What are the various modes of system security testing?

Home / Hacking, News, Security / What are the various modes of system security testing?

October 1, 2008 PlanetCreator 0 Comments 0 tags

The various modes of system security testing are as follows:

1. Remote network: This mode attempts to simulate an attack launched over the Internet. The primary defenses that must be defeated in this test are border firewalls, filtering routers, etc.
2. Remote dial-up network: This mode simulates an attack against the client’s modem pools. The main targets of dial up testing are PBX units, Fax machines, and central voice mail servers. The primary defenses that must be defeated here are user authentication schemes.
3. Local network: This test simulates an employee or other authorized person who has an authorized connection to the organization’s network. The primary defenses that must be defeated here are intranet firewalls, internal Web servers, and server security measures.
4. Stolen equipment: This mode simulates theft of a critical information resource such as a laptop owned by a strategist.
5. Social engineering: This aspect attempts to check the integrity of the organization’s employees.
6. Physical entry: This test acts out a physical penetration of the organization’s building. The primary defenses here are a strong security policy, security guards, access controls and monitoring, and security awareness.

Explore More

Critical Blind SQL Injection (vulnerability) in The Best Myanmar Website (burmeseclassic.com)

PlanetCreator has reported another critical Blind SQL Injection (vulnerability) on http://www.burmeseclassic.com/ This vulnerability has been alerted to :- Webmaster of BurmeseClassic Applications: â€”â€”â€”â€” PlanetCreatorâ€™s_Universal_Advanced_Internet_Security_T00L System Time: â€”â€”â€”â€” (UTC+08:00) Yangoon, Myanmar

How To Hack A Wireless Network

How To Hack A Wireless Network Hacking WiFi This way of circumventing encryption WEP for wireless was developed and explained by agents of an American organizacaciÃ³n recognized. Demonstrating that you

Critical SQL Injection and XSS Vulnerability in Myanmar Engineering Society

PlanetCreator has reported another critical SQL Injection (vulnerability) on Myanmar Engineering Society Website http://www.mes.org.mm SQL injection is a code injection technique that exploits a security vulnerability occurring in the database

[webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
on November 15, 2024 at 12:00 am
SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
[webapps] reNgine 2.2.0 - Command Injection (Authenticated)
on October 1, 2024 at 12:00 am
reNgine 2.2.0 - Command Injection (Authenticated)
[webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
on October 1, 2024 at 12:00 am
dizqueTV 1.5.3 - Remote Code Execution (RCE)
[webapps] openSIS 9.1 - SQLi (Authenticated)
on October 1, 2024 at 12:00 am
openSIS 9.1 - SQLi (Authenticated)
[dos] Windows TCP/IP - RCE Checker and Denial of Service
on August 28, 2024 at 12:00 am
Windows TCP/IP - RCE Checker and Denial of Service