Summary

Previous page
Table of content
Next page
 < Day Day Up > 

This chapter presented an introduction to the process of creating a test plan for performing a penetration test. Penetration testing includes the following steps:

1.

Reconnaissance

2.

Enumeration

3.

Gaining access

4.

Maintaining access

5.

Covering tracks

Before you get started, you should devise a methodical plan on how you are to perform your test. You can use the Open-Source Security Testing Methodology Manual (OSSTMM) as a starting guide.

After you finish the test, you construct a report. The report should contain each of the following:

  • Executive Summary

  • Project Scope

  • Results Analysis

  • Summary

  • Appendixes

After you present the report, the next step is to discuss policies. Any vulnerability that exists on a network of an organization is either because the organization is not following its security policies or because an important component is missing from its security policy. You can read more about security policies in Appendix A, "Preparing a Security Policy."

     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Penetration Testing and Network Defense
    Penetration Testing and Network Defense
    ISBN: 1587052083
    EAN: 2147483647
    Year: 2005
    Pages: 209
    Authors: Andrew Whitaker, Daniel Newman
    BUY ON AMAZON
    Software Configuration Management
    Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
    FileMaker Pro 8: The Missing Manual
    Sap Bw: a Step By Step Guide for Bw 2.0
    Microsoft Office Visio 2007 Step by Step (Step By Step (Microsoft))
    Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy