O'Reilly logo

CISSP Cert Guide, Third Edition by Robin Abernathy, Sari Greene, Troy McMillan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6Security Assessment and Testing

This chapter covers the following topics:

  • Design and Validate Assessment, Test, and Audit Strategies: Explains the use of assessment, test, and audit strategies, including internal, external, and third-party strategies.

  • Conduct Security Control Testing: Concepts discussed include the security control testing process, including vulnerability assessments, penetration testing, log reviews, synthetic transactions, code review and testing, misuse case testing, test coverage analysis, and interface testing.

  • Collect Security Process Data: Concepts discussed include NIST SP 800-137, account management, management review and approval, key performance and risk indicators, backup verification data, training and ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required