This appendix contains checklists for your reference. For ease of use, they are separated first by topic (that is, penetration tests checklists and countermeasures checklists), and then by chapter.
The following checklists, which can also be found on the companion CD, are lists of items you should be covering during your penetration tests. Each network environment on which you conduct a penetration test will differ in some way so there may be additional items not covered here; however, consider these checklists as a good baseline.
Check registrar records for non-essential information that could aid attackers.
Determine your organization’s IP network block assignment ...