The Common Open Policy Service (COPS) Protocol is defined by the IETF's RFC 2748. COPS specifies a simple client/server model for supporting policy control over Quality of Service (QoS) signaling protocols (e.g. RSVP). The server side acts as Policy Decision Points (PDP), storing the policies. The client, also known as Policy Enforcement Points (PEP), enforces the policies when external event happened. There are two models of COPS: The Outsourcing Model and the Provisioning Model, considered from the view of the client or PEP. The Outsourcing Model is the simplest COPS implementation. In this model, all policies are stored at the PDP. Whenever the PEP needs to make a decision, it sends all relevant information to the PDP. The PDP analyzes the information, makes the decision, and relays it to the PEP. The PEP then simply enforces the decision. In the Provisioning Model, see RFC 3084 COPS Usage for Policy Provisioning (COPS-PR), the PEP reports its decision-making capabilities to the PDP. The PDP then downloads relevant policies on to the PEP. The PEP can then make its own decisions based on these policies. The Provisioning Model uses the Policy Information Base as a repository of the policies. The COPS Server Test Suite has been designed to act as a malicious PEP which sends exceptional requests in COPS protocol layers to the tested entity.