Ethical Hacking and Penetration Testing Guide
Types of Penetration Tests
Yüklə 22,44 Mb. Pdf görüntüsü
|
|
Types of Penetration Tests
There are several types of penetration tests; however, the following are the ones most commonly performed: 8 ◾ Ethical Hacking and Penetration Testing Guide Network Penetration Test In a network penetration test, you would be testing a network environment for potential security vulnerabilities and threats. This test is divided into two categories: external and internal penetra- tion tests. An external penetration test would involve testing the public IP addresses, whereas in an inter- nal test, you can become part of an internal network and test that network. You may be provided VPN access to the network or would have to physically go to the work environment for the pen- etration test depending upon the engagement rules that were defined prior to conducting the test. Web Application Penetration Test Web application penetration test is very common nowadays, since your application hosts critical data such as credit card numbers, usernames, and passwords; therefore this type of penetration test has become more common than the network penetration test. Mobile Application Penetration Test The mobile application penetration test is the newest type of penetration test that has become common since almost every organization uses Android- and iOS-based mobile applications to provide services to its customers. Therefore, organizations want to make sure that their mobile applications are secure enough for users to rely on when providing personal information when using such applications. Social Engineering Penetration Test A social engineering penetration test can be part of a network penetration test. In a social engi- neering penetration test the organization may ask you to attack its users. This is where you use speared phishing attacks and browser exploits to trick a user into doing things they did not intend to do. Physical Penetration Test A physical penetration test is what you would rarely be doing in your career as a penetration tester. In a physical penetration test, you would be asked to walk into the organization’s building physi- cally and test physical security controls such as locks and RFID mechanisms. Yüklə 22,44 Mb. Dostları ilə paylaş:
|