In week 1, i learned more about methodology, such as penetration tester who attempt to break into a company’s network to find its weakest link, then reports findings. But then there’s also security tester which is similar with penetration tester, but in addition, they also includes analyzing company’s security policy and procedures. They also offer solutions to secure or protect the network.

I also found new methodology such as crackers, since back then all i know about is only hackers. Where hackers try to access computer system or network without authorization, on the other hand crackers aside from just trying to access computer system or network without authorization, they steal or destroy data too.

I also learned that new inexperienced hackers have their own nickname which is script kiddies, which basically means that they are inexperienced hackers that copy codes and techniques from knowledgeable hackers. This is dangerous since they don’t actually know what the code might do to the target, which is dangerous for them and their target.

Another methodology that is used in a company’s network security team is blue team and red team, they have different roles which red team try to do pentest to the system, it may be without the knowledge of IT staff, and blue team try to defend the system from red team and usually have knowledge of internal system, they may perform a pentest by trying to think about how surprise attacks might occur.

Furthermore i learned that there are 3 model of penetration testing methodology, the White Box model which tester is told everything about the network topology and technology, they are also authorized to interview IT personnel and company employees. Then the Black Box model where company staff does not know about the test and the tester is not given details about the network. This model can be used to test whether the security network are able to detect attacks. Lastly the Gray Box model which tester will be given partial information of the company’s network, so it’s combination of Black and White Box Model.