A simulated hacker attack is called Penetration Testing, Ethical Hacking, or Security Audit. PenTest mimics the actions of an actual attacker exploiting security weaknesses of network or application without the usual dangers of a cyber attack. Pen Testing examines internal and external IT infrastructure and applications for security vulnerabilities that could be used to disrupt the confidentiality, integrity, and availability of the network, thereby allowing the organization to address each weakness.
For Internal Penetration Testing, risk analysis of the IT components behind the classic firewall infrastructure takes place. All components, including servers, workstations, network devices, VPN, and MPLS are subjected to a detailed analysis during this network penetration testing. During external penetration testing, security vulnerabilities with Public IPs, Firewalls, and DMZ are identified that could be exploited by hackers. External risk analysis usually begins with a detailed reconnaissance phase to understand the security measures in place.