Level II Assessments
Congratulations, you’ve done most of the work needed for a level I assessment. Level II assessments rely heavily on vulnerability scans and more intrusive forms of technical testing. Although many organizations are quick to want to jump directly to level II assessments, to do so overlooks the entire administrative and operational side of security. Vulnerability scans are important, but they deal mainly with the technical side of the organization. Up to this point of the assessment, what you should really have been trying to do is to figure out the core mission of the organization, what processes it takes to accomplish the core mission, and how well policies map up to real life activities. If you’ve done a thorough job, you ...
Get Inside Network Security Assessment: Guarding Your IT Infrastructure now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
