Ok to start at this list of questions here are my answers to them:

Since I'm being tested!

1. you think some company wants you to DOS them??
Companies obviously do not want you to give them a DOS attack and cause a business outage, but to check that there machines are protected from DOS attacks and that they can handle significant hits at the perimeter of their network by crafting different types of packets i.e. there routers and network devices.

2. How would you check the firewall rules?
I would check to make sure first off that everything was blocked ingress/egress filtered implicitly and only what needed to be allowed for the business would be opened.

3. What would you use for vuln scanning?
For vulnerability scanning, I would use retina initially then use Nessus to double verify the vulnerabilities that were found in the initial scan.

4. A Pentest is a lot more than just firing nessus and giving them the results...
Well of course a pentest is to give a company an overall idea of their security posture, what is vulnerable to attack internally and externally, what can be compromised, and how much of a business risk it is.

5. enumeration of what???
Network and Host enumeration to find out as much of a device as possible to be able to determine what type of attack it is vulnerable to.

6. and how do you get to that point...
not sure what you are talking about?

7. Code Checking for Flaws..
SQL injects, directory transversals, unicode attacks and etc. I could also verify the coding of the website itself and make sure it is not vulnerable to any security implications by the means of error handling, data validation & session management.

8. What languages are you fluent in?
Not a programmer, most of my experience is with networking/security and administration i.e. unix/linux, nortel/cisco, windows boxes.


9. War Dialing...
When I worked at Citigroup I did a lot of war dialing using phone sweep, trying to pick up on modems attached to the system.

10. Social Engineering... How do you plan to go about your social engineering.. what are your tactics???
If I was doing social engineering to test a company first thing I would do as an outsider would be to snoop around online and try to find out an names of managers or workers any means i.e websites, jobsites, company website, then I would find out the company exchange numbers. After doing so I would call a few employees and tell them that I was a new employee in the IT department and I wanted to check and test out their email accounts. So then I would ask them for their email address so I can check it and then in the email back to me ask them for information, thus finding out more info from what they give and from the mail headers after they send me the email. From there I can go onto more from the information that, that person gave and maybe do a dossier lookup on the url for the IT dept. and get some more phone #s and personell info. And the list is endless to how to trick employees to give confidential information.