Chapter 9. Security Assessments
This chapter covers the following topics:
Methods: This section covers the types of procedures used during an assessment, including malware sandboxing, memory dumping, runtime debugging, reconnaissance, fingerprinting, code review, social engineering, pivoting, and open source intelligence.
This chapter covers CAS-003 objective 3.1.
Before it can secure a network, an organization must determine where security weaknesses exist. The only way to do this is to make an honest assessment of the current state of the network. Considering the multitude of types of weaknesses ...