1) SCOPE DETERMINATION
Before the test, an interview is made to determine the internal network requirements and test scope of the institution.
Vulnerabilities in the firewall are identified and network partitioning is performed.
Tests are carried out to determine security weaknesses in accordance with the information obtained during the discovery phase.
Using the information obtained as a result of the test, a detailed and complete report is prepared by presenting data such as the security weaknesses of the institution, how it can be eliminated, and the way these weaknesses affect the institution.
After the reporting stage, security tests are applied to the institution again to determine whether the identified problems are solved.
Local Network Penetration Test Methodology
- Internal network scan
- Port scan
- System fingerprint
- Service review
- Vulnerability scanning
- Manual vulnerability scanning and testing
- Manual configuration test and verification
- Firewall and network checklist testing
- Administrator privileges promotion test
- Password protection test
- Network equipment security check test
- Database security check test