👾
Rootkid - Cyber Journal
Portfolio
  • 👩‍🚀Introduction
    • 🤖About Cyber Journal & Rootkid
    • 📜License Agreement
    • ⚠️Disclaimer
  • 📚Exam Prep Notes
    • 🗒️KLCP Exam (PEN-103) - Notes
      • 1. Linux Fundamentals
      • 2. Introduction
      • 3. About Kali Linux
      • 4. Getting Started with Kali Linux
      • 5. Installing Kali Linux
      • 6. Configuring Kali Linux
      • 7. Helping Yourself and Getting Help
      • 8. Securing and Monitoring Kali Linux
      • 9. Debian Package Management
      • 10. Advanced Usage
      • 11. Kali Linux in the Enterprise
      • 12. Introduction to Security Assessments
      • 13. Conclusion: The Road Ahead
    • 📒ISO/IEC 27001:2022 Lead Auditor - Notes
      • ISO - Training - Day - 1
      • ISO - Training - Day - 2
      • ISO - Training - Day - 3
      • ISO - Training - Day - 4
      • Practice Questions - Notes
      • Other PDF References
    • 📑Junior Penetration Tester (eJPTv2) - Notes
      • 💡Assessment Methodologies
        • 🔍Information Gathering
          • 🌏Passive Information Gathering
          • 🧐Active Information Gathering
        • 👣Footprinting & Scanning
          • 🗺️Mapping a Network
          • 🎛️Port Scanning
        • 🕵️Enumeration
          • 📜SMB Enumeration
          • 📂FTP Enumeration
          • 🐚SSH Enumeration
          • 🕸️HTTP Enumeration
          • 🗄️MySQL & MSSQL Enumeration
        • 🐛Vulnerability Assessment
          • 🩸Case Study: Heartbleed Vulnerability (CVE-2014-0160)
          • 🔵Case Study: EternalBlue Vulnerability (CVE-2017-0143)
          • 👨‍💻Case Study: Log4J Vulnerability (CVE-2021-44228)
      • 🧰Assessment Methodologies: Auditing Fundamentals
      • 📶Host & Network Penetration Testing
        • 💻System/Host Based Attacks
          • 🪟Overview Of Windows Vulnerabilities
          • 💣Exploiting Windows Vulnerabilities
            • 🧨Exploiting Microsoft IIS WebDAV
            • 🧨Exploiting WebDAV With Metasploit
            • 🧨Exploiting SMB With PsExec
            • 🧨Exploiting Windows MS17-010 SMB Vulnerability (EternalBlue)
            • 🧨Exploiting RDP - Brute Force
            • 🧨Exploiting Windows CVE-2019-0708 RDP Vulnerability (BlueKeep)
            • 🧨Exploiting WinRM
          • 📈Windows Privilege Escalation
            • 🔥Windows Kernel Exploits
            • 🔥Bypassing UAC With UACMe
            • 🔥Access Token Impersonation
          • 🗃️Windows File System Vulnerability - Alternate Data Streams
          • 💳Windows Credential Dumping
            • 🔑Searching For Passwords In Windows Configuration Files
            • 🔑Dumping Hashes With Mimikatz
            • 🔑Pass-The-Hash Attacks
          • 💎Linux Vulnerabilities
          • 🎰Exploiting Linux Vulnerabilities
            • 🐚Exploiting Bash CVE-2014-6271 Vulnerability (Shellshock)
            • 🗄️Exploiting FTP - Linux
            • 🔐Exploiting SSH - Linux
            • 📭Exploiting SAMBA - Linux
          • ‼️Linux Privilege Escalation
            • 💥Linux Kernel Exploits
            • 💥Exploiting Misconfigured Cron Jobs
            • 💥Exploiting SUID Binaries
          • 🔐Linux Credential Dumping
        • 📶Network-Based Attacks
          • 📦Tshark & Filtering Basics
          • 🕷️Arp Poisoning
        • 💣The Metasploit Framework (MSF)
        • 💥Exploitation
          • 🖲️Vulnerability Scanning
          • ⚠️Searching For Exploits
          • 🐚Bind & Reverse Shells
          • 👾Exploitation Frameworks
          • 🪟Windows Exploitation
          • 🥌Linux Exploitation
          • ☣️AV Evasion & Obfuscation
        • 🚩Post-Exploitation
          • 🌬️Windows Local Enumeration
          • 📟Linux Local Enumeration
          • 🚜Transferring Files To Windows & Linux Targets
          • 🔼Upgrading Shells
          • 👀Windows Privilege Escalation
          • ⚒️Linux Privilege Escalation
          • 🔮Windows Persistence
          • 🧙Linux Persistence
          • 〰️Dumping & Cracking Windows Hashes (NTLM Hashes)
          • 🍘Dumping & Cracking Linux Password Hashes
          • ➿Pivoting Overview
          • 🧹Clearing Your Tracks On Windows & Linux
        • 🧑‍🔬Social Engineering Fundamentals
      • 🕸️Web Application Penetration Testing
        • ℹ️Intro to Web
        • 🎯Directory Enumeration
        • 🧰BurpSuite and ZAP-Proxy Overview
        • 🛠️Nikto, SQLMap, XSSer & Hydra Overview
      • 👽Extra Resources
        • ➕CIDR Conversion Table
        • 📦Machines or Lab Solved to Practice
    • 📓Certified in Cybersecurity - (ISC)2 - Notes
      • 📝Chapter-1 Security Controls - Notes
      • 📝Chapter-2 Incident Response, Business Continuity & Disaster Recovery - Notes
      • 📝Chapter 3: Access Control Concepts - Notes
      • 📝Chapter 4: Network Security - Notes
      • 📝Chapter 5: Security Operations - Notes
    • 📕Certified Ethical Hacker v12 - Practical - Notes
      • 👣Module 02: Footprinting and Reconnaissance
      • 🔎Module 03: Enumeration
      • Module 04: Scanning Networks
      • Module 05: Vulnerability Analysis
      • 💻Module 06: System Hacking
      • 🐛Module 07: Malware Threats
      • 🧙Module 08: Sniffing
      • 🐧Module 09: Social Engineering
      • ⚠️Module 10: Denial-of-Service
      • 🪝Module 11: Session Hijacking
      • Module 12: Evading IDS, Firewalls, and Honeypots
      • 🗄️Module 13: Hacking Web Servers
      • Module 14: Hacking Web Applications
      • 💉Module 15: SQL Injection
      • Module 16: Hacking Wireless Networks
      • Module 17: Hacking Mobile Platforms
      • Module 18: IoT and OT Hacking
      • Module 19: Cloud Computing
      • Module 20: Cryptography
      • Extra Resources
        • 📚Helpful Resources
        • 📜Cheat Sheet
  • ✍️Blogs
    • Mastering the Art of Logic Flaws: Unraveling Cyber Mysteries !!!
    • How to write a Detailed Vulnerability Report
    • Payment Gateway Bypass on Government Domain.
Powered by GitBook
On this page
  • Auditing Fundamentals:
  • Regulations:
  • Frameworks
  • ToolKit

Was this helpful?

  1. Exam Prep Notes
  2. Junior Penetration Tester (eJPTv2) - Notes

Assessment Methodologies: Auditing Fundamentals

Auditing Fundamentals:

Cybersecurity: Cybersecurity is the practice of protecting computer systems, networks, and data from digital attacks. It involves measures to safeguard sensitive information and ensure the smooth functioning of digital environments.

What are we securing? Cybersecurity aims to secure various types of valuable data, including Personally Identifiable Information (PII), Healthcare Information, Financial Data, Intellectual Property, Business Secrets, and Business Operations, to prevent unauthorized access and potential damage.

  1. Personally Identifiable Information (PII): PII includes personal data like names, addresses, and social security numbers. Safeguarding PII prevents identity theft and misuse of personal information.

  2. Healthcare Information: This includes patient records and medical histories. Protecting healthcare information ensures patient privacy and compliance with data protection laws like HIPAA.

  3. Financial Data: Financial data involves sensitive financial information such as credit card numbers and bank account details. Keeping this data secure prevents financial fraud and unauthorized transactions.

  4. Intellectual Property: Intellectual property comprises valuable ideas, inventions, and creative works. Secure IP safeguards innovations from theft or unauthorized use.

  5. Business Secrets: Business secrets encompass confidential strategies, plans, and proprietary information. Protecting them prevents competitors from gaining an unfair advantage.

  6. Business Operations: Securing business operations involves ensuring the availability and functionality of critical systems and processes, minimizing downtime due to cyberattacks.

CIA Triad

The CIA Triad is a foundational concept in cybersecurity:

  1. Confidentiality: This involves keeping information private and accessible only to authorized users, preventing unauthorized access and disclosure.

  2. Integrity: Integrity ensures that data remains accurate and unaltered. Protecting data integrity prevents unauthorized modifications or tampering.

  3. Availability: Availability ensures that systems and data are accessible when needed. It prevents disruptions and downtime that could impact operations.

Defense in Depth

Defense in Depth is a cybersecurity strategy that employs multiple layers of security mechanisms to provide comprehensive protection. This approach reduces the chances of a single point of failure and enhances overall security posture.

Regulations:

  • PCI DSS (Payment Card Industry Data Security Standard): PCI DSS is a set of security standards designed to protect credit card data during transactions and storage. It mandates security measures for businesses handling cardholder information, reducing the risk of payment card data breaches.

  • HIPAA (Health Insurance Portability and Accountability Act): HIPAA is a US law governing the security and privacy of healthcare information. It requires healthcare providers and organizations to safeguard patient data, ensure its confidentiality, and establish controls to prevent unauthorized access.

  • GDPR (General Data Protection Regulation): GDPR is a European Union regulation that enhances data privacy and protection rights for individuals. It requires organizations to handle personal data responsibly, obtain consent, and provide transparency in data processing.

  • CCPA (California Consumer Privacy Act): CCPA is a California law granting consumers greater control over their personal data. It gives Californian residents the right to know, access, and request deletion of their data collected by businesses.

  • SOX (Sarbanes-Oxley Act): SOX is a US law that mandates financial reporting and auditing standards for publicly traded companies. It aims to enhance transparency and prevent financial fraud by imposing strict controls over financial processes and reporting.

These regulations set specific technical and procedural requirements to ensure the security, privacy, and accountability of sensitive data and financial information.

Frameworks

  • ISO/IEC 27000 (ISO 27000 series): ISO/IEC 27000 is a family of standards for information security management systems (ISMS). It provides a systematic approach to managing and securing sensitive information using risk assessment, controls, and continuous improvement.

  • COBIT (Control Objectives for Information and Related Technologies): COBIT is a framework for effective IT governance and management. It helps organizations align their IT activities with business goals, ensuring proper control, risk management, and compliance.

  • NIST (National Institute of Standards and Technology): NIST provides cybersecurity guidelines and standards, such as the NIST Cybersecurity Framework. It offers a structured approach to managing and reducing cybersecurity risks for organizations of all sizes.

  • CIS (Center for Internet Security): CIS offers a set of security benchmarks and best practices to safeguard systems and data. The CIS Controls provide actionable steps to enhance cybersecurity posture and prevent common threats.

  • CMMC (Cybersecurity Maturity Model Certification): CMMC is a framework that measures and certifies the cybersecurity maturity of organizations in the defense supply chain. It ensures proper cybersecurity controls are in place to protect sensitive defense information.

  • ASD (Australian Signals Directorate) Essential Eight: ASD's Essential Eight is a cybersecurity framework that outlines eight strategies to mitigate common cyber threats. It provides practical guidance to improve an organization's resilience against cyberattacks.

ToolKit

  • SCAP Scan and STIG Viewer: SCAP (Security Content Automation Protocol) Scan is a tool used to assess the security posture of systems by checking compliance with security guidelines. STIG (Security Technical Implementation Guide) Viewer helps visualize and analyze the results of SCAP scans, ensuring systems adhere to recommended security configurations.

  • Nmap (Network Mapper): Nmap is a powerful network scanning tool that helps discover hosts and services on a network. It employs various techniques to identify open ports, services, and potential vulnerabilities in computer systems.

  • Nessus: Nessus is a widely used vulnerability assessment tool that scans networks and systems for security weaknesses. It identifies vulnerabilities, misconfigurations, and potential threats, providing detailed reports to aid in remediation efforts.




Hacker's Mantra:The hacker community may be small, but it possesses the skills that are driving the global economies of the future. - Heather Brooke

PreviousCase Study: Log4J Vulnerability (CVE-2021-44228)NextHost & Network Penetration Testing

Last updated 11 months ago

Was this helpful?

📚
📑
🧰