Module 01 Introduction to Penetration Testing and Methodologies.pptx

This preview shows page 1 - 6 out of 42 pages.

Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.Copyright © by EC-Council UniversityAll Rights Reserved. Reproduction is Strictly Prohibited.MasterSecurityScienceModule 01ECCU 503Security Analysis and Vulnerability AssessmentModule 01: Introduction to Penetration Testing and Methodologies
Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.MODULE OBJECTIVELearn fundamental concepts about penetration testing including its importance, types, process, phases, methodologies, etc.
What is Penetration Testing?
Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.Benefits of Conducting a Penetration TestProactively identifies the threats and determine the probability of an attack on information assetsEnsures effective implementation of security controls and a better Return on Investment (ROI) on IT securityA comprehensive pen test provides an assurancethat the organization is operating within an acceptable limit of information security risksAchieves complianceto regulations and industry standards (ISO/IEC 27001:2013, PCI-DSS, HIPPA, FISMA, etc.)Helps in determining feasibility of a set of attack vectors and determine potential business impact of a successful attackFocuses on high severity vulnerabilities and emphasize application-level security issues to development teams and managementProvides a comprehensive approach for preparation steps that can be taken to prevent upcoming exploitationEvaluates the efficiency of network security devicessuch as firewalls, routers, and web servers
Copyright © by EC-Council. All Rights Reserved. Reproduction is Strictly Prohibited.IIIIIIIVROI for Penetration TestingROI = (Expected Returns − Cost of Investment) / Cost of InvestmentPenetration testing helps the companies in identifying, understanding, and addressing any vulnerabilities, which saves them a lot of money resulting in ROIDemonstrates the ROI for pen test with the help of a business case scenario, which includes the expenditure and the profits involved in itDemonstration of ROI is a critical process for the successful “selling” of the pen testCompanies will spend resources on the pen test only if they have proper knowledge of its benefits

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture