1 00:00:00,480 --> 00:00:04,290 ‫So first things first, what is the penetration test? 2 00:00:05,420 --> 00:00:10,910 ‫To answer this question, I would like to show you three definitions from three different resources. 3 00:00:11,720 --> 00:00:12,800 ‫Talk about reconnaissance. 4 00:00:14,290 --> 00:00:23,110 ‫The first one is from Wikipedia, the definition of penetration test in Wikipedia is as follows, and 5 00:00:23,110 --> 00:00:31,750 ‫I quote an attack on a computer system with the intention of finding security weaknesses, potentially 6 00:00:31,750 --> 00:00:33,050 ‫gaining access to it. 7 00:00:33,610 --> 00:00:36,730 ‫Its functionality and data end quote. 8 00:00:37,630 --> 00:00:43,930 ‫Now I want you to pay attention to the words with the intention of finding security weaknesses. 9 00:00:44,530 --> 00:00:44,710 ‫Mm-Hmm. 10 00:00:45,990 --> 00:00:55,770 ‫Second definition is from the CISSP preparation guide book and I quote a pen test can determine how 11 00:00:55,770 --> 00:01:03,000 ‫a system reacts to an attack, whether or not a system is defenses can be breached and what information 12 00:01:03,000 --> 00:01:04,860 ‫can be acquired from the system. 13 00:01:06,530 --> 00:01:12,410 ‫Now, the words that I want to emphasize here are how a system reacts to an attack. 14 00:01:13,680 --> 00:01:19,260 ‫In the last definition is from another book, it's called Penetration Testing, Protecting Networks 15 00:01:19,260 --> 00:01:20,190 ‫and Systems. 16 00:01:20,910 --> 00:01:28,050 ‫And I put pen testing is this simulation of an attack on a system, network, piece of equipment or 17 00:01:28,050 --> 00:01:35,910 ‫other facility with the objective of proving how vulnerable that system or target would be to a real 18 00:01:35,910 --> 00:01:37,290 ‫attack end quote. 19 00:01:38,620 --> 00:01:40,130 ‫We want you to notice the words here. 20 00:01:40,580 --> 00:01:42,800 ‫The simulation of an attack. 21 00:01:44,260 --> 00:01:51,640 ‫So my take on this, since you're asking, is basically bringing a few of these selected parts of the 22 00:01:51,640 --> 00:01:53,560 ‫previous definitions together. 23 00:01:54,100 --> 00:02:04,570 ‫So my definition penetration test or pen test is the attack simulation on IT systems with the intention 24 00:02:05,050 --> 00:02:11,470 ‫of finding security weaknesses to determine how systems react to these weaknesses. 25 00:02:11,920 --> 00:02:12,640 ‫See what I mean?