1、 Disclaimer The Hong Kong Computer Emergency Response Team Coordination Centre(HKCERT)of the Hong Kong Productivity Council(HKPC)reserves the right to amend the document from time to time without prior notice.While every attempt has been made to ensure that the information contained in this document

2、 is obtained from reliable sources,HKCERT is not responsible for any errors or omissions,or for the results obtained from the use of this information.All information in this document is provided“as is”,with no guarantee of completeness,accuracy,timeliness or of the results obtained from the use of t

3、his information,and without warranty of any kind,express or implied,including,but not limited to warranties of performance,merchantability and fitness for a particular purpose.The information contained in this document is intended to provide general information and for reference only.Reliance or use

4、 of this information shall be at the readers own risk.Nothing herein shall to any extent substitute for the independent investigations and the sound technical and business judgment of the reader.In no event will HKCERT,HKPC or its partners,employees or agents,be liable to you or anyone else for any

5、decision made or action taken in reliance on the information in this document,or for any consequential,special or similar damages,even if advised of the possibility of such damages.License The content of this document is provided under Creative Commons Attribution 4.0 International Licence.You may s

6、hare and adopt the content for any purpose,provided that you attribute the work to HKCERT.https:/creativecommons.org/licenses/by/4.0 Table of Contents 1 Introduction.2 2 Security Test Methodologies and Findings Summary.3 2.1 Security Test Methodologies.3 2.2 Findings Summary.4 3 Security Test Risk R