Appendix A. Pen Testing 101 Basics
In this chapter, we will cover the following topics:
- Introduction
- What is penetration testing
- What is vulnerability assessment
- Penetration testing versus vulnerability assessments
- Objectives of penetration testing
- Types of penetration testing:
- Black box
- White box
- Gray box
- Who should do penetration testing
- What is the goal here
- General penetration testing phases
- Gathering requirements
- Preparing the test plan
- The different phases of penetration testing
- Providing test objectiveness and boundaries
- Project management and third-party approvals
- Categorization of vulnerabilities
- Threat management
- Asset risk rating
- Report
- Conclusion