Penetration Testing and Scanning Policy
System or network vulnerabilities and security threats can severely impact business operations or even shutter its doors. However, these incidents can be prevented by proactively detecting potential threat opportunities.
The purpose of this customizable policy, created by Scott Matteson for TechRepublic Premium, is to provide guidelines for appropriate penetration testing and scanning of computer systems and networks. It includes preparation, conducting the tests, and how to address the results.
-
Featured text from the download:
Penetration tests should include light, medium, or heavy options for basic, detailed, and advanced scans. Test results should include (but are not limited to) the following steps (customize for your organization):
-
Table listing any successful access to production or production data.
-
Table listing any vulnerabilities, holes, or weak areas that could compromise access to production or production data.
-
Table listing any tested exploitable vulnerabilities.
-
Table listing any production data discovered.
-
Table listing any default passwords, outdated patches, or software vulnerabilities.
-
Statistical analysis of password/key weakness by user population.
-
Required and recommended changes resulting from above data.
-
Boost your cybersecurity with our in-depth eight-page document. This is available for download at just $9. Alternatively, enjoy complimentary access with a Premium annual subscription.
TIME SAVED: Crafting this content required 16 hours of dedicated writing, editing, research, and design.
Resource Details
* Sign up for a TechRepublic Premium subscription for $299.00/year, and download this content as well as any other content in our library. Cancel anytime. Details here.
* Sign up for a TechRepublic Premium subscription for $299.00/year, and download this content as well as any other content in our library. Cancel anytime. Details here.