Penitration Testing (PT):
   It is the process of testing a computer system, network OR web application to find Vulnerabilities (weakness in the s/w) that an attacker could exploit is k.a., PT.
  
  It is also k.a., Pen Testing OR white-hat-attack. Bcoz a good guy is trying to hack the s/w.

Objectives of PT:
   It is to determine the security weakness.

Penitration Testing Stategies:
1. Target Testing (Lights-turned-on)
2. Internal Testing
3. External Testing
4. Blind testing
5. Double blind testing.

1. Target Testing (Lights-turned-on): In this approach the PT is done on the well known s/w. Here the PT personnel can take the help of IT team /admin/QA etc to perform the PT.

2. Internal Testing: Perform the PT on those s/w which are used OR exposed to internal employees. It is done to avoid the impact which can be done by the internal employees.

3. External Testing: Performing PT on those s/w which are exposed to external world.
ex: DNS (Domain Name Server), emails, firewalls etc

4. Blind testing: a limited or no information is provided to the PT personnel who conduct PT. This takes considerable amount of time for the PT personnels to identify the location, technology, resource etc. It simulates the actual real time scenarios.

5. Double blind testing: It takes the blind test and carries it to a step further. It simulates the actual real time scenarios.
