Penetration Testing?
#1
Scooby Regular
Thread Starter
iTrader: (3)
Join Date: Dec 1999
Location: UK
Posts: 13,274
Likes: 0
Received 0 Likes
on
0 Posts
Penetration Testing?
If I were looking to employ or have someone trained up as a penetration tester, what should I look for?
Are there recognised accreditations/certifications?
I want to be able to cover external and internal threats, as well vunrabilities within the various computers, servers, appliances and infrastructure.
Cheers
Andy
Are there recognised accreditations/certifications?
I want to be able to cover external and internal threats, as well vunrabilities within the various computers, servers, appliances and infrastructure.
Cheers
Andy
#2
Scooby Regular
iTrader: (1)
Join Date: Jul 2004
Location: There on the stair
Posts: 10,208
Likes: 0
Received 0 Likes
on
0 Posts
Hello Again
You'll need to look for Cisco CCSP, MS MCSA Security +, you may also want to consider SCP (SCP Program Certifications - The Security Certified Program - Security Certified Network Specialist - Security Certified Network Professional - Security Certified Network Architect)
Bleeding all sorts to look for to be honest. Really, a thorough grounding in IT security is where to start
You'll need to look for Cisco CCSP, MS MCSA Security +, you may also want to consider SCP (SCP Program Certifications - The Security Certified Program - Security Certified Network Specialist - Security Certified Network Professional - Security Certified Network Architect)
Bleeding all sorts to look for to be honest. Really, a thorough grounding in IT security is where to start
#4
Scooby Regular
iTrader: (1)
Join Date: Jul 2004
Location: There on the stair
Posts: 10,208
Likes: 0
Received 0 Likes
on
0 Posts
I forgot to add: a complete inability to produce coherent documents. If the last PEN test we had run against our network is anything to go by.
Honestly - all this company did was run a bleeding script against the network and cut and paste the results with some truly poor 'comments' alongside them.
PEN tests against an Infrastructure should look at all aspects - did you hear about that American firm that left USB pens lying around the car park of the company they were paid to test?
The drives held software that communicated back to the testing company when plugged into a p.c. I'll leave you to guess the rest
Honestly - all this company did was run a bleeding script against the network and cut and paste the results with some truly poor 'comments' alongside them.
PEN tests against an Infrastructure should look at all aspects - did you hear about that American firm that left USB pens lying around the car park of the company they were paid to test?
The drives held software that communicated back to the testing company when plugged into a p.c. I'll leave you to guess the rest
Thread
Thread Starter
Forum
Replies
Last Post