Penetration tests evaluating the security model of the organization as a whole. It shows the potential consequences of an attacker using only his mind and lack of penetration tests the idea that evil. The concept that any business is essentially an integrated system of cash flows driven by management decisions provides the book’s foundation. | Module X Penetration Testing Penetration Testing Penetration testing assesses the security model of the organization as a whole It reveals potential consequences of a real attacker breaking into the network A penetration tester is differentiated from an attacker only by his intent and lack of malice Penetration testing that is not completed professionally can result in the loss of services and disruption of the business continuity Types of Penetration Testing External testing External testing involves analysis of publicly available information a network enumeration phase and the behavior of security devices analyzed Internal testing Internal testing will be performed from a number of network access points representing each logical and physical segment Black-hat testing zero-knowledge testing Gray-hat testing partial-knowledge testing White-hat testing complete-knowledge .