Chapter 8

Security Assessment and Testing

IN THIS CHAPTER

Designing and validating assessment, test, and audit strategies

Conducting security control testing

Collecting security process data

Analyzing test output and generating reports

Conducting or facilitating security audits

In this chapter, you learn about the various tools and techniques that security professionals use to continually assess and validate an organization’s IT environment. This domain represents 12 percent of the CISSP certification exam and is composed of the following exam objectives:

6.1 Design and validate assessment, test, and audit strategies
6.2 Conduct security control testing
6.3 Collect security process data
6.4 Analyze test output and generate report
6.5 Conduct or facilitate security audits

Design and Validate Assessment, Test, and Audit Strategies

Modern security threats are rapidly and constantly evolving. Likewise, an organization’s systems, applications, networks, services, and users are frequently ...

Get CISSP For Dummies, 8th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CISSP For Dummies, 8th Edition by Lawrence C. Miller, Peter H. Gregory

Security Assessment and Testing

Design and Validate Assessment, Test, and Audit Strategies

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly