1 1. List the 5 steps of the hacking process.
2. In order to exploit or attack the targeted systems, what can you do as an intial first step to collect as much information as possible about the targets prior to devising and attack and penetration test plan?
The first step I would take would be from the 5 steps to hacking which is the reconnaissance. I would use passive reconnaissance as this pertains to information gathering.
3. What applications and tools can be used to preform this initial reconnaissance and probinig step?
Google is a major tool in most hackers initial first step. But you can use Nmap , AMAP, ScanRand and Paratrace.
4. How can social engineering be used to gather information or data about the organization’s IT infrastructure?
Social Engineering is one of the number one ways a network is easily infiltrated. They major forms of this are Phishing, baiting and diversion theft.
5. What does the Enumeration step of the five (5) step hacking process entail and how is it vital to the hacker’s objective?
Enumeration is the same as scanning a system for vulnerabilities that can be used to attack the system itself. This is vital to any hacker’s object since it reveals the information needed to access the target.
6. Explain how an attacker will avoid being detected following a successful penetration attack?
To avoid detection a good hacker will always cover their tracks. This is done by purging any information in the system that could even minutely show the trace that someone was their. You must be careful when doing this because sometimes its not whats there that gets the hacker busted but what wasn’t.
7. What method does an attacker use to regain access to an already penetrated system?
Any good hacker will always leave some...