I have applied for the Security/Privacy programme but do have some knowledge in regard to penetration testing (i.e. ethical hacking).
Basically, the integrity of a client’s network/website/defence line (IDS/firewalls etc) need to be tested to withstand considerable pressure. This means, using tools and programs to try and gain unauthorised access over a network or by firing off enough requests to potentially cause a DOS attack so that the website in this case stops functioning altogether because its “frozen.”
That’s where ethical hacking come in to advise and help in regard to technical settings or better h/ware, s/ware to further protect clients from perpretrators.
Hope this helps.