2. Reconnaissance would be the only legal way to obtain information about a target, footprinting would be rolled into this step.
3. In today’s world, Google is the major tool used in this initial step.
4. Baiting and phishing are the biggest exploits involved with social engineering.
5. Enumeration is involved with the scanning step, it entails compiling a list of vulnerabilities and weaknesses of the target.
6. To avoid being detected, a hacker will have to erase all records of their activity. But must be careful not to erase normal system records that show the hacker wasn’t there.
7. You can regain access to a system by planting a backdoor, this would entail creating an account with elevated privileges. But the hacker must be careful not to create an account, that wouldn’t fit into the naming schema.
8. You should stop immediately, moving forward with an unauthorized tool could lead to legal action.
9. NIST 800-42 Guideline on Network Security Testing.
10. Planning, Discovery, Attack and Reporting.
11. To simulate an internal attack from a user with internal network access.
12. If it is not specifically outlined in the pen test document, you should not proceed or risk legal action.
13. To truly test the IT security team, if they know the attack is coming they can prepare for the attack.
14. A web application penetration test focuses only on the security of the web application itself. A Network Penetration test checks the security of the network system by analyzing the holes and flaws within both the hardware and the software.
15. From the hacker perspective, a pen test would involve gain, either monetary or otherwise. From the IT practitioner standpoint, a pen test would be used for testing, and system vulnerability discovery.