A penetration test is an intrusive test where a third party has been authorized to carry out an attack on a company's network to identify weaknesses. Intrusive scan used by them can cause damage to your systems.
Penetration testing is commonly known as pen testing. Pen testers are given different amounts of information:
- Black Box: Black Box pen testers are given no information on the company
- Gray Box: Gray Box pen testers are given some information
- White Box: White Box pen testers know everything about the system
For example, a pen tester is about to carry out a pen test but has not been given any information on the system. As they arrive at the company, the IT manager offers them a cup of coffee and then gives them the Local Admin account of Server 1. What type of pen test is this? It is a gray box, as he has been give some information?
...