From the course: Security Testing Essential Training
Join today to access over 25,300 courses taught by industry experts.
Goals of a pen test
From the course: Security Testing Essential Training
Goals of a pen test
- [Instructor] Well scoped penetration tests often have very specific goals in mind. Most penetration tests have the stated goal of stealing privilege credentials, but you can define other goals. Maybe you want access to the CFO's inbox. Maybe you want intellectual property. Maybe you want a database of customer information. Remember the CIA triad, confidentiality, integrity, and availability. The goals of a pen test should be influenced by how the organization prioritizes these concepts. Penetration tests often focus on compromising sensitive data like customer records or intellectual property. This is appropriate for organizations that prioritize confidentiality. If you as a penetration tester succeed in your goals and compromise sensitive data at the organization, you're bound to keep those secrets secret, either through a non-disclosure agreement or through a code of ethics. Exploiting integrity vulnerabilities could result in unauthorized changes to production systems or data. At…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
Language is important2m 22s
-
(Locked)
Risk assessments2m 19s
-
(Locked)
Calculating risk score3m 19s
-
(Locked)
Security controls assessments2m 6s
-
(Locked)
NIST and ISO4m 7s
-
(Locked)
Compliance assessments2m 57s
-
(Locked)
Vulnerability assessments3m 23s
-
(Locked)
Penetration tests2m 45s
-
(Locked)
Goals of a pen test2m 4s
-
(Locked)
The security assessment lifecycle3m 32s
-
-
-
-
-
-
-
-