Scoping the Project

Scoping the project is the real beginning of the vulnerability assessment. In this phase, a formal document will be developed that will define the activities you and your team will undertake. It will also outline what type of schedule this project will be on and the amount of support that will be needed.

The scoping document will also outline the infrastructure perimeterthat is, what portion of the network will be examined and what portions will be off-limits. This document will act as the road map of planned activities and as such will include evaluation activities, time schedules, and resources available to the team. This document should be approved by a high-level security officer and should contain a nondisclosure clause and a legal clause to protect the team.

Introduction to Assessing Network Vulnerabilities

Foundations and Principles of Security

Why Risk Assessment

Risk-Assessment Methodologies

Scoping the Project

Understanding the Attacker

Performing the Assessment

Tools Used for Assessments and Evaluations

Preparing the Final Report

Post-Assessment Activities

Appendix A. Security Assessment Resources

Appendix B. Security Assessment Forms

Appendix C. Security Assessment Sample Report

Appendix D. Dealing with Consultants and Outside Vendors

Appendix E. SIRT Team Report Format Template



Inside Network Security Assessment. Guarding your IT Infrastructure
Inside Network Security Assessment: Guarding Your IT Infrastructure
ISBN: 0672328097
EAN: 2147483647
Year: 2003
Pages: 138

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net