Vulnerability quiz: Bonus question

In order, what are the five general steps of an intrusion?
A. Reconnaissance, scanning, gaining access, maintaining access, covering tracks

 

Steps in attack

Explanation

Examples

Reconnaissance

Intelligence work of obtaining information, either passively or actively.

Passively = Sniffing traffic, eavesdropping

 

Actively = Obtaining data from ARIN and Whois databases, examining Web site HTML code, social engineering

Scanning

Identifying systems that are running and the services that are active on them.

Ping sweeps and port scans

Gaining access

Exploiting identified vulnerabilities to gain unauthorized access.

Exploiting a buffer overflow or brute forcing a password and logging onto a system.

Maintaining access

Uploading malicious software to ensure re-entry is possible.

Installing a backdoor on a system.

Covering tracks

Carrying out activities to hide one's malicious activities.

Deleting or modifying data in system and application logs.

 

Back to quiz.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close