Which three practices are commonly adopted when setting up a penetration testing lab environment? (Choose three.)
- use a honeypot for all tests run from the physical attack platforms
- ensure that when something crashes, it can be determined how and why it happened
- create the penetration testing environment using virtual machines and virtual switches
- use an open environment to allow for free passage of attack packets to the target machines
- create the penetration testing environment using physical equipment and switches in order to route the packets freely
- use a closed environment for all testing purposes
Explanation: The following is a list of requirements for a typical penetration testing environment:
- Closed network: Ensure controlled access to and from the lab environment and restricted access to the Internet.
- Virtualized computing environment: This allows for easy deployment and recovery of devices being tested.
- Realistic environment: Using a staging testing environment should match the real environment as closely as possible.
- Health monitoring: When something crashes, ensure the ability to determine how and why it happened.
- Sufficient hardware resources: Ensure that a lack of resources does not cause false results.
- Multiple operating systems: Test or validate a finding from another system. Testing from different operating systems is always good to see if the results differ.
- Duplicate tools: A great way to validate a finding is to run the same test with a different tool to see if the results are the same.
- Practice targets: Practice the penetration tools constantly. To do this, practice on targets that are known to be vulnerable.
Exam with this question: Ethical Hacker: Course Final Exam Answers
Please login or Register to submit your answer