In this video, Marc Menninger describes how to select the right people to conduct technical security assessments. Learn the various technical skillsets an assessor must have. Discover why selecting the right assessor increases the chances a technical security assessment will be successful.
- So far, you've scheduled the assessment…and chosen the testing techniques.…So, what's next?…Well, now it's time to select the right people…to conduct the assessment.…I've covered the required technical skillsets for assessors…in each of the three chapters where I describe…the various testing techniques.…While each testing technique may require…a different set of skills, Technical Security Assessors,…in general, should have a strong understanding of IT,…including networking and security concepts,…operating systems, and firewalls.…
Good Security Assessors will also be current…with the latest security threats and technologies…to help protect against those threats.…The person leading the assessment should have experience…either working on or leading security audits.…They will also need the ability to communicate effectively…and resolve conflict.…Solid project management abilities…including organization and planning skills…are also imperative.…Security Assessors must understand…that they have important responsibilities…
- Cite the three phases of external security assessments.
- Explain the reasons for conducting a log review.
- Explain what network sniffing is and why it’s used.
- Describe when to use a file integrity checking tool.
- Differentiate between active network discovery and passive network discovery.
- Explain how to scan for vulnerabilities.
- Relate the three techniques useful for validating target vulnerabilities.
- Explain the four-stage methodology of conducting penetration tests.
Skill Level Intermediate
1. Overview of Technical Security Assessments
2. Technical Security Assessment Reviews
3. Identify and Analyze Targets
4. Validate Target Vulnerabilities
5. Planning Technical Security Assessments
6. Executing the Technical Security Assessment
7. Post-Testing Activities
Report the results2m 16s
Next steps1m 32s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.