Discuss the four activities on which the penetration testing methods are based.

What will be an ideal response?

Testing methods are based around four activities. The first of these is discovery, which is where the target is identified and documented. This is followed by enumeration, where the tester attempts to gain more knowledge about the target through various kinds of intrusions. Once the knowledge is obtained, vulnerability mapping takes place. This is where the tester maps what is known about the test environment to recognized vulnerabilities. Finally, once the vulnerabilities have been mapped into the target environment, the tester attempts to gain access. The results of the exploits that are run can help an organization identify vulnerabilities, gaps, intrusion response capability, monitoring and logging capability, and reporting.