Question { 9187 }
what is penetration testing?
Answer
A penetration test is a method of evaluating the security
of a computer system or network by simulating an attack by
a malicious user, known as a cracker (though often
incorrectly referred to as a hacker). The process involves
an active analysis of the system for any potential
vulnerabilities that may result from poor or improper
system configuration, known and/or unknown hardware or
software flaws, or operational weaknesses in process or
technical countermeasures. This analysis is carried out
from the position of a potential attacker, and can involve
active exploitation of security vulnerabilities. Any
security issues that are found will be presented to the
system owner together with an assessment of their impact
and often with a proposal for mitigation or a technical
solution. The intent of a penetration test is to determine
feasibility of an attack and the amount of business impact
of a successful exploit, if discovered.