As Information Security becomes more and more popular and important, organizations are purchasing penetration tests at an alarming rate with out being properly prepared for the type of testing they have purchased. The majority of penetration tests are easy wins because of a “low hanging fruit” issue that could have been easily remediated by even the most novice network admin. This talk will discuss those issues, how to prepare for a test, and how to be sure you are getting the correct type of test.