cybeer secur

Response ….100 min… agree or disagree..

When looking at the different ways a pentester can help a company against a black hat attacker, the most prevalent ways are through white box, grey box and black box testing. In black box testing, the person that is doing the testing is put in the role of a hacker that has no internal knowledge of the system the are hacking (What are, 2019). This allows the test to determine what in the system is exploitable from outside the network (What are, 2019). The benefit of this mode of testing is that it is done in the mode that most hackers will start and attack from. Grey Box testing is done from the aspect of a user. The tester would have user access to the system and be given some sort of knowledge about the system (What are, 2019). The benefit of a Grey Box system would be that the system with the greatest risk can be looked at first and the tester can simulate extended access in the system (What are, 2019). White Box testing is done by giving the tester full access to the system including giving them source code and system architecture (What are, 2019). The benefit to this type of test is that it gives a complete inside and out test to look at vulnerabilities (What are, 2019).

What are Black Box, Grey Box, and White Box Penetration Testing? (2019). Retrieved from https://resources.infosecinstitute.com/what-are-black-box-grey-box-and-white-box-penetration-testing/#gref