a. Discuss the risks associated with Penetration Testing and steps necessary to minimize the risk to both the tester and client.
Penetration testing is used to discover any security risk present in an application or program. The risks of Penetration Testing are unknowingly gaining unauthorized access to an application which can harm a client’s security, and the tester may also be exposed to any kind of security glitch. It can also mean the loss of data or data being leaked out and in the case of a life-saving equipment; it may result in loss of life. The risks are minimized by hiring professional pen testers who have certifications of ethical hacking and are deft in their work. Moreover, the practice should be provided on how to deal with security issues or reversal of any flaw while pen testing (GCN, 2013).
List and explain the different types of penetration testing and include the pros and cons of each.
The different types of penetration testing are black-box testing, white box testing and grey box testing. Black box testing is a blind testing of the system by the tester who is interested in finding out about the system. Its pros include the tester not being an expert, verification of contradictions in the system and testing with the mind of the user. The cons are the difficulty of design, the test not being worthy if a test case has been performed and its inability to conduct it all. White box testing is more comprehensive and covers all systems including tests for loop testing, path testing, data flow testing, etc. Pros are the ability to ensure the independent paths of a module have been worked on, true and false values of logical decisions are verified, checking typographic errors and syntax and discovering design errors. Grey box testing finds out partial information about a system. Pros are a lack of requirement of a source code, limited risk of conflict, and internal information does not need to be sought. Cons are not being able to track sufficient internal data or solve glitches (Tutorials Point, n.d).
a. Research a historical and famous virus or worm and describe why you think it was so successful. Do you think that it would still be successful today? Why or Why not? What could make it successful on today’s modern operating systems, if you chose why not?
The Morris worm was a successful virus in the year 1988 which was initially designed to be flawless and untraceable. It did not cause significant harm other than making the computers it infected, very slow and hard to process information, due to a load at one particular time (Kelty, 2010). The success of the worm lay in the aftermath of its infiltration which led to an understanding of systematic risk analysis. It was also self-replicating which made it spread spuriously. Yes, it could be successful today because back in 1988, there was no internet which could spread the virus around; the computers were linked for sharing information, and there was no World Wide Web. The internet would help the Morris worm spread fast as it is self-replicating (Kelty, 2010).
Compare and contrast the similarities and differences between a trojan, virus, and a worm. In what situation do you think each one might be used for a malicious purpose?
A Trojan horse is different from a virus and worm because it is installed as useful software but once it runs on the computer, it does the damage. A virus gets attached to a file, but it does not spread unless executed by a human. It can spread by sending files and attachments with the virus. A worm is different from a virus as it self-replicates but is quite similar to a virus in design. A virus may be used on a downloadable program which can be installed and spread for leaking data or harming the system. A worm can spread on its own which means a remote user may hack into a person’s data. A Trojan compromises personal data by allowing a backdoor for malicious purposes (Beal, 2004).
A. What forms of authentication can be implemented for a web application? Describe three authentication techniques and the level of security provided by each.
The forms of authentication for web applications are FORM, BASIC, DIGEST, and CLIENT-CERT. FORM is the most common of all. It asks for username and password for the first entry and allows automatic redirection for viewing a page. It is secure because of a password which can only be known to an original user. BASIC has a browser-supplied dialog box which asks the user to enter username and password. It is also secure because of the login being provided by one user. DIGEST is uncommon and asks for verification in encrypted form. It is the most secure (Systems, n.d.).
Cross-site scripting (XSS) attacks are one of the OWASP Top 10 web application vulnerabilities. Describe the difference between stored and reflected XSS attacks. Find an example of an XSS attack and provide details of the attack.
Stored XSS attacks are when the inserted script gets permanently stored on the target servers like in a database, a comment list, a visiting log, etc. The malicious script is received from the stored information. Reflected XSS has the script inserted off the server as an error message and the attack gets to the user in the form of an email or on a website. An example of XSS attack is a URL provided with an advertisement. When a person clicks on it, an alert box will indicate ‘attack.’ This does not do any damage, but it is one of the ways malicious software can enter a system (“Cross-site Scripting (XSS),” 2005).
a. In your own words explain what database hacking is and why databases are targeted by hackers.
Database hacking is the process of gaining unauthorized access to a database by employing a few methods of illegitimate access. Databases are powerhouses of information to political, legal and to leak it or provide it to a party which would pay for the deed (Dhanvani, 2012).
What are some recent attacks on organizations that resulted in a Database breach? Please examine some of the recent financial breaches and provide commentary on how this could have occurred?
One of the recent attacks occurred in the medicine and health industry where the Ponemon Institute. This has caused the industry an annual loss of $6 billion because of the breaches of data and the leakage of information regarding health and personal information on the clients. This could have been the work of professional hackers working for an inside person, or they could simply gain access to the databases by viruses or Trojan (Prince, 2016).
a. Honeypots have an intended purpose. What do you think it is? What benefits could be rendered from setting up a honeypot in an organization?
The purpose of honeypots is to distract potential hackers by alerting the user of any bogus system thus catching a possible predator before any damage can occur. An organization can be saved from hackers, confuse any possible hackers and strengthen the security of the system if it is used (Techtarget, 2001).
Research and explain some methods that can be used to bypass network IDS/IPS/Firewall devices. List and give an example of a tool that can be used for this purpose.
Some of the techniques for bypassing networks IDS/IPS/Firewall devices are Fragmentation Packets which can help to bypass the inspection of firewalls. Specifying Maximum Transmission Unit to the packet is another way. Using decoy addresses makes it difficult to trace the IP addresses and scan the system. Idle Zombie Scan helps to use another host on the same network which is idle so a port scan can be sent to another host. Source port number specification can help to alter the configuration of the port for the scan. Nmap- a security scanner is a common tool for this purpose (Pentestlab, 2012).
A. Discuss the attack against Bluetooth. What are some of the tools that can be used to perform these types of attacks?
While connected to Bluetooth, the device is vulnerable to malicious hackers and software. Wireless worms were the kind of malicious data being transferred that could harm the phone’s software. The Blue Scanner, Blue Sniff, BlueBugger, BTBrowser, BlueSnarfing and Super Bluetooth Hack 1.08 are some of the tools used for attacking (Parmar, 2010).
Discuss the different types of attacks launched against USB devices and countermeasure users can take to protect their devices.
All kinds of USB devices such as keyboards, mouse, thumb drives and USB’s are known to be likely attacked by hackers. There are bugs in the software which can harm the function of these devices and hackers can exploit the users which may not know of the attack. The countermeasures to protect the devices are to turn off AutoPlay in Windows so the computer cannot open USB as soon as they are plugged in. Then it is safe to run an anti-virus test to check the safety. Moreover, programmers are working on the safety and reliability of devices (Finkle, 2014).
References
Beal, V. (2004).The difference between a virus, worm and Trojan horse. Retrieved August 30,
2016, from http://www.webopedia.com/DidYouKnow/Internet/virus.asp
Cross-site Scripting (XSS). (2005). Retrieved August 30, 2016, from
https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
Dhanvani, P. (2012, September 15). DATABASE HACKING - FreeFeast.Info: Interview
questions ,awesome gadgets, personality motivation guide, famous IT personalities. Retrieved August 30, 2016, from IT Stuff, http://freefeast.info/general-it-articles/database-hacking/
Finkle, J. (2014, July 31). Hackers can tap USB devices in new attacks, researcher warns.
Retrieved August 30, 2016, from http://www.reuters.com/article/us-cybersecurity-usb-attack-idUSKBN0G00K420140731
GCN. (2013). Penetration testing: Pros and cons of attacking your own network -- GCN.
Retrieved August 30, 2016, from https://gcn.com/articles/2013/02/04/pros-cons-penetration-testing.aspx
Kelty, C. (2010, December 19). The Morris worm. Retrieved August 30, 2016, from
http://limn.it/the-morris-worm/
Parmar, V. (2010, June 30). 7 most popular Bluetooth hacking software to hack your mobile
phone. Retrieved August 30, 2016, from Featured, http://techpp.com/2010/06/30/7-most-popular-bluetooth-hacking-software-to-hack-your-mobile-phone/
Pentestlab. (2012, April 2). Nmap – techniques for avoiding Firewalls. Retrieved August 30,
2016, from https://pentestlab.wordpress.com/2012/04/02/nmap-techniques-for-avoiding-firewalls/
Prince, B. (2016). Healthcare organizations face a spike in data breaches from criminal attacks.
Retrieved August 30, 2016, from http://www.securityweek.com/healthcare-organizations-face-spike-data-breaches-criminal-attacks
Systems, B. Programming WebLogic security. Retrieved August 30, 2016, from
https://docs.oracle.com/cd/E11035_01/wls100/security/thin_client.html
TechTarget. (2001, June ). The purpose of honeypots. Retrieved August 30, 2016, from
http://searchnetworking.techtarget.com/answer/The-purpose-of-honeypots
Tutorials Point. (n.d). Penetration Testing - Quick Guide. Retrieved August 30, 2016, from
http://www.tutorialspoint.com/penetration_testing/penetration_testing_quick_guide.htm