» »Unlabelled » Creating Testing Standards
Friday, August 9, 2019

hack tools dragon city

Creating Testing Standards

Creating Testing Standards
Creating Testing Standards
Creating Testing Standards, One miscommunication or slip-up can send your system crashing during your ethical hacking tests. No one wants that to happen. To prevent mishaps, develop and document testing standards. These standards should include.
  • When the tests are performed, along with the overall timeline.
  • What tests are performed
  • How the tests are performed, and from where
  • How much knowledge of the systems you acquire in advance
  • What you do when a major vulnerability is discovered
This is a list of general best practices. You can apply more standards for your situation.

Creating Testing Standards


Timing
You know they say that it's "all in the timing." This is especially true when performing ethical hacking tests. Make sure that the tests you're performing minimize disruption to business processes, information systems, and people. You want to avoid situations like miscommunicating the timing of tests and causing a DoS attack against a high-traffic e-commerce site in the middle of the day, or forcing yourself or others to perform password-cracking tests in the middle of the night. It's amazing what a 12-hour time difference can make! Everyone in the project should agree on a detailed timeline before you begin. This puts everyone on the same page and sets correct expectations.

Notify any Internet Service Providers (ISP) or Application Service Providers (ASPs) involved before performing any tests across the Internet. This way, ISPs and ASPs will be aware of the testing going on, which will minimize the chance that they will block your traffic if they suspect malicious behavior that shows up on their firewalls on Intrusion Detection Systems (IDSs).

The timeline should include specific short-term dates and times of each test, the start and end dates, and any specific milestones in between. You can develop and enter your timeline into a simple spreadsheet or Gantt chart, or you can include the timeline as part of your initial customer proposal and contract. For example, you could use a timeline similar to the following: 
Test Performed                   Tester                 Start Time                  Projected End Time
War Dial                         Tommy Tinker      July 1, 6:00 a.m.           July 1, 10:00 a.m.
Password cracking       Amy Trusty          July 2, 12:00 p.m.         July 2, 5:00 p.m.

This timeline will keep things simple and provide a reference during testing.

Creating Testing Standards

Posted by at Mbozi, Mbeya. 7:40 AM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)