Level III Assessments
Having completed a level I and level II assessment, you may have determined it is necessary to continue your technical analysis. Some of the tools you will need for this level of the technical assessment include the following:
Information-gathering tools and techniques
Scanning tools
Enumeration tools
Wireless tools
Password auditing tools
Vulnerability scanning tools
Automated exploit tools
NIST 800-42 is a good foundational document to review to help guide you through this portion of your testing. Level III assessments can be performed for several reasons:
To see what attackers can access and infiltrate if they so desire
To determine what types of information leakage is occurring
To demonstrate the end result of some of the uncovered ...
Get Inside Network Security Assessment: Guarding Your IT Infrastructure now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.