In this video, Marc Menninger describes the different viewpoints assessors can take while conducting technical security assessments. Learn that this course will cover detailed overviews of four common testing viewpoints: internal, external, overt, and covert. Discover the different testing techniques that will govern the testing methodology.
- There are several different viewpoints…you can take when conducting technical security assessments.…The one you select will govern the testing methodology…you follow and which testing techniques you use.…The viewpoints we'll consider are external and internal,…and overt and covert.…External security testing is done outside…of your organization's network…and physical security perimeter.…Its purpose is to simulate…what an attacker outside of your organization,…whether it's from the internet…or simply outside of your building,…might be able to accomplish.…
From the external viewpoint…you'll be focusing on security vulnerabilities…which will allow you to penetrate…the perimeter defenses…and gain access to internal systems and data.…External security assessments generally follow three phases,…reconnaissance, enumeration and testing.…Reconnaissance techniques…include researching publicly available information…about a target, such as domain registry information,…to gather any relevant details…which may help conduct the tests,…
- Cite the three phases of external security assessments.
- Explain the reasons for conducting a log review.
- Explain what network sniffing is and why it’s used.
- Describe when to use a file integrity checking tool.
- Differentiate between active network discovery and passive network discovery.
- Explain how to scan for vulnerabilities.
- Relate the three techniques useful for validating target vulnerabilities.
- Explain the four-stage methodology of conducting penetration tests.
Skill Level Intermediate
1. Overview of Technical Security Assessments
2. Technical Security Assessment Reviews
3. Identify and Analyze Targets
4. Validate Target Vulnerabilities
5. Planning Technical Security Assessments
6. Executing the Technical Security Assessment
7. Post-Testing Activities
Report the results2m 16s
Next steps1m 32s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.