New Training: Understanding the Need for Scope Planning
| new skills - Team Nuggets

New Training: Understanding the Need for Scope Planning

In this 7-video skill, CBT Nuggets trainer Shawn Powers covers the importance of planning for a pentest engagement. Watch this new CompTIA training.

Learn CompTIA with one of these courses:

This training includes:

  • 7 videos
  • 35 minutes of training

You’ll learn these topics in this skill:

  • Introduction to the Importance of Planning
  • Identifying Target Audience
  • Specifying the Rules of Engagement
  • Defining Resources, Requirements, and Budgets
  • Explaining Timelines and Disclaimers
  • Defining Technical Constraints
  • Requesting Support Resources

How Can Pentesting Land You in Hot Water?

At its root, pen-testing is a process designed to break into business or government networks. Though pen-testing may not be a malicious act, penetration testers can still get into trouble with the law if they are not careful. Therefore, any pentester needs to define timelines and disclaimers with their clients before executing any attacks against an IT infrastructure.

Setting timelines with clients is important. This indicates to clients when tests will be performed so they are expecting abnormal behaviors in their network. IT security staff need to be made aware of potential attacks made by pen-testers so they don't attempt to thwart them, or worse, contact authorities.

Likewise, pen-testing always carries risks of causing harm to IT environments. Pentesters need to make these disclaimers known so that they can cover liability for themselves as well as ensuring that businesses have incident response plans in place if something does goes wrong.

Penetration testers need to explain both timelines and disclaimers to stakeholders before performing any tasks. Security professionals need un-inhibited access to a network to properly perform tests while understanding that sometimes these tests can cause harm. Both security researchers and stakeholders need to be prepared for these events.

Download

Download

Ultimate Security Cert Guide

A 62-page guide to every Palo Alto, Offensive Security, (ISC)2, Check Point, CompTIA, and Cisco certification, and how they fit into your career.

I have read and understood the privacy policy, and am able to consent to it.

LEARNING ON MOBILE

Learn anytime anywhere with our mobile apps.

I have read and understood the privacy policy and am able to consent to it.

© 2021 CBT Nuggets. All rights reserved. Terms | Privacy Policy | Accessibility | Sitemap | 1550 Valley River Drive, Eugene, OR 97401 | 541-284-5522
CBT Nuggets