You want to check the robustness of your internal infrastructure, those of your entities, to target your domain controllers and the associated trust relationships, the correct implementation of network access controls or to check the correct deployment of server and equipment updates and patchs?