A: An "external" penetration test will examine the various resources available from anyone outside the security perimeter (i.e., the firewall). This testing could include the web/email servers, dial-in, wireless and VPN access. The "internal" penetration test will examine resources available to anyone inside the security perimeter. This could include employees, contractors, temporary employees, partners and attackers who manage to break through the external security perimeter.