Chapter 9

Preparing for the Pen Test


Bullet Taking care of upfront tasks

Bullet Determining the requirements of a test

Bullet Choosing a scan type and the appropriate tools

Bullet Knowing when and how to not go through with it

Becoming familiar with types of attacks and a pen tester’s tools are necessary early steps to using those tools to protect a company’s assets against hackers and their nefarious intentions. Before you dive into the testing, assessing, and preventing, however, there are certain preparatory tasks to take care of.

In addition to knowing what attack type you’re exploring and what tools you need to use to do that, you must understand your role, which systems you’re testing (or not), and what the stakeholder’s goals and expectations are. I cover all of that in this chapter and more, including what to do if you have to end a test before it even gets started.

Handling the Preliminary Logistics

Before you get to the part where you will do any pen testing, you must work out certain logistical details, including getting permission to do the tests. This section highlights and explains ...

Get Penetration Testing For Dummies now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.