Читать книгу CompTIA Pentest+ Certification For Dummies - Glen E. Clarke - Страница 55

As you scope out the penetration test, you need to determine what company assets are the in-scope assets for the penetration test. In-scope assets are targets during the penetration test. Following are examples of targets for a penetration test:

 Wireless networks: Determine what wireless SSIDs are to be targeted in the penetration test.

 Internet Protocol (IP) ranges: Determine IP ranges that are to be targeted during the penetration test.

 Domains: Determine any internal and external domain names that should be targeted during the penetration test.

 Application programming interfaces (APIs): Identify any APIs that should be tested. APIs are code that is called upon by other applications and should be tested. This includes stand-alone APIs such as custom DLLs and web APIs such as RESTful web services.

 Physical locations: Determine the physical locations that are in scope with the penetration test and if you have permission to attempt to bypass physical access controls to gain access to those locations. For example, a customer may state that the company’s Boston data center is in scope, but data centers at other locations are not.

 Domain name system (DNS): Identify the DNS server addresses used for internal DNS and external DNS.

 External versus internal targets: Take time to identify what internal targets (on the LAN) are in scope and what external targets (on the Internet) are in scope.

 First-party versus third-party hosted: It is important to identify assets that exist on-premises (first-party) and assets that are hosted in the cloud (third-party).

Be sure to understand the type of targets for a penetration test. Also note that if the target is a cloud resource or other asset hosted by a third party, you must get permission from the third party or cloud provider to perform testing on those assets.

Depending on the type of testing being performed, there are a number of other questions you can ask during the scoping of the project. The Penetration Testing Execution Standard (PTES) website found at www.pentest-standard.org has an extensive list of questions you can ask. The following sections list example questions for each different type of test.