SMT

Resource

Center

 

Coming Soon

Security Management Technology Center Develop Elearning, FAQ , New Center...

SMT BLOG

 

What are the deferences between the penetration test and the vulnerability assessment ?

we have to know that there's a different types/categories of security assessments to assess the level of the security on any network resources in the organization, security assessment divided into three categories:

security audit, vulnerability assessments, penetration test.

1- Security audit: focus on the people and processes used to design, implement and manage security on a network.

2- Vulnerability assessment: is a basic type of security. It helps you in finding the weaknesses by scanning a network by using scanning tools, vulnerability scanners can test systems and network devices for exposure to common attacks.

3- Penetration Test: also called “ethical hacking”, it's a process of evaluating the security of the network by trying all possible attacks like the real attack (hacker) does. As a pen-tester you will be limited by resources such as time, skilled resources and access to equipment as outlined in the penetration test agreement.

Penetration Testing goes beyond the vulnerability scanning in the category of security assessment. With the vulnerability scanning, you can always examine the security of the individual computers, network devices or applications but penetration test allows you to assess the security model of the network as a whole. Penetration test help you to reveal potential consequences of a real attacher breaking into the network to network administrators, IT managers and executives. Penetration test also reveals the security weaknesses that a typical vulnerability scanning misses.

Penetration test not only point out vulnerabilities, it will also document how the weaknesses can be exploit and how several minor vulnerabilities can be escalated by n attacker to compromise a computer or network.

Most Vulnerability assessment are carried out sloly based on software and cannot assess security that is not related to technology.

 

Reference: CeHv8

** Disclaimer **

Any actions and or activities related to the material contained within this Website is solely your responsibility.The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.

This site contains materials that can be potentially damaging or dangerous. If you do not fully understand something on this site, then GO OUT OF HERE! Refer to the laws in your province/country before accessing, using,or in any other way utilizing these materials.These materials are for educational and research purposes only.Do not attempt to violate the law with anything contained here. If this is your intention, then LEAVE NOW! Neither administration of this server, the authors of this material, or anyone else affiliated in any way, is going to accept responsibility for your actions. Neither the creator is responsible for the comments posted on this website.

Newsletter

Subscribe to our newsletter and stay updated on the latest news and special offers!
Please wait