Penetration Tests - CompTIA Security+ SY0-701 - 5.5

Understanding Physical Penetration Testing

The Importance of Physical Penetration Testing

• Physical penetration testing is crucial as it can easily bypass digital security if physical access to a device is obtained, allowing modifications to the boot process.

• Attackers may use various methods to gain unauthorized access to a facility, including trying doors, windows, and elevators, highlighting the significance of physical security measures.

Offensive and Defensive Aspects of Penetration Testing

• Penetration testing involves both offensive (red team) and defensive (blue team) strategies; red teams seek vulnerabilities while blue teams defend against attacks.

• An integrated approach where red and blue teams collaborate enhances security by providing continuous feedback on vulnerabilities identified during tests.

Types of Environments in Penetration Testing

• Different types of environments exist for penetration tests: known (full disclosure), partially known (some information provided), and unknown (no prior information).

• A blind test refers to an unknown environment where pen testers must independently gather all necessary information before launching attacks.

Reconnaissance Process in Penetration Testing

• Before attacking, pen testers conduct reconnaissance to gather vital information about the target's infrastructure, including security tools and server configurations.

• This process allows testers to create a comprehensive network map detailing IP addresses and connections between different sites within the organization.

Methods of Information Gathering

• Reconnaissance can be passive or active; passive reconnaissance gathers data without direct interaction with the target network using external sources like social media or corporate websites.