Читать книгу CompTIA PenTest+ Certification For Dummies - Glen E. Clarke - Страница 35

Once the information gathering subphase is complete, you should now have a listing of the ports open on the system and potentially a list of the software being used to open those ports. In the vulnerability identification subphase, you research the vulnerabilities that exist with each piece of software being used by the target. Vulnerability identification also involves using a vulnerability scanner to automate the discovery of vulnerabilities that exist on the target networks and systems.

Chapters 3 and 4 cover information gathering and vulnerability identification.