In this video, Marc Menninger describes how to select and customize techniques while planning technical security assessments. Discover which techniques should be applied to different testing scenarios.
- An important part of…planning technical security assessments is…selecting and customizing which…testing techniques will be used.…Criteria to determine which…techniques should be used include:…assessment objectives, testing viewpoint,…resource availability and testing technique risks.…The objectives of the assessment will…likely have the most influence on…which techniques are used.…For instance, testing systems for…exploitable vulnerabilities would require…all the testing techniques necessary for…a PCI compliance audit.…
Remember, security assessments can be…conducted from various viewpoints.…For instance, social engineering is a…more appropriate technique for a covert assessment and…log reviews are more often part of overt tests.…Resources such as time, money, and…staff with the right skills should also be…considered when selecting testing techniques.…If funding and time are less available,…then it makes more sense to use vulnerability scans…versus penetration tests since…pen tests take longer and are more expensive.…
- Cite the three phases of external security assessments.
- Explain the reasons for conducting a log review.
- Explain what network sniffing is and why it’s used.
- Describe when to use a file integrity checking tool.
- Differentiate between active network discovery and passive network discovery.
- Explain how to scan for vulnerabilities.
- Relate the three techniques useful for validating target vulnerabilities.
- Explain the four-stage methodology of conducting penetration tests.
Skill Level Intermediate
1. Overview of Technical Security Assessments
2. Technical Security Assessment Reviews
3. Identify and Analyze Targets
4. Validate Target Vulnerabilities
5. Planning Technical Security Assessments
6. Executing the Technical Security Assessment
7. Post-Testing Activities
Report the results2m 16s
Next steps1m 32s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.