The crew over at Offensive Security has taken the time to produce and publish a 17 minute technical video describing a summarized version of an actual penetration test. While several mistakes were clearly made by the target network, none of the errors were unheard of, even in well-managed corporate environments.
This is probably one of the best examples of penetration testing that I have seen in quite a while. The story is told by "muts" from Offensive Security, which is a training and consultancy company that I highly respect.
Offensive Security's training offerings are high quality for a low price, and definitely something that I highly recommend to look into (Disclaimer: I hold the Offensive Security Certified Professional Certification).
While the course content may not be 100% state-of-the-art, the attacks and exploits in it are still highly applicable in many organizations. Furthermore, the way-of-thinking that is introduced by this class is unparalleled.
After viewing the video, I think you'll have a whole new perspective on these things.