Test the external endpoint Verify that you can access the applications that are allowed from the external endpoint. Perform a "negative" test to verify that forms and other items that should not be accessible are prohibited.