ASPECTS OF INFORMATION SECURITY: PENETRATION TESTING IS CRUCIAL FOR MAINTAINING SYSTEM SECURITY VIABILITY

摘要

Penetration testing is the practice of testing computer systems, networks or web applications for their vulnerabilities and security weaknesses. These tests can either be conducted by automated software or manually [6.] Wikipedia has defined penetration testing as "a method of evaluating the security of a computer system or network by simulating an attack from a malicious source..." [11]. There are many different levels of penetration tests that can be performed on an organizations network and security infrastructure. These tests can range from simply attempting a brute force password attack on a particular system, all the way up to a simulated attack including, but not limited to social engineering.