Course details

Pen Testing Awareness: Results Management

Pen Testing Awareness: Results Management


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level



Overview/Description

This 14-video course explores benefits to an organization and the role of penetration testing to protect digital assets and networks. In this course, learners observe how to manage and analyze testing results. You will examine several testing methods, including black box, white box, and grey box testing. Next, you will learn about rules of engagement documents, which is executed prior to starting the penetrations testing. This document outlines rules around the test, and the importance of setting stopping points within a penetration test, and when to stop a penetration test. Explore test findings management, risk, risk tolerance, and how to align recommendations to an organization's needs and goals. You will learn about risk tolerance from a privacy and intellectual property perspective, and how to create good test reports for clients. You will learn to categorize your findings by using CVE (Common Vulnerabilities and Exposure) database, or the CVE details. Finally, you will learn how to communicate needed changes, and to emphasize the importance of further testing after recommendations are implemented.



Expected Duration (hours)
1.5

Lesson Objectives

Pen Testing Awareness: Results Management

  • discover the key concepts covered in this course
  • describe how to set expectations and why it is important
  • describe black box penetration testing and why it may be used
  • describe white box penetration testing and why it may be used
  • describe grey box penetration testing and why it may be used
  • describe the rules of engagement and how they are used
  • describe the importance of setting stopping points and when to stop a penetration test
  • describe what should be documented during a penetration test and why it is important
  • describe the different categories of findings
  • describe organizational risk tolerance and why it is important
  • describe the importance of aligning recommendations to corporate culture, policies, and procedures
  • describe how to communicate changes to lay persons and executives
  • describe the importance of working with management to conduct further testing after recommendations are implemented
  • summarize the key concepts covered in this course
  • Course Number:
    it_soptawdj_01_enus

    Expertise Level
    Beginner