August 2000
Intermediate to advanced
800 pages
21h 5m
English
Content preview from Microsoft® Windows® 2000 Security HandbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Generating an Attack Plan
Every scientific test has two things in common:
Strict measurable goals
A detailed process plan
A penetration test is a scientific test for security holes on your network. You, as a tester, attempt to exploit every known hole in your defenses, test how your defenses hold, test whether they catch the attack, and get knowledge of what to look for in a real attack by studying your pitched attacks.
There are two basic philosophies behind penetration testing. The first philosophy states that the test should be as static as possible. Many commercial vulnerability analysis tools are like this. They follow a set step-by-step process in gathering information and making scripted attacks to discern vulnerabilities. This can quantitatively ...