# Network/System PenTest

## **Available Service**

* Search all opening ports and ensure it is operation required.
* Ensure all endpoints implemented authentication and authorization control
* Identify the opening ports service applied latest version & patches
* Outdated components or known vulnerability (CVE) found in the identified service

## **Certification Setting**

* Disable the use of SSL 3.0, TLS 1.0 and TLS 1.1. Instead, leverage a newer version of TLS such as TLS v1.2 and v1.3.
* Correctness of the certification information and signed party
* SSL Certificate strength, at least > 2048 bits
* Not use the weak ciphers

## **Sensitive Data Exposure**

* Any shared files or services that contain sensitive data 
* Correctness of the certification information