Network Security: Detailed info on Re: Government Compliance

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Pen-Test

[Top] [All Lists]

Re: Government Compliance

from [David J. Bianco] Network Security

[Permanent Link]

Subject:	Re: Government Compliance
Date:	Thu, 16 Jun 2005 08:07:43 -0400



Dave wrote:

"... The guidance for penetration testing was reviewed at [department
committee] meeting... penetration testing shall consist of [product
name deleted] vulnerability scans and running [product name deleted]
for cracking passwords... if this has been done AgencyX shall get
credit for penetration testing...."


Of course, I think most of us on this list would agree that this
definition doesn't actually cover penetration testing.  It's more like
what we typically call "vulnerability assessment" (if we're charitable).
However, there are a lot of "penetration testers" who define their job
as indicated above, so it's easy to see where this kind of confusion
comes from.

IMHO, it's probably not worth quitting your job over, but good luck to
you if you do decide to look elsewhere.

        David

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Government Compliance, Dave Re: Government Compliance, Kevin Lee Re: Government Compliance, David J. Bianco <= Re: Government Compliance, Diego Kellner RE: Government Compliance, Robert Hines Re: Government Compliance, Jay D. Dyson Re: Government Compliance, R. DuFresne AW: Government Compliance, Jörg Maaß Government Compliance, Security Professional RE: Government Compliance, Kasyan, Walter A (Tony) RE: Government Compliance, Smith, Michael J. Re: Government Compliance, Tim Adams RE: Government Compliance, Keith T. Morgan

Previous by Date:	Government Compliance, Security Professional
Next by Date:	Re: Government Compliance, Diego Kellner
Previous by Thread:	Re: Government Compliance, Kevin Lee
Next by Thread:	Re: Government Compliance, Diego Kellner
Indexes:	[Date] [Thread] [Top] [All Lists]