Penetration Testing (AQA GCSE Computer Science): Revision Notes

Penetration testing

What is penetration testing?

Penetration testing is a method of testing computer systems and networks to find security weaknesses that hackers could potentially use to break in. Think of it like having friendly ethical hackers try to break into your system on purpose, so you can fix any problems before real criminals find them.

During penetration testing, security experts act as hackers and attempt to gain unauthorised access to systems in a controlled and safe way. This helps organisations understand how vulnerable they really are to cyber attacks.

Why do organisations use penetration testing?

Penetration testing serves several important purposes that help keep computer systems safe:

Finding security gaps: The main goal is to discover vulnerabilities in a system's security before real attackers can exploit them. It's much better to find these problems during a controlled test than during an actual attack.

Testing user awareness: Good penetration testing also checks how likely employees are to fall for social engineering tricks, which helps organisations understand if they need more security training for their staff.

Evaluating security policies: The testing shows how effective an organisation's current security measures actually are in practice, not just on paper.

Testing incident response: Penetration testing can also check how well an organisation can respond to security incidents and recover any lost or compromised data after an attack occurs.

Types of penetration testing

There are two main approaches to penetration testing, each designed to simulate different types of real-world attacks:

White-box penetration testing

In this type of testing:

• The tester has some knowledge of how the target system works
• They are given basic login credentials to access the system
• The testing usually focuses on checking specific vulnerabilities that have already been identified
• This approach is faster because the tester doesn't have to spend time figuring out how to get initial access

Think of this like having a dishonest employee who already has some access to company systems trying to cause damage or steal information.

Black-box penetration testing

In this approach:

• The tester has no knowledge of usernames, passwords, or normal ways to access the system
• They don't know how the system works internally
• The tester must use brute force techniques to find ways to break in and gain access
• This type of testing can be quite time-consuming since the tester starts with no inside information
• Because the tester doesn't know all the system's functions, some areas might not get checked and some vulnerabilities might be missed

This is like a complete stranger trying to hack into your organisation's systems from the outside, which is how most real cyber attacks happen.

Key differences between testing approaches

The main difference between white-box and black-box testing comes down to knowledge and access:

• White-box testing = Testing with insider knowledge (like a malicious employee)
• Black-box testing = Testing with no inside knowledge (like an external hacker)

White-box testing is typically faster and more thorough for checking known problems, while black-box testing gives a more realistic picture of how vulnerable you are to external threats.