What are some of the differences between vulnerability scanning and penetration testing? What are some of the tools that can be leveraged to perform each and their methods?
Please I need to answer this question. The book's name is: "Network Security, Firewalls, and VPNS, 2e". Thank you.
Question:
What are some of the differences between vulnerability scanning and penetration testing? What are some of the tools that can be leveraged to perform each and their methods?
Differences between vulnerability scanning and penetration testing
Vulnerability scanning identifies the known vulnerabilities that exist in the system or devices connected over the network and lists the potential exposures in a report whereas penetration testing has been intended to exploit weaknesses found in the IT network architecture and also find the degree to which a hacker can have unauthorized access to organization's assets or sensitive data.
It uses automated tools (or off the shelf software tools) that scans for known vulnerabilities with the purpose of finding as many security pitfalls while penetration testing is a more detailed assessment conducted by a professional, known as a white-hat hacker, with the purpose of exploiting weaknesses.
Unlike vulnerability scanning, vulnerabilities in penetration testing are exploited to expose the full impact of individual concern.
A vulnerability scanning can include false positive which means identifying a non-real threat whereas penetration testing enables the expert to remove false positives and make an easy understanding of the real risks corresponding to each vulnerability.
Vulnerability scanning has a much wider scope as compared to penetration testing due to automated assessment. The scope includes several components such as network devices, printers, desktop, servers, laptops, and firewalls.
Vulnerability scanning is performed regularly like a weekly or monthly basis whereas penetration testing conducted two or three times a year.
Step by step
Solved in 2 steps