From the course: Performing a Technical Security Audit and Assessment
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Select and customize techniques
From the course: Performing a Technical Security Audit and Assessment
Select and customize techniques
- An important part of planning technical security assessments is selecting and customizing which testing techniques will be used. Criteria to determine which techniques should be used include: assessment objectives, testing viewpoint, resource availability and testing technique risks. The objectives of the assessment will likely have the most influence on which techniques are used. For instance, testing systems for exploitable vulnerabilities would require all the testing techniques necessary for a PCI compliance audit. Remember, security assessments can be conducted from various viewpoints. For instance, social engineering is a more appropriate technique for a covert assessment and log reviews are more often part of overt tests. Resources such as time, money, and staff with the right skills should also be considered when selecting testing techniques. If funding and time are less available, then it makes more sense to use vulnerability scans versus penetration tests since pen tests…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
-
(Locked)
Develop a security assessment policy1m 43s
-
(Locked)
Prioritize and schedule the assessments3m 21s
-
(Locked)
Select and customize techniques3m 31s
-
(Locked)
Select the assessors3m 1s
-
(Locked)
Select the location3m 15s
-
(Locked)
Select tools and resources3m 19s
-
(Locked)
Develop the assessment plan2m 34s
-
(Locked)
Challenge: Write a security assessment methodology2m 8s
-
(Locked)
Solution: Write a security assessment methodology1m
-
(Locked)
Legal considerations1m 22s
-
(Locked)
-
-
-