Penetration Testing Part 2

Posted April 8, 2020 by cyberessentials1

Hedgehog Security provides Penetration Testing, Vulnerability Management, Cyber Security Consulting and Cyber Essentials Audits across the globe...

Feature News

What Is the Average Cost of Pool Heater Repair Services in Markham

Need help with your leaking pool heater? Vaughan Pool Heater Repair

Don't Miss Out: Brand Battles Pre-Launch - The Future of Gaming and Advertising!

Transforming the Landscape: The Impact & Future of AI on the Construction Industry

Vaughan Homeowners Do Pool Heaters Require Annual Maintenance?

Mimosa Leviosa: Making Magical Moments via Kickstarter

Shincheonji Church of Jesus 40th Anniversary ceremony attracts over 30,000 congregants

First of all thank you for reading the Penetration Testing Part 1, Lets start with Part2.

Here I will show you how to conduct a penetration test for an organization XYZ before starting the actual penetration test lets see at the types of penetration test and the methodology for penetration testing and the tools available for conducting a penetration test.

Penetration Testing Methodology:

Generally there are four phases to conduct a penetration test as we discussed before in Part1 are

1. Planning

2. Discovery

3. Attack

4. Reporting

Types of penetration test:

1. Black Box

2. White Box

3. Grey Box

Black box:

Black-box testing involves performing a security evaluation and testing with no prior knowledge of the network infrastructure or system to be tested. Testing simulates an attack by a malicious hacker outside the organization's security perimeter

White box:

White-box testing involves performing a security evaluation and testing with complete knowledge of the network infrastructure such as a network administrator would have

Grey box:

Grey-box testing involves performing a security evaluation and testing internally.

Testing examines the extent of access by insiders within the network.

Scenario:

A firm named XYZ is consulting with a firm who conducts penetration test as a third party. Company XYZ need to have a black box pen testing due to some legal requirements and in order to evaluate the security measures placed to control the access.
Now the consulting firm only has a named XYZ to start the penetration test for the company.
Mr.RAK has been assigned the task to conduct the pen test in this consulting firm; here I will show you how the methodology will be followed.

Planning:

MR.RAK should have signed NDA so that findings should be kept confidential secondly SLA should be present in order to know at what levels or till what depth should the penetration be occur in order to completeness plus the time limit should be mentioned before starting the test

Discovery:

Passive:

Here the information gathering phase is starting now; good sources would be search engines, XYZ's official website, job postings and more...

Homepage https://www.hedgehogsecurity.co.uk/

-- END ---

DisclaimerReport Abuse

Contact Email	[email protected]
Issued By	cyberessentials1
Country	United Kingdom
Categories	Business
Tags	cyber essentials , penetration testing , pentesting
Last Updated	April 8, 2020

PDF to Page Flip - Interactive PDF FlipBook‎

Purchase Xiidra Online from Your Canada Drug Store

US Battery Recycling Market Size, Industry Trends, Share and Forecast 2019-2025

AllGovNaukri.com Notifies You About Salary Structure For 7th Pay Commission for Govt. Jobs

Knowlarity Aids Remote Working & Business Continuity Solutions Via Cloud Telephony

How to become a fierce firefighter: The must do things

Get All Information on Staff Selection Commission Vacancy on AllGovNaukri.com

Make Your Style Statement with Couple Bead Bracelets

Hi-Fi System Market worth $17.5 billion by 2025

The Impressive Tips To Hire The Right Therapist