In this video, Marc Menninger describes how to report the results after the technical security assessment has been conducted. Learn why the final report is the key deliverable from the technical security assessment.
- After the technical security assessment has been conducted…and the results have been analyzed,…the assessor needs to write the final report.…This is the key deliverable from all the efforts…spent planning, testing, and making recommendations.…Without the final report, there would be no lasting evidence…of the assessment outcome.…Even worse, there will be no written direction…for the organization to follow.…In some ways, the final report will reflect…the assessment plan that was written before any testing.…
The final report will describe why…and how the testing was done.…In addition, it will collect the system, network,…and organizational vulnerabilities,…as well as remediation recommendations.…Many final reports will have an executive summary…at the beginning,…giving a high level overview of the purpose…of the assessment and overall findings.…This summary is useful, not only to busy executives,…who don't have time to go through all the details,…it also can serve as proof that the assessment was conducted…to auditors and clients.…
Author
Updated
9/11/2020Released
5/8/2017- Cite the three phases of external security assessments.
- Explain the reasons for conducting a log review.
- Explain what network sniffing is and why it’s used.
- Describe when to use a file integrity checking tool.
- Differentiate between active network discovery and passive network discovery.
- Explain how to scan for vulnerabilities.
- Relate the three techniques useful for validating target vulnerabilities.
- Explain the four-stage methodology of conducting penetration tests.
Skill Level Intermediate
Duration
Views
Related Courses
-
Learning Kali Linux (2016)
with Malcolm Shore2h 31m Beginner
-
Introduction
-
Welcome2m 3s
-
Who this course is for1m 15s
-
-
1. Overview of Technical Security Assessments
-
2. Technical Security Assessment Reviews
-
Required skillsets2m 52s
-
Conduct log reviews3m 4s
-
Conduct ruleset reviews2m 57s
-
Conduct network sniffing1m 43s
-
-
3. Identify and Analyze Targets
-
Required skillsets2m 49s
-
Conduct network discovery4m 31s
-
Scan for vulnerabilities5m 20s
-
Scan wireless networks5m 32s
-
-
4. Validate Target Vulnerabilities
-
Required skillsets1m 43s
-
Crack passwords3m 15s
-
Password cracking tool demo5m 19s
-
Conduct social engineering1m 29s
-
-
5. Planning Technical Security Assessments
-
Select the assessors3m 1s
-
Select the location3m 15s
-
Select tools and resources3m 19s
-
Develop the assessment plan2m 34s
-
Legal considerations1m 22s
-
6. Executing the Technical Security Assessment
-
Coordinate the assessment2m 18s
-
Conduct the assessment1m 47s
-
Conduct the analysis3m 38s
-
Data handling considerations2m 50s
-
-
7. Post-Testing Activities
-
Report the results2m 16s
-
Conclusion
-
Next steps1m 32s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Report the results