diff --git a/content/notes/13-pen-testing-2.md b/content/notes/13-pen-testing-2.md
index 128e3ef28..3a6fc07b7 100644
--- a/content/notes/13-pen-testing-2.md
+++ b/content/notes/13-pen-testing-2.md
@@ -7,3 +7,20 @@ tags:
 ---
 
 
+## Auditing
+a thorough prces of investiagtina nd analaysing aa system for vilnerabilities 
+- e.g., pen testing
+- 
+can also refer to logging (esp. in a databse context)
+
+## Firewalls
+protect aginst network intrusions
+- built in or third party
+	- built in - integration quality of control. ofen light convenince features maybe no GUI
+- black/whitelist
+- mandatory access control on routers
+	- mandatory access control
+		- e.g., block a netork port
+		- block icmp p
+- application level filtering for desktop systems
+- provide altering and logging (avoid crying wolf)
\ No newline at end of file