Chapter 9. Security Assessments
This chapter covers the following topics:
Methods: This section covers the types of procedures used during an assessment, including malware sandboxing, memory dumping, runtime debugging, reconnaissance, fingerprinting, code review, social engineering, pivoting, and open source intelligence.
Types: This section describes penetration testing, vulnerability assessment, self-assessment, internal and external audits, and color team exercises.
This chapter covers CAS-003 objective 3.1.
Before it can secure a network, an organization must determine where security weaknesses exist. The only way to do this is to make an honest assessment of the current state of the network. Considering the multitude of types of weaknesses ...
Get CompTIA Advanced Security Practitioner (CASP) CAS-003 Cert Guide, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
