Conclusions

This is it; this section is where you should clearly state your conclusions. Although this is certainly the place to list what's wrong and what needs to be fixed, you'll also want to discuss what works and what is being done right. What are your findings and what is the organization's overall level of security? You will be making the conclusions; however, it will be up to those responsible for the systems to determine what to implement. Because money is always an issue, you should recommend several options. If the best solution isn't feasible because of the budget, the organization can implement other stop-gap solutions to improve the situation from its current state.

Tip

If necessary, include an appendix that lists the tests that were performed and their results. If it's a large amount of detailed data, you may want only to reference it here and supply those details by including a CD with the original data files.


Introduction to Assessing Network Vulnerabilities

Foundations and Principles of Security

Why Risk Assessment

Risk-Assessment Methodologies

Scoping the Project

Understanding the Attacker

Performing the Assessment

Tools Used for Assessments and Evaluations

Preparing the Final Report

Post-Assessment Activities

Appendix A. Security Assessment Resources

Appendix B. Security Assessment Forms

Appendix C. Security Assessment Sample Report

Appendix D. Dealing with Consultants and Outside Vendors

Appendix E. SIRT Team Report Format Template



Inside Network Security Assessment. Guarding your IT Infrastructure
Inside Network Security Assessment: Guarding Your IT Infrastructure
ISBN: 0672328097
EAN: 2147483647
Year: 2003
Pages: 138

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net