Vocabulary Vault
This term refers to the process of using advanced search operators to find sensitive information that is not meant to be public.
What is Search engine dorking?
This initial phase involves defining goals, scope, and the crucial "Rules of Engagement."
What is Phase 1: Pre-engagement interactions?
A testing approach where the team has absolutely no prior knowledge of the MTPH network.
What is Black box testing?
To ensure patient safety, the CyberHealth team must maintain this at all times during testing.
What is Operational continuity (or Non-disruption of services)?
This European regulation imposes heavy fines for failing to protect the personal data of individuals.
What is the GDPR?
This attack involves injecting malicious scripts into web pages viewed by other users.
What is Cross-site scripting (X-SS)?
During this phase, CyberHealth Security would identify potential adversaries and develop strategies to mitigate them.
What is Phase 3: Threat modelling?
A testing approach where the team is given full access to network diagrams and source code before starting.
What is White box testing?
This attack targets the database layer of a web application by inserting malicious code into an input field.
What is SQL Injection (SQLi)?
This 2017 ransomware attack famously crippled the UK's NHS, showing the real-world danger of the MTPH scenario.
What was WannaCry?
This is the practice of collecting information from publicly available sources like social media or official records.
What is Open-source intelligence (OSINT)?
This phase is where the team actually attempts to breach MTPH’s systems using the vulnerabilities they confirmed.
What is Phase 5: Exploitation? on?
This social engineering technique involves making voice calls to hospital staff to trick them into giving up passwords.
What is Vishing (voice phishing)?
This real-world 2017 attack serves as a perfect comparison for why MTPH needs to protect its legacy systems.
What is Phishing?
A vulnerability that is unknown to the software developer and has no existing patch is called this.
What is a Zero-Day vulnerability?
This activity involves the scientific collection and analysis of data from a computer system to investigate a security incident.
What is System forensics?
Once access is gained, this phase focuses on maintaining control of the system and extracting data.
What is Phase 6: Post-exploitation?
This process involves discovering active devices and creating a visual representation of the hospital's network connections.
What is Network mapping?
This Thai law is the local equivalent of the GDPR and must be considered when CyberHealth handles Bangkok patient data.
What is the PDPA (Personal Data Protection Act)?
Unlike "Black Hats," ethical hackers must have this legal document before they begin any testing.
What is Written Permission (or a Contract/RoE)?
A high-level vulnerability where a program writes more data to a memory buffer than it can hold, potentially leading to a crash or code execution.
What is a Buffer overflow attack?
The final stage where the findings are presented to MTPH in a detailed document.
What is Phase 7: Reporting?
The technical process of identifying which operating systems are running on the hospital's devices.
What is OS detection?
In the 12-mark essay, this "Standard" provides the structured framework that justifies the team's professional behavior.
What is the PTES (Penetration Testing Execution Standard)?
This US law specifically sets the standards for protecting sensitive patient health information from being disclosed without consent.
What is HIPAA?