期刊名称:International Journal of Computer Science & Technology
印刷版ISSN:2229-4333
电子版ISSN:0976-8491
出版年度:2012
卷号:3
期号:4
页码:447-452
语种:English
出版社:Ayushmaan Technologies
摘要:In today’s modern era crucial company information is accessed, stored, and transferred electronically. The security of this information and the systems storing this information are critical to the reputation and prosperity of companies. Therefore, vulnerability assessment of computer systems to obtain a complete evaluation of the security risks of the systems under investigation. In current era there is more complex enterprise IT infrastructures consist of hundreds or thousands of systems. Each component of these infrastructures is meticulously configured and integrated into complex systems architecture. Professional IT staffs are responsible for securely establishing and maintaining these IT infra structures are assessing, on an ongoing basis, the real risks presented by system vulnerabilities. Attacks against computer systems and the data contained within these systems are becoming increasingly frequent and evermore sophisticated. Advanced Persistent Threats (APTs) can lead to ex filtration of data over extended periods. Organizations wishing to ensure security of their systems may look towards adopting appropriate measures to protect themselves against potential security breaches. One such measure is to hire the services of penetration testers (or “pen-tester”) to find vulnerabilities present in the organization’s network, and provide recommendations as to how best to mitigate such risks. This paper discusses the definition and role of the modern pen-tester and summarizes current standards and professional qualifications. The paper further identifies issues arising from pen-testers, highlighting differences from what is generally expected of their role in industry to what is demanded by professional qualifications. In this paper we can analysis of The paper further identifies issues arising from pen-testers, highlighting differences from what is generally expected of their role in industry to what is demanded by professional qualifications. In this paper we provide an overview of penetration testing, discuss security vulnerabilities, and summarize the results and benefits of penetration testing realized by the IT executives interviewed.
