What other approaches could be applied for vulnerability checks?
- Other approaches could include Social engineering (per phone and on-site).
- And trying to reveal poorly chosen shared secrets and passwords using brute force attacks.
- How are data and servers protected fysically ?
- Are the log files monitored, secured and set up correctly ?
- Does the company have any recovery plans and have they tested their data backups.
- We can also attempt to perform a 'Man-in-the-middle', flooding and Wi-Fi attacks.
- Is paper maculated before leaving the building ?
- How much information can be gathered by legally queyring public databases and telnet company servers ?
- Does the IT department detect if a packet sniffer is installed ?