In this video, Marc Menninger describes the location where the technical security assessors should operate. Discover the various assessment locations based on the testing techniques selected. Learn why the testing location is an important factor to consider during test planning.
- Now that you have the assessors,…it's time to think about a location.…The location where the assessors operate…should also be part of the assessment planning.…Assessment locations can vary…based on the testing technique selected.…For instance, internal wireless network scanning…requires a testing location such as a desk or cubicle…within the organization, whereas external network scans…and penetration tests can be conducted…from locations outside of the organization.…
Internal network tests may need to be conducted…from particular points in the network.…Many networks are segmented to only allow limited traffic…to flow through certain parts of the network.…This may help network security, but it can create challenges…for technical security assessors who want to analyze…as much traffic as possible for potential security problems.…Assessors may need to conduct their tests…in parts of the network where either the users…or target systems reside,…depending on the objectives of the assessment.…
They may also want to arrange for SPAN ports…
- Cite the three phases of external security assessments.
- Explain the reasons for conducting a log review.
- Explain what network sniffing is and why it’s used.
- Describe when to use a file integrity checking tool.
- Differentiate between active network discovery and passive network discovery.
- Explain how to scan for vulnerabilities.
- Relate the three techniques useful for validating target vulnerabilities.
- Explain the four-stage methodology of conducting penetration tests.
Skill Level Intermediate
1. Overview of Technical Security Assessments
2. Technical Security Assessment Reviews
3. Identify and Analyze Targets
4. Validate Target Vulnerabilities
5. Planning Technical Security Assessments
6. Executing the Technical Security Assessment
7. Post-Testing Activities
Report the results2m 16s
Next steps1m 32s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.