Depending on which book you read or document you examine you will find that the labels used for pen testing are laid out a little differently. Basically the structure is as follows:
1. Legalities – You need to sign a contract with the client and make sure you are legally covered before starting any test.
2. Footprinting – This phase of the pen test involves finding out as much as possible about the client's security posture. These activities can be passive or active.
3. Scanning – This is where the pen test starts to get technical. Various tools can be used to scan for open ports, applications, and vulnerabilities.
4. Enumeration – A more directed query focused on the possible targets for attack.
5. System attack – At this point a member of the pen test team has located a vulnerability that will allow them access to the targeted resource.
6. Privilege Escalation – Not every system hack will initially provide full access to the targeted system, in those circumstances privilege escalation is required.
7. Planting the flag – Most pen tests will have a stated target. Such as gain access to the system, plant a flag, remove the CEO's password, etc.
8. Prepare the report – Here is where the paperwork comes in you will need to document how you were able to gain access, what vulnerabilities were discovered, the risk of the vulnerabilities, and how you propose they be dealt with.
Dig deeper on Network Security Monitoring and Analysis
Related Q&A from Michael Gregg
Enterprise security expert, Michael Gregg answers a question regarding port 3389 issues when a user tries to open port 3389 RDP on their router to ...continue reading
Security expert Michael Gregg discusses the disadvantages to a layered approach to enterprise security.continue reading
Security expert Michael Gregg fields a question about unknown network cards gaining access to a user's network.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.