A penetration test is a simulated cyber attack against a computer system to check for exploitable vulnerabilities. This involves an authorized attempt to breach the security controls and can reveal how effectively the network can defend against real attacks, hence it is the best approach to comprehensively evaluate the security posture. A vulnerability scan, while useful, only identifies known vulnerabilities and does not perform exploitation. Security risk assessments and intrusion detection systems are part of an ongoing security strategy but do not provide an active assessment of security controls in the manner that a penetration test does.