Technical Guide to Information Security Testing and Assessment
Author | : Karen Scarfone |
Publisher | : DIANE Publishing |
Total Pages | : 80 |
Release | : 2009-05 |
ISBN-10 | : 9781437913484 |
ISBN-13 | : 1437913482 |
Rating | : 4/5 (84 Downloads) |
Book excerpt: An info. security assessment (ISA) is the process of determining how effectively an entity being assessed (e.g., host, system, network, procedure, person) meets specific security objectives. This is a guide to the basic tech. aspects of conducting ISA. It presents tech. testing and examination methods and techniques that an org. might use as part of an ISA, and offers insights to assessors on their execution and the potential impact they may have on systems and networks. For an ISA to be successful, elements beyond the execution of testing and examination must support the tech. process. Suggestions for these activities ¿ including a robust planning process, root cause analysis, and tailored reporting ¿ are also presented in this guide. Illus.