Net.Sec Management Week15
Home > Preview
The flashcards below were created by user
on FreezingBlue Flashcards.
What is a Vulnerability Scanning
Vulnerability Scanning: An automated software search (scan) through a system for any known security weaknesses (vulnerabilities) that then creates a report of those potential exposures.
- · It examines the current security in a passive method.
- · No exploitation of weaknesses
- · But rather report back what is uncovered
- · Usually performed from inside the security perimeter. (No disruptions to network devices)
What is Penetration Testing?
is designed to actually exploit any weaknesses in systems that are vulnerable.
–Testers are usually independent contractors.
–Testing takes place outside the security perimeter
–Could disrupt the operation of devices (actively probing)
Types of Pentest Techniques
Black Box Test: the tester has no prior knowledge of the network infrastructure.
White Box Test: Tester has in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even source code of custom applications
Gray Box Test: Sits between black and white box test, some limited information has been provided to the tester
Differences between Vulnerability Scan & Penetration Test
Home > Flashcards > Print Preview