Chapter 1: Introduction to Penetration Testing

1. Technology controls, administrative controls, and physical controls
2. The main differences between a malicious hacker and a pentester are intent and the permission that they get, both legal and otherwise, from the owner of the system that will be evaluated. The pentester works under contract for a company, and the contract specifies what is off-limits and what the pentester is expected to deliver at the end of the test.
3. Some other commonly encountered terms for pentester are penetration tester, ethical hacker, and white-hat hacker. All three terms are correct and describe the same type of individual (though some may debate these apparent similarities in some ...