Select your testing viewpoint

In this video, Marc Menninger describes the different viewpoints assessors can take while conducting technical security assessments. Learn that this course will cover detailed overviews of four common testing viewpoints: internal, external, overt, and covert. Discover the different testing techniques that will govern the testing methodology.

- There are several different viewpoints…you can take when conducting technical security assessments.…The one you select will govern the testing methodology…you follow and which testing techniques you use.…The viewpoints we'll consider are external and internal,…and overt and covert.…External security testing is done outside…of your organization's network…and physical security perimeter.…Its purpose is to simulate…what an attacker outside of your organization,…whether it's from the internet…or simply outside of your building,…might be able to accomplish.…

From the external viewpoint…you'll be focusing on security vulnerabilities…which will allow you to penetrate…the perimeter defenses…and gain access to internal systems and data.…External security assessments generally follow three phases,…reconnaissance, enumeration and testing.…Reconnaissance techniques…include researching publicly available information…about a target, such as domain registry information,…to gather any relevant details…which may help conduct the tests,…

Resume Transcript Auto-Scroll

Author

Marc Menninger

Skill Level Intermediate

2h 43m

Duration

49,547

Views

Show More Show Less

Related Courses

Introduction
- Welcome
  2m 3s
- What are technical security assessments?
  1m 47s
- Who this course is for
  1m 15s
1. Overview of Technical Security Assessments
2. Technical Security Assessment Reviews
- Required skillsets
  2m 52s
- Conduct documentation reviews
  2m 8s
- Conduct log reviews
  3m 4s
- Conduct ruleset reviews
  2m 57s
- Conduct system configuration reviews
  3m 35s
- Conduct network sniffing
  1m 43s
- Network sniffing tool demo: Wireshark
  3m 21s
- Conduct file integrity checking
  4m 55s
- File integrity checking tool demo
  1m 18s
- Challenge: Pick the right reviews
  1m 6s
- Solution: Pick the right reviews
  3m 9s
3. Identify and Analyze Targets
- Required skillsets
  2m 49s
- Conduct network discovery
  4m 31s
- Network discovery tool demo
  3m 3s
- Challenge: Install and run Nmap
  1m
- Solution: Install and run Nmap
  2m 47s
- Identify network ports and services
  3m 6s
- Network ports and services discovery tool demo
  5m 11s
- Scan for vulnerabilities
  5m 20s
- Vulnerability scanning tool demo
  4m 21s
- Scan wireless networks
  5m 32s
4. Validate Target Vulnerabilities
- Required skillsets
  1m 43s
- Crack passwords
  3m 15s
- Challenge: Install and run a password cracker
  1m 26s
- Solution: Install and run a password cracker
  2m 46s
- Password cracking tool demo
  5m 19s
- Conduct penetration tests
  4m 7s
- Penetration testing tool demo
  3m 55s
- Conduct social engineering
  1m 29s
5. Planning Technical Security Assessments
- Develop a security assessment policy
  1m 43s
- Prioritize and schedule the assessments
  3m 21s
- Select and customize techniques
  3m 31s
- Select the assessors
  3m 1s
- Select the location
  3m 15s
- Select tools and resources
  3m 19s
- Develop the assessment plan
  2m 34s
- Challenge: Write a security assessment methodology
  2m 8s
- Solution: Write a security assessment methodology
  1m
- Legal considerations
  1m 22s
6. Executing the Technical Security Assessment
- Coordinate the assessment
  2m 18s
- Conduct the assessment
  1m 47s
- Conduct the analysis
  3m 38s
- Challenge: Categorize assessment findings
  1m 45s
- Solution: Categorize assessment findings
  2m 39s
- Data handling considerations
  2m 50s
7. Post-Testing Activities
- Recommend mitigation solutions
  1m 35s
- Challenge: Recommend mitigation solutions
  1m 6s
- Solution: Recommend mitigation solutions
  2m 1s
- Report the results
  2m 16s
- Implement remediation and mitigation
  3m 33s
Conclusion
- Next steps
  1m 32s

Show MoreShow Less

Take notes with your new membership!

Type in the entry box, then click Enter to save your note.

1:30Press on any video thumbnail to jump immediately to the timecode shown.

Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.

Start My Free Month

Skills covered in this course

Security IT

Lynda.com is now LinkedIn Learning!

To access Lynda.com courses again, please join LinkedIn Learning

Categories

3D + Animation Topics

3D + Animation Software

3D + Animation Learning Paths

Audio + Music Topics

Audio + Music Software

Audio + Music Learning Paths

Business Topics

Business Software

Business Learning Paths

Business Guides

CAD Topics

CAD Software

CAD Learning Paths

Design Topics

Design Software

Design Learning Paths

Developer Topics

Developer Software

Developer Learning Paths

Education + Elearning Topics

Education + Elearning Software

Education + Elearning Learning Paths

IT Topics

IT Software

IT Learning Paths

Marketing Topics

Marketing Software

Marketing Learning Paths

Photography Topics

Photography Software

Photography Learning Paths

Video Topics

Video Software

Video Learning Paths

Web Topics

Web Software

Web Learning Paths

Web Guides

Select your testing viewpoint

Author

Skill Level Intermediate

Duration

Views

Related Courses

Learning Kali Linux (2016)

IT Security Careers and Certifications: First Steps

Introduction

1. Overview of Technical Security Assessments

2. Technical Security Assessment Reviews

3. Identify and Analyze Targets

4. Validate Target Vulnerabilities

5. Planning Technical Security Assessments

6. Executing the Technical Security Assessment

7. Post-Testing Activities

Conclusion

Take notes with your new membership!

Skills covered in this course

Continue Assessment

Start My Free Month