The various modes of system security testing are as follows:

1. Remote network: This mode attempts to simulate an attack launched over the Internet. The primary defenses that must be defeated in this test are border firewalls, filtering routers, etc.
2. Remote dial-up network: This mode simulates an attack against the client’s modem pools. The main targets of dial up testing are PBX units, Fax machines, and central voice mail servers. The primary defenses that must be defeated here are user authentication schemes.
3. Local network: This test simulates an employee or other authorized person who has an authorized connection to the organization’s network. The primary defenses that must be defeated here are intranet firewalls, internal Web servers, and server security measures.
4. Stolen equipment: This mode simulates theft of a critical information resource such as a laptop owned by a strategist.
5. Social engineering: This aspect attempts to check the integrity of the organization’s employees.
6. Physical entry: This test acts out a physical penetration of the organization’s building. The primary defenses here are a strong security policy, security guards, access controls and monitoring, and security awareness.

Explore More

SQL Injection Cheat Sheet

(wiki) SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application. The vulnerability is present when user input is either

ModSecurity

ModSecurity is a web application firewall (WAF). With over 70% of attacks now carried out over the web application level, organisations need all the help they can get in making

Critical xss vulnerabilities at classified listings site Ads.com.mm

PlanetCreator has reported another critical XSS Vulnerability on classified listings site Ads.com.mm Cross Site Scripting is a client-side attack where an attacker can craft a malicious link, containing script- code