TCCSI Six Step Process for Planning, Preparation, and Testing.
 |
Proper planning is essential
in making your organization's penetration test a
success. An initial meeting between TCCSI and your
organization will be arranged. This meeting entails
discussing matters that concern the scope and objective
of the penetration test as well as what parties
will be involved.
A clear objective is also essential
when conducting the penetration test. This objective
typically is to demonstrate exploitable vulnerabilities
that exist within an organization's network infrastructure.
Scoping for the penetration test is done by identifying
the machines, systems, and network, as well as the
operational requirements and what staff is involved.
Timing and duration of the test will be discussed
as well so as to ensure that while the tests are
being conducted, normal business operations
will not be disrupted. |
|
 |
| This step involves gathering
as much information as possible regarding the targeted
systems or network, utilizing various tools and
online resources. Port scanning is done during this
phase for the purpose of obtaining information about
closed and open ports running on the system or network. |
|
 |
| Assessment of the vulnerability
present in each system. We have a compilation of
exploits and vulnerabilities at our disposal specifically
for this purpose. |
|
 |
| Identification of suitable targets
for a penetration attempt is conducted during this
phase. TCCSI will attempt to penetrate via these
chosen targets using customized tools design for
this purpose. |
|
 |
| The cleaning up process is conducted
so as to clear any disorder that may have occurred
as a result of the penetration test. |
|
 |
| A report is generated for your
organization which includes an overview of the penetration
testing process and analytical commentary on critical
vulnerabilities present in your organization's network
or systems. |
|
|
