Net.Sec Management Week15

Card Set Information

Author:
fs356
ID:
205659
Filename:
Net.Sec Management Week15
Updated:
2013-03-07 10:01:33
Tags:
Week 15 Vulnerability Scanning vs Penetration Testing
Folders:

Description:
Week 15 Vulnerability Scanning vs Penetration Testing
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user fs356 on FreezingBlue Flashcards. What would you like to do?


  1. What is a Vulnerability Scanning
    Vulnerability Scanning: An automated software search (scan) through a system for any known security weaknesses (vulnerabilities) that then creates a report of those potential exposures.

    • · It examines the current security in a passive method.
    • · No exploitation of weaknesses
    • · But rather report back what is uncovered
    • · Usually performed from inside the security perimeter. (No disruptions to network devices)
  2. What is Penetration Testing?
    is designed to actually exploit any weaknesses in systems that are vulnerable. 

    –Testers are usually independent contractors.

    –Testing takes place outside the security perimeter

    –Could disrupt the operation of devices (actively probing)
  3. Types of Pentest Techniques
    Black Box Test: the tester has no prior knowledge of the network infrastructure.

    White Box Test: Tester has in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even source code of custom applications

    Gray Box Test: Sits between black and white box test, some limited information has been provided to the tester
  4. Differences between Vulnerability Scan & Penetration Test

What would you like to do?

Home > Flashcards > Print Preview