Reporting and Regimen
To most management, the most important part of penetration testing deals specifically with how the results are condensed into plans to rectify security holes. Concise technical detail is imperative here because it helps you explain specific problems and possible solutions. This is the reason you went on this big chase, and it should be the real meat of a follow-up report.
The other important thing to remember is that good reporting is key in procuring a new security budget and the chance to continue to perform regularly scheduled follow-up audits.
This portion of the chapter explains what should appear in a report and what should be left out. First, I help you define the levels of threat a hole could pose to your organization. ...
Get Microsoft® Windows® 2000 Security Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.