概要
TryHackMe「Pentesting Fundamentals」ルームのwalkthroughです。
Task2
Q1.You are given permission to perform a security audit on an organisation; what type of hacker would you be?
Hint.Look at the hat categories in this task.
A.White Hat
Q2.You attack an organisation and steal their data, what type of hacker would you be?
A.Black Hat
Q3.What document defines how a penetration testing engagement should be carried out?
A.Rules of Engagement
Task3
Q1.What stage of penetration testing involves using publicly available information?
A.Information Gathering
Q2.If you wanted to use a framework for pentesting telecommunications, what framework would you use? Note: We're looking for the acronym here and not the full name.
A.OSSTMM
Q3.What framework focuses on the testing of web applications?
A.OWASP
Task4
Q1.You are asked to test an application but are not given access to its source code - what testing process is this?
A.Black Box
Q2.You are asked to test a website, and you are given access to the source code - what testing process is this?
A.White Box
Task5
Q1.Complete the penetration test engagement against ACME's infrastructure.
右上のView Siteをクリックするとペネトレーションテストに関するナレッジが表示されます。
Nextボタンをクリックして読み進めていくとフラグが表示されます。
A.THM{PENTEST_COMPLETE}