Summary

Previous page
Table of content
Next page
 < Day Day Up > 

This chapter presented an introduction to the process of creating a test plan for performing a penetration test. Penetration testing includes the following steps:

1.

Reconnaissance

2.

Enumeration

3.

Gaining access

4.

Maintaining access

5.

Covering tracks

Before you get started, you should devise a methodical plan on how you are to perform your test. You can use the Open-Source Security Testing Methodology Manual (OSSTMM) as a starting guide.

After you finish the test, you construct a report. The report should contain each of the following:

  • Executive Summary

  • Project Scope

  • Results Analysis

  • Summary

  • Appendixes

After you present the report, the next step is to discuss policies. Any vulnerability that exists on a network of an organization is either because the organization is not following its security policies or because an important component is missing from its security policy. You can read more about security policies in Appendix A, "Preparing a Security Policy."

     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Penetration Testing and Network Defense
    Penetration Testing and Network Defense
    ISBN: 1587052083
    EAN: 2147483647
    Year: 2005
    Pages: 209
    Authors: Andrew Whitaker, Daniel Newman
    BUY ON AMAZON
    Interprocess Communications in Linux: The Nooks and Crannies
    Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
    C++ GUI Programming with Qt 3
    After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
    What is Lean Six Sigma
    Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy