The various modes of system security testing are as follows:

1. Remote network: This mode attempts to simulate an attack launched over the Internet. The primary defenses that must be defeated in this test are border firewalls, filtering routers, etc.
2. Remote dial-up network: This mode simulates an attack against the client’s modem pools. The main targets of dial up testing are PBX units, Fax machines, and central voice mail servers. The primary defenses that must be defeated here are user authentication schemes.
3. Local network: This test simulates an employee or other authorized person who has an authorized connection to the organization’s network. The primary defenses that must be defeated here are intranet firewalls, internal Web servers, and server security measures.
4. Stolen equipment: This mode simulates theft of a critical information resource such as a laptop owned by a strategist.
5. Social engineering: This aspect attempts to check the integrity of the organization’s employees.
6. Physical entry: This test acts out a physical penetration of the organization’s building. The primary defenses here are a strong security policy, security guards, access controls and monitoring, and security awareness.

Explore More

What is “Clickjacking“? The latest Adobe Flash clipboard hijack attack

A new Web attacks is now in the wild. It’s named clickjacking – as discussed at the OWASP NYC AppSec 2008 Conference. Clickjacking is actually clipboard hijacking by adobe flash

Read More

Latest common commercial hacking tools (Price, working etc)

Here are some of the latest hacking tools marketed just like commercial software across different ICQ channels. Just like normal software deep discounts and regular updates are also available for

Read More

Hacker Halted Asia Pacific 2010

2010. Entering the new decade, have we done enough to secure our information? Or will we be found wanting by the end of this decade? History is a great teacher,

Read More