Penetration Testing
Added on 2022-08-17
14 Pages3069 Words417 Views
Data Science and Big Data
|
|
|
Running head: PENETRATION TESTING
PENETRATION TESTING
Name of the Student:
Name of the University:
Author Note:
PENETRATION TESTING
Name of the Student:
Name of the University:
Author Note:
PENETRATION TESTING1
Table of Contents
Introduction......................................................................................................................................2
Methodologies of Penetration Testing.............................................................................................2
White Box Testing.......................................................................................................................3
Black Box Testing.......................................................................................................................4
Gray Box Testing.........................................................................................................................4
Ethical Considerations.....................................................................................................................5
Standard Operating Procedure.........................................................................................................7
References......................................................................................................................................10
Table of Contents
Introduction......................................................................................................................................2
Methodologies of Penetration Testing.............................................................................................2
White Box Testing.......................................................................................................................3
Black Box Testing.......................................................................................................................4
Gray Box Testing.........................................................................................................................4
Ethical Considerations.....................................................................................................................5
Standard Operating Procedure.........................................................................................................7
References......................................................................................................................................10
PENETRATION TESTING2
Introduction
Penetration testing is practice to test computer network, web application or system for
finding security vulnerabilities which an attacker might exploit. The penetration testing could be
performed automated or manual to software applications. This process consists of collecting
information of target before this test, which identifies possible points of entry, trying to break
into either for virtually or in real as well as reporting back findings. Penetration testing’s primary
objective is identifying security’s weaknesses (Pozzobon et al. 2018). Penetration testing might
be used for testing of security policy of firm, its adherence in compliance the requirements,
security awareness of the employees as well as organization’s ability in identifying as well as
responding to the security incidents. Penetration test could highlight the weaknesses within
security policies of an organization.
This paper would identify and compare between the methodologies of penetration testing.
The paper would analyze about the statutory as well as ethical considerations for penetration
tester. Standard Operating Procedure along with decision tree for penetration testing would be
provided in the paper as well. SOP would define every step of the instructions that is compiled y
organization for helping the workers in carrying out the routine operations.
Methodologies of Penetration Testing
Penetration testing could be categorized depending on the different parameters such as
knowledge of target or areas where this is performed or position of penetration tester. There are
several methods that are used for getting into network of target system Penetration testing would
determine feasibility for specific set of the attack vendors (Denis, Zena and Hayajneh 2016). The
Introduction
Penetration testing is practice to test computer network, web application or system for
finding security vulnerabilities which an attacker might exploit. The penetration testing could be
performed automated or manual to software applications. This process consists of collecting
information of target before this test, which identifies possible points of entry, trying to break
into either for virtually or in real as well as reporting back findings. Penetration testing’s primary
objective is identifying security’s weaknesses (Pozzobon et al. 2018). Penetration testing might
be used for testing of security policy of firm, its adherence in compliance the requirements,
security awareness of the employees as well as organization’s ability in identifying as well as
responding to the security incidents. Penetration test could highlight the weaknesses within
security policies of an organization.
This paper would identify and compare between the methodologies of penetration testing.
The paper would analyze about the statutory as well as ethical considerations for penetration
tester. Standard Operating Procedure along with decision tree for penetration testing would be
provided in the paper as well. SOP would define every step of the instructions that is compiled y
organization for helping the workers in carrying out the routine operations.
Methodologies of Penetration Testing
Penetration testing could be categorized depending on the different parameters such as
knowledge of target or areas where this is performed or position of penetration tester. There are
several methods that are used for getting into network of target system Penetration testing would
determine feasibility for specific set of the attack vendors (Denis, Zena and Hayajneh 2016). The
PENETRATION TESTING3
testing would identify risk vulnerabilities which result from vulnerabilities’ lower risk’s
combination that are exploited in specific sequence. Penetration testing figures out the
vulnerabilities which might be tough to detect the network applications. Penetration testing
assesses potential business’s magnitude as well as successful attacks’ operational impacts.
Penetration testing provides evidence for supporting increased investment within security
personnel as well as technology (Casola et al. 2020). Every penetration testing could be
conducted by anyone of the methodologies: white box testing, black box testing and gray box
testing.
White Box Testing
This testing is penetration testing’s method which tests the internal structures as
well as workings of system or network as opposed with the functionality. In this testing, the
programming skills along with system’s internal perspective are used for designing the test
causes. Tester selects inputs for exercising paths by code as well as determining expected
outputs. It is method to test system or network at source code’s level. Such test cases could be
derived by design techniques’ use: testing of testing of data flow, control flow, path testing,
branch coverage, decision coverage, modified condition and statement coverage.
These techniques are used by it as guidelines to create environment that is free of error
through examining the network or the system. Techniques of white box testing are to build
blocks for this testing. White box testing allows in performing testing of system or network with
root level or admin access. It consists of access to documents, source code, specifications and
architecture. Though, the testing could be a bit time consuming as for the thorough approach
(Satria et al. 2018). White box testing’s objective is checking robustness of infrastructure within
testing would identify risk vulnerabilities which result from vulnerabilities’ lower risk’s
combination that are exploited in specific sequence. Penetration testing figures out the
vulnerabilities which might be tough to detect the network applications. Penetration testing
assesses potential business’s magnitude as well as successful attacks’ operational impacts.
Penetration testing provides evidence for supporting increased investment within security
personnel as well as technology (Casola et al. 2020). Every penetration testing could be
conducted by anyone of the methodologies: white box testing, black box testing and gray box
testing.
White Box Testing
This testing is penetration testing’s method which tests the internal structures as
well as workings of system or network as opposed with the functionality. In this testing, the
programming skills along with system’s internal perspective are used for designing the test
causes. Tester selects inputs for exercising paths by code as well as determining expected
outputs. It is method to test system or network at source code’s level. Such test cases could be
derived by design techniques’ use: testing of testing of data flow, control flow, path testing,
branch coverage, decision coverage, modified condition and statement coverage.
These techniques are used by it as guidelines to create environment that is free of error
through examining the network or the system. Techniques of white box testing are to build
blocks for this testing. White box testing allows in performing testing of system or network with
root level or admin access. It consists of access to documents, source code, specifications and
architecture. Though, the testing could be a bit time consuming as for the thorough approach
(Satria et al. 2018). White box testing’s objective is checking robustness of infrastructure within
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Computer Science and Security | Task Reportlg...
|43
|3989
|16
Pen Test Methodology Comparisonslg...
|11
|2755
|43
Top 5 Penetration Testing Methodologies and Standardslg...
|11
|2477
|29
What is Penetration Testing and How Does It Work? -lg...
|12
|2793
|15
Penetration testing Assignment PDFlg...
|21
|4229
|303
Penetration Testing Report And Managementlg...
|12
|2862
|10