
250 ◾ The Security Risk Assessment Handbook
© 2011 by Taylor & Francis Group, LLC
Table7.8 Security Testing and Review Interview Guidelines
Objective Subtopic Question
Increase knowledge of
technical safeguards
deployed within the
organization
Password
cracking
• What tools are used to test the
strength of passwords?How
often are these tools used?
• What account do you log into to
use those tools?
• Where are the results kept? How
are they disseminatedwithin the
organization?
• How is access to the tool and the
password file protected?Is such
access logged?
Vulnerability
Scanning
• What tools are used to test the
vulnerabilities of the system?
• ...