K1.17 The process of penetration testing within digital infrastructure:
• the phases of penetration testing:
o planning and reconnaissance (for example, scope, goals, gather intelligence)
o scanning (for example, static and dynamic analysis)
o gaining access (for example, back door, SQL injection)
o maintaining access (for example, vulnerability used to gain in-depth access)
o analysis and WAF configuration (for example, results collated into report, analysed and used to
configure WAF settings)
Links to Learning Outcomes |
Links to Assessment criteria |
|
|---|---|---|