Penetration testing is an intrusive test that simulates an actual cyber attack that aims at discovering exploitable vulnerabilities. It confirms the existence and exploitability of a vulnerability. Penetration testing helps an organization determine the extent of damage that a cyber attack could cause when a vulnerability is exploited. Most organizations have security policies on paper, however, a pen test will prove the efficacy of such policies in terms of being able to respond to security incidences and can also measure the level of adherence by end-users.