Intrusion Test

December 2016

Intrusion Test

Intrusion tests (abbreviated as pen tests) consist in testing an information system's protection methods by subjecting the system to a real situation.

Two methods are generally used:

  • The black box method that consists of trying to infiltrate the network without any knowledge of the system in order to perform a realiztic situation
  • The white box method that consists of trying to infiltrate the system equipped with knowledge of the entire system in order to test the limits of the network's security

The consent (preferably written) of the highest level of the hierarchy must be received before these tests are performed, the reason being that they could cause possible damage and because the methods used are considered illegal without the express authorization of the system owner.

An intrusion test is a good way to increase the awareness of those involved in the project when it reveals a flaw. On the other hand, it does not guarantee system security because the testers may miss detecting vulnerabilities. Security audits are a better method for ensuring a higher level of system security because they take organizational and human elements into account and the security is anaylsed internally.


Related :


Prueba de intrusión
Prueba de intrusión
Tests d'intrusion
Tests d'intrusion
Penetration Test
Penetration Test
Testes de intrusão
Testes de intrusão
This document entitled « Intrusion Test » from CCM (ccm.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the license, as this note appears clearly.