{"id":336,"date":"2025-04-29T03:52:33","date_gmt":"2025-04-29T03:52:33","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/brittneydavis\/?p=336"},"modified":"2025-04-29T03:52:33","modified_gmt":"2025-04-29T03:52:33","slug":"career-paper","status":"publish","type":"post","link":"https:\/\/sites.wp.odu.edu\/brittneydavis\/2025\/04\/29\/career-paper\/","title":{"rendered":"Career Paper"},"content":{"rendered":"Brittney Davis<br \/>CYSE 201S<br \/>Professor Trinity Woodbury<br \/>April 26, 2025<br \/><br \/>Career Paper<br \/><br \/>Penetration Tester<br \/><br \/>A Penetration Tester, or \u201cethical hackers,\u201d as they are more commonly known, is an IT<br \/>professional who a company or organization hires to assess the security of its computer systems<br \/>and networks by simulating cyberattacks. In cybersecurity, penetration testers are pivotal because<br \/>they can find vulnerabilities in a company or organization\u2019s systems before cybercriminals can<br \/>exploit them. This paper will examine the correlation between Penetration testers (Ethical Hackers)<br \/>and the social sciences of cybersecurity and marginalized groups.<br \/>Penetration Testing and Why It\u2019s Important<br \/>Penetration testing is important because it simulates an attack on your networks, systems,<br \/>or applications to identify weaknesses in your security. Penetration testers are important to the<br \/>cybersecurity field because they use the same techniques, processes, and skills that cybercriminals<br \/>may use to find flaws within your systems. The only difference is that they employ these tactics to<br \/>help improve an organization&#8217;s security, whereas cybercriminals will exploit these weaknesses for<br \/>their benefit. Some methods for penetration testing are:<br \/>\u2022 Black box testing- gives the hacker little to no information about your systems<br \/>\u2022 White box testing \u2013 provides testers with security details<br \/>\u2022 Gray box testing- provides pen testers with partial security knowledge<br \/>\u2022 Red team\/Blue team- this method allows hackers and security staff to work in tandem when<br \/>trying to find vulnerabilities within an organization\u2019s security<br \/>\u2022 Covert pen testing- does not warn staff when a test will occur.<br \/>While there are many other methods that a pen tester can employ, the ones listed above are the<br \/>most commonly used. These methods are important because they allow for different methods to<br \/>gather information and test an organization&#8217;s security. The pen tester can then form a report that<br \/>they can present to help the organization improve its security.<br \/><br \/>Penetration Testing Correlation to the Social Sciences<br \/><br \/>Regarding penetration testing and its correlation to the social sciences, I believe that this<br \/>career path relates to the social sciences of Psychology and human behavior, Ethics and law, and<br \/>Communication skills. As discussed in class, human behavior and psychology also play a role in<br \/>cybersecurity. Since humans are the cause of most of the incidents that cause the failure of a<br \/>company\u2019s security, pen testers use social engineering to conduct their tests. Some social<br \/>engineering attacks they use are phishing attacks, USB drops, and impersonation. As stated in the<br \/>article Social Engineering Penetration Testing: Attacks, Methods, &amp; Steps, \u201cthe goals of these tests<br \/>are to identify weaknesses in a person, group of people, or processes and identify vulnerabilities<br \/>with a clear path to remediation \u201c (Firch, 2024). Using these social engineering tactics, pen testers<br \/>can weed out the most vulnerable employees, allowing the company that hired them to provide<br \/>additional training to their employees. Another way the social sciences apply to Penetration testing<br \/>is through Ethics. As discussed in class, cybersecurity is continuing to advance every day. With<br \/>that advancement, the ethical conduct and laws that govern cyberspace have to continue to improve<br \/>and update as well. This means that professionals who choose to become pen testers must<br \/>understand and comply with their position&#8217;s legal and ethical responsibilities, when developing<br \/>and employing exploits that could possibly compromise a company\u2019s security, pen testers&#8217; ethics<br \/>and compliance with the law comes into play because they actively make the choice not to use the<br \/>information for their personal benefit. Lastly, communication skills are important for pen testers<br \/>to have. Being able to effectively communicate with their team and the employers who hire them,<br \/>pen testers can ensure that they present their reports in a way everyone understands, regardless of<br \/>their technical literacy. Since pen testers also communicate with industry professionals and the<br \/>general public, they have to be able to tailor their information so that everyone can understand the<br \/>concerns and solutions they are addressing. While other aspects of the social sciences apply to the<br \/>position of a penetration tester, the few listed above are the ones that I believe play a significant<br \/>role in a pen tester&#8217;s ability to perform their job effectively.<br \/><br \/>Marginalized Groups<br \/><br \/>Penetration testers are critical to ensuring the safety of everyone&#8217;s information, including<br \/>marginalized groups. Unfortunately, marginalized groups may prove to be more vulnerable to<br \/>specific attacks since they don\u2019t have access to the resources that others may have. These are some<br \/>of the concerns that pen testers will need to consider when performing their assessments and giving<br \/>their reports. If they are unable or refuse to address the vulnerabilities that marginalized groups<br \/>face, then they will not be able to perform their job to the best of their abilities and will get incorrect<br \/>results. By acknowledging the different vulnerabilities that everyone may face, pen testers can<br \/>develop inclusive and accurate processes that will benefit everyone.<br \/><br \/>Conclusion<br \/><br \/>In conclusion, the social sciences are very important for the Penetration tester position. The<br \/>social sciences are fundamental principles for a penetration tester that can be used as a guide to<br \/>perform their job effectively. As technology advances, penetration testers must acknowledge that<br \/>human error is a major factor in a company\u2019s cybersecurity failure and apply this knowledge to<br \/>redevelop their exploits and resolutions, which can help develop more secure systems, networks,<br \/>and processes that everyone can use to navigate cyberspace safely.<br \/><br \/>References<br \/><br \/>Firch, J. (2024, February 28). Social Engineering Penetration Testing: Attacks, Methods, &amp; Steps.<br \/>Purplesec. Retrieved April 27, 2025, from https:\/\/purplesec.us\/learn\/social-engineering-<br \/>penetration-testing\/<br \/>Mukherjee, A. (2023, June 6). Understanding Social Engineering Penetration Testing. Threat<br \/>Intelligence. Retrieved April 27, 2025, from https:\/\/www.threatintelligence.com\/blog\/social-<br \/>engineering-penetration-testing<br \/>(n.d.). Penetration Testing: Why It\u2019s Important + Common Types. Drata. Retrieved April 27, 2025,<br \/>from https:\/\/drata.com\/grc-central\/risk\/penetration-testing<br \/>Hatfield, J. (n.d.). Virtuous human hacking: The ethics of social engineering in penetration-testing.<br \/>ScienceDirect. Retrieved April 27, 2025, from<br \/>https:\/\/www.sciencedirect.com\/science\/article\/abs\/pii\/S016740481831174X<br \/>","protected":false},"excerpt":{"rendered":"<p>Brittney DavisCYSE 201SProfessor Trinity WoodburyApril 26, 2025 Career Paper Penetration Tester A Penetration Tester, or \u201cethical hackers,\u201d as they are more commonly known, is an ITprofessional who a company or organization hires to assess the security of its computer systemsand networks by simulating cyberattacks. In cybersecurity, penetration testers are pivotal becausethey can find vulnerabilities in&#8230; <\/p>\n<div class=\"link-more\"><a href=\"https:\/\/sites.wp.odu.edu\/brittneydavis\/2025\/04\/29\/career-paper\/\">Read More<\/a><\/div>\n","protected":false},"author":30351,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","wds_primary_category":0},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/brittneydavis\/wp-json\/wp\/v2\/posts\/336"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/brittneydavis\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/brittneydavis\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/brittneydavis\/wp-json\/wp\/v2\/users\/30351"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/brittneydavis\/wp-json\/wp\/v2\/comments?post=336"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/brittneydavis\/wp-json\/wp\/v2\/posts\/336\/revisions"}],"predecessor-version":[{"id":337,"href":"https:\/\/sites.wp.odu.edu\/brittneydavis\/wp-json\/wp\/v2\/posts\/336\/revisions\/337"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/brittneydavis\/wp-json\/wp\/v2\/media?parent=336"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/brittneydavis\/wp-json\/wp\/v2\/categories?post=336"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/brittneydavis\/wp-json\/wp\/v2\/tags?post=336"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}