After all this has been documented, We have to perform security tests on the servers. Anyone have any suggestions on what areas of security to test and how?