Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
You are a security consultant who is required to perform penetration testing on a client's network. During penetration testing, you are required to use a compromised system to attack other systems on the network to avoid network restrictions like firewalls. Which method would you use in this scenario:
Black box Method
Pivoting method
White Box Method
Grey Box Method
Pivoting refers to method used by penetration testers that uses compromised system to attack other systems on the same network to avoid restrictions such as firewall configurations, which may prohibit direct access to all machines. For example, an attacker compromises a web server on a corporate network, the attacker can then use the compromised web server to attack other systems on the network. These types of attacks are often called multilayered attacks. Pivoting is also known as island hopping. White Box Method In penetration testing, white-box testing refers to a methodology where a white hat hacker has full knowledge of the system being attacked. The goal of a white-box penetration test is to simulate a malicious insider who has some knowledge and possibly basic credentials to the target system. Grey Box Method Gray-box testing is a combination of white-box testing and black-box testing. Aim of this testing is to search for the defects if any due to improper structure or improper usage of applications. In the context of the CEH this also means an internal test of company networks.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.