In this chapter I summarize security testing methodology, network scanning, vulnerability probing, and system fingerprinting. I then cover best practices for test planning.
I also introduce security-testing techniques and build on this introduction with a discussion of pen testing techniques in Chapter 8. There is a clear dividing line between this chapter's techniques, which are generally legal in most jurisdictions, and the next chapter's techniques, which are generally illegal without written permission from the system owners.
NOTE To perform either class of tests, you should be aware of laws in your locality, as well as any jurisdictions through which your test packets transit. All of the laws of all the countries and jurisdictions carrying your test packets apply to your tests.
Cybersecurity evaluation is part of an overall risk management process. The main phases of this process include risk assessment, certification testing, and accreditation. Risks are potential harm that can be caused by a threat. Vulnerabilities are system weaknesses that can be exploited by threats to convert risks into security issues. Security issues are what happens after a risk has been successfully exploited.
Vulnerability testing and penetration testing are complementary techniques. Vulnerability testing is the more comprehensive of the two. In vulnerability testing you are searching for all ...