Comment on page

Network/System PenTest

Available Service

  • Search all opening ports and ensure it is operation required.
  • Ensure all endpoints implemented authentication and authorization control
  • Identify the opening ports service applied latest version & patches
  • Outdated components or known vulnerability (CVE) found in the identified service

Certification Setting

  • Disable the use of SSL 3.0, TLS 1.0 and TLS 1.1. Instead, leverage a newer version of TLS such as TLS v1.2 and v1.3.
  • Correctness of the certification information and signed party
  • SSL Certificate strength, at least > 2048 bits
  • Not use the weak ciphers

Sensitive Data Exposure

  • Any shared files or services that contain sensitive data
  • Correctness of the certification information