Vulnerability Assessment and Penetration Testing (VAPT)

movodale's version from 2016-12-16 22:10


Question Answer
1.ScopeWhile performing assessments and tests, the scope of the assignment needs to be clearly defned. The scope is based on the assets to be tested. The following are the three possible scopes that exist: 1.Black Box Testing: Testing from an external network with no prior knowledge of the internal networks and systems. 2.Gray Box Testing: Testing from an external or internal network, with knowledge of the internal networks and systems. This is usually a combination of black box testing and white box testing. 3.White Box Testing: Performing the test from within the network with the knowledge of the network architecture and the systems. This is also referred to as internal testing.
2.Information GatheringThe process of information gathering is to obtain as much information as possible about the IT environment such as networks, IP addresses, operating system version, etc. This is applicable to all the three types of scope as discussed earlier.
3.Vulnerability DetectionIn this process, tools such as vulnerability scanners are used, and vulnerabilities are identifed in the IT environment by way of scanning.
4.Information Analysis and PlanningThis process is used to analyze the identifed vulnerabilities, combined with the information gathered about the IT environment, to devise a plan for penetrating into the network and systems.
5.Penetration TestingIn this process, the target systems are attacked and penetrated using the plan devised in the earlier process.
6.Privilege EscalationAfter successful penetration into the system, this process is used to identify and escalate access to gain higher privileges, such as root access or administrative access to the system.
7.Result AnalysisThis process is useful for performing a root cause analysis as a result of a successful compromise to the system leading to penetration, and devise suitable recommendations in order to make the system secure by plugging the holes in the system.
8.ReportingAll the fndings that are observed during the vulnerability assessment and penetration testing process need to be documented, along with the recommendations, in order to produce the testing report to the management for suitable actions.
9.CleanupVulnerability assessment and penetration testing involves compromising the system, and during the process, some of the fles may be altered. This process ensures that the system is brought back to the original state, before the testing, by cleaning up (restoring) the data and fles used in the target machines.