Chapter 3. Developing Your Ethical Hacking Plan
In This Chapter
Setting ethical hacking goals
Selecting which systems to test
Developing your ethical hacking testing standards
Examining hacking tools
As an ethical hacker, you must plan your ethical hacking efforts before you start. A detailed plan doesn't mean that your testing must be elaborate. It just means that you're very clear and concise about what's to be done. Given the seriousness of ethical hacking, make this as structured a process as possible.
Even if you're just testing a single Web application or workgroup of computers, it's critical to establish your goals, define and document the scope of what you'll be testing, determine your testing standards, and gather and familiarize yourself with the proper tools for the task. This chapter covers these steps to help you create a positive ethical hacking environment so you can set yourself up for success.
Getting Your Plan Approved
Getting approval for ethical hacking is critical. First, obtain project sponsorship. This approval can come from your manager, an executive, a client, or yourself (if you're the boss). Otherwise, your testing may be canceled suddenly, or someone can deny authorizing the tests. There can even be legal consequences for unauthorized ethical hacking. Always make sure that what you're doing is known and visible â at least to the decision makers. Chapter 19 outlines ten tips for getting management's buy-in on your security initiatives, which can help in this ...
Get Hacking For Dummies®, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
