6 SCOPING A PENETRATION TEST

Jims Marchang and Roderick Douglas

This chapter considers the scope of a penetration test. The scope will determine which systems should be tested, when and how they may be subjected to tests and any limitations such as systems or networks specifically included or excluded from testing. A clear understanding of the scope of a test is vital both for the organisation being tested and for the tester. Organisations should have a solid idea of which systems and networks they would like to be tested, and what access or information the tester needs to be given in order to complete the penetration testing. Testers need to know what access they have been granted, which tests they are required to perform and any systems or ...

Get Penetration Testing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.