Penetration Testing by James Hayes, Nick Furneaux, Jims Marchang, Rob Ellis, Jason Charalambous, Moinuddin Zaki, Peter Taylor, Roderick Douglas, Felix Ryan, Ceri Charlton, Gemma Moore, Tylor Robinson, Sharif Gardner

Penetration testing can be done well or done badly; this chapter explores how to do it well. We will cover what could be tested, some common testing methodologies that could be used, the documentation typically used to commission penetration testing, and the documentation resulting from the exercise itself.

WHAT IS MEANT BY ‘BEST PRACTICE’ AND ‘GOOD PRACTICE’?

Best practice is the broad term used by technologists to describe the best possible way of completing a task or overcoming a problem. The term suggests that there is a guidance document or manual somewhere that sets out the ‘one true way’; however, this is often far from reality. The exact definition of what best practice means in a ...