ATIS Telecom Glossary
Wednesday, August 20, 2014

A B C D E F G H I
J K L M N O P Q R
S T U V W X Y Z  
Go
 
Glossary Home
Foreword
Introduction
Normative References
Using the ATIS Telecom Glossary
Annex A: Informative References
 
 
 
<< Back
penetration testing
1. Security testing in which evaluators attempt to circumvent the security features of a system based on their understanding of the system design and implementation. [INFOSEC-99]   2.  Tests performed by an evaluator on the Target of Evaluation in order to confirm whether or not known vulnerabilities are actually exploitable in practice  [ITSEC].   3.  The portion of security testing in which the penetrators attempt to circumvent the security features of a system. The penetrators may be assumed to use all system design and implementation documentation, which may include listings of system source code, manuals, and circuit diagrams. The penetrators work under no constraints other than those that would be applied to ordinary users [TCSEC].

 

 

 

 

 

 

 

 

 

 



 
These definitions were prepared by ATIS Committee PRQC
 
For more information on the work related to these definitions,
please visit the ATIS website and the ATIS Document Center