How does the penetration test differ from other types of security testing—such as a vulnerability assessment
There is a considerable amount of confusion in the industry regarding the differences between vulnerability scanning and penetration testing, as the two phrases are often used interchangeably. However, their meaning and implications are very different. A vulnerability assessment simply identifies and reports noted vulnerabilities, whereas a penetration test (Pen Test) attempts to exploit the vulnerabilities to determine whether unauthorized access or other malicious activity is possible.
Penetration testing typically includes network penetration testing and application security testing; it also includes controls and processes around the networks and applications and should occur from both outside the network trying to come in (external testing) and from inside the network.
Given this information, review the two links on how Kali Linux is often used in penetration testing, the tools it contains, and how it can assist a penetration tester to identify vulnerabilities in the network:
Once you have done that, answer the following questions as though you were an internal or external penetration test firm assisting a Saudi company in strengthening their systems, framework, and network.
How does the penetration test differ from other types of security testing—such as a vulnerability assessment?
What is your process for performing the penetration test?
Discuss the process and tools that would be used.
How will you protect my data during and after testing?
How will you ensure the availability of my systems and services while the test is taking place?
These last two will be key. Unless you are performing the penetration test when their users are not active, it will be necessary to catalog how you will do this without disrupting business or destroying data.
In preparing your response, cite at least one source from professional or academic literature, such as articles from peer-reviewed journals and relevant textbooks. For this course, the use of Wikipedia is notconsidered an academic or professional reference. You should also be sure to proofread and spellcheck your responses. All sources should be formatted per APA style guidelines.
Be sure to support your statements with logic and argument, citing any sources referenced. Post your initial response early and check back often to continue the discussion.
Your responses should be one page in length,
Be sure to provide citations from your readings and additional research to support your statements.
Your paper must follow APA style guidelines, as appropriate.
You are strongly encouraged to submit all assignments to the Turnitin Originality Check prior to submitting them to your instructor for grading. If you are unsure how to submit an assignment to the Originality Check tool, review the Turnitin Originality Check Student Guide.
Requirements: 1 page
Solution preview for the order on how does the penetration test differ from other types of security testing—such as a vulnerability assessment