation and reduce the impact of any security incidents that do occur.
Increased customer trust: Customers and clients may be more likely to trust an organization that demonstrates compliance with international standards, as it shows that the organization is taking steps to protect their information and systems.
Enhanced business opportunities: Many organizations require their partners and suppliers to demonstrate compliance with international standards in order to do business with them. Therefore, compliance with these standards can help organizations to expand their business opportunities and access new markets.
Improved efficiency: Compliance with international standards can help organizations to streamline their processes and improve their overall efficiency, as it can help to ensure that information is handled and processed in a consistent and secure manner.
Overall, compliance with international standards in information security is important for stakeholders and organizations as it can help to improve the security of their information and systems, increase customer trust, enhance business opportunities, and improve efficiency.
Students must be able to explain the importance of a “Rules of Engagement” document, the importance of consent before planning a testing strategy, and the purpose of “codes of ethics” in the security testing process.
A "Rules of Engagement" document is a set of guidelines that outline the boundaries and limitations of a security testing engagement. It is important because it helps to ensure that the testing is conducted in a legal and ethical manner, and that any vulnerabilities or issues discovered during the testing are properly disclosed and addressed.
Consent is important in the security testing process because it ensures that the parties involved are aware of and agree to the testing that is being conducted. This is especially important when testing systems that contain sensitive or confidential information, as unauthorized access or testing of these systems could potentially have negative consequences.
Codes of ethics are guidelines that outline the ethical principles and values that should guide the behavior of individuals or organizations in a particular field. In the context of security testing, codes of ethics can help to ensure that testing is conducted in a responsible and professional manner, and that the interests of all parties involved are taken into account.
Students must be able to compare Black Box Testing, Grey Box Testing, and White Box Testing in relation to analysing an organisation’s security.
Black box testing is a type of security testing in which the tester has no knowledge of the internal workings of the system being tested. The tester only has access to the inputs and outputs of the system, and is not able to see the internal processes or code that generates the outputs. Black box testing is often used to test the functionality of a system, and can be used to identify vulnerabilities or weaknesses in the system.
Grey box testing is a type of security testing in which the tester has partial knowledge of the internal workings of the system being tested. The tester may have access to some internal documentation or may be able to see some of the code, but does not have a complete understanding of the system. Grey box testing can be used to identify vulnerabilities or weaknesses in the system that might not be apparent from the outside.
White box testing is a type of security testing in which the tester has complete knowledge of the internal workings of the system being tested. The tester has access to all of the code and documentation, and is able to see all of the internal processes and data flows. White box testing is often used to identify vulnerabilities or weaknesses in the system that are not visible from the outside, and can be used to test the security of the system at a deeper level.
In terms of analysing an organization's security, black box testing may be used to identify vulnerabilities or weaknesses in the organization's systems and infrastructure that are visible from the outside. Grey box testing may be used to identify vulnerabilities or weaknesses that are not visible from the outside, but that may be discovered through partial knowledge of the internal workings of the system. White box testing may be used to identify vulnerabilities or weaknesses that are not visible from the outside, and that can only be discovered through complete knowledge of the internal workings of the system.
Students must be able to discuss each stage of the security testing cycle (Planning and reconnaissance; Discovery; Enumeration; Gaining access; Maintaining access; Privilege escalation; Documenting; Reporting) and justify their choice of tools and approach to meet the objectives of each stage.
The security testing cycle is a systematic process for testing the security of a system or network. It typically consists of the following stages:
Planning and reconnaissance: In this stage, the tester defines the scope and objectives of the testing engagement, and gathers information about the target system or network. This may involve researching the system or network, identifying potential vulnerabilities, and determining the appropriate tools and approach for the testing.
Discovery: In this stage, the tester actively searches for systems or devices that are connected to the target network. This may involve using tools to scan the network for open ports, services, or devices, or accessing public records or online resources to gather information about the network.
Enumeration: In this stage, the tester attempts to gather as much information as possible about the target system or network. This may involve accessing system or network resources, querying databases, or attempting to access system accounts or user accounts.
Gaining access: In this stage, the tester attempts to gain unauthorized access to the target system or network. This may involve exploiting vulnerabilities or weaknesses in the system or network, or using social engineering techniques to trick users into divulging their credentials.
Maintaining access: In this stage, the tester focuses on maintaining access to the system or network and preventing detection. This may involve installing backdoors or other means of gaining access, or attempting to cover their tracks by deleting logs or other evidence of their activity.
Privilege escalation: In this stage, the tester attempts to gain higher levels of access or privileges on the system or network. This may involve exploiting vulnerabilities or weaknesses in the system or network to gain access to higher-level accounts or resources.
Documenting: In this stage, the tester documents all of the steps taken during the testing process, as well as any vulnerabilities or weaknesses that were discovered. This documentation is typically used to create a report of the testing engagement.
Reporting: In this final stage, the tester prepares a report detailing the findings of the testing engagement, including any vulnerabilities or weaknesses that were discovered and recommendations for addressing them.
In terms of justifying their choice of tools and approach for each stage, the tester would consider the specific objectives of the stage and select tools and approaches that are best suited for achieving those objectives. For example, in the planning and reconnaissance stage, the tester might use a tool like Nmap to scan the network for open ports and services, or they might use a tool like Maltego to gather information about the network from public records or online resources. Similarly, in the gaining access stage, the tester might use a tool like Metasploit to exploit a vulnerability in the system, or they might use a tool like Aircrack-ng to crack wireless network passwords.