Upload File

lptv4 module 45 post testing actions

prev
next
out of 13
Download LPTv4 Module 45 Post Testing Actions

Upload: shanky-verma-soni

Post on 22-Feb-2018

223 views

Category:

Documents


1 download

Report

TRANSCRIPT

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    1/13

    ECSA/LPT

    - o u ePost Testing Actions

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    2/13

    Prioritize Recommendations

    Focus on high priority security concerns first.

    Develop strategies to achieve short term and.

    maintain a consistent level of informationsecurity.

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    3/13

    Develop Action Plan

    action plan to:

    Address the security concerns on time andsystematically.

    Reduce the misuse or threat of attacks on theorganization.

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    4/13

    Create Process for Minimizing

    Create a configuration management process.

    Create or use configuration checklists available from the productvendors and security organizations such as NIST and NSA.

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    5/13

    Updates and Patches

    Improve the level of control for thepurchased software's by checking for updatesand patches from the vendors.

    Create a olic for a l in atches in atimely manner.

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    6/13

    Capture Lessons Learned and Best

    Create guidelines for best practices to be followedbased on the recommendations of pen test report.

    Regular auditing of organization reduces.

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    7/13

    Create Security Policies

    Create security policies, such as:

    Systems Security Policy.

    Information Classification Policy.

    Password Policy.

    Strong Authentication Policy.

    Virus Detection and Management Policy.

    Encryption Policy.

    Security Change Management Policy. Remote Network Access Policy.

    Firewall Securit Polic .

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    8/13

    Conduct Training

    Conduct training for analyzing security posture of ane wor .

    Technical security training programs for peoplemanaging information technology.

    Trainin for a lication develo ers to develo securecode.

    implemented, such as:

    General security awareness for new employees in the

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited

    organ za on.

    Awareness program through e-learning.

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    9/13

    Take Social Engineering Class

    Social engineering is the human

    network.

    Provide training on socialengineering to each and everyem lo ee.

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    10/13

    Destroy the Pen-Test Report

    fter the completion of penetration testing and repairing allthe vulnerabilities, destroy the pen-test report.

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    11/13

    Summary

    Decide on required and available resources to maintain a consistentlevel of information security.

    Create or use configuration checklists available from product vendorsand security organizations such as NIST and NSA.

    Create policy for applying patches in a timely manner.

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited

    .

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    12/13

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited

  • 7/24/2019 LPTv4 Module 45 Post Testing Actions

    13/13

    EC-CouncilCopyright byEC-Council

    All Rights Reserved. Reproduction is Strictly Prohibited


LPTv4 Module 20 Router and Switches Penetration Testing_NoRestriction

Outcomes Speak Louder than Actions? Testing a Challenge to

Testing, Treatment, Care and Support Revised Actions for Phase II

LPTv4 Module 30 Database Penetration Testing_NoRestriction

az12722.vo.msecnd.netaz12722.vo.msecnd.net/.../ASPNETMVC3Testing.docx · Web viewExercise 2: Testing CRUD actions. Exercise 2: Testing CRUD actions. In this exercise, you will learn

Consultation paper on draft guidelines d on stress testing...• Reverse stress testing: requirements, use and application of recovery actions and plans as an input. • Supervisory

Formal Conformance Testing of Systems with Refused Inputs and Forbidden Actions

LPTv4 Module 21 Firewall Penetration Testing_NoRestriction

Proficiency Testing Catalog · required for the lab to resume testing patients. • Some laboratories use off-schedule PT to verify that corrective actions were effective. This service

Testing as Part of the Team Culture: Actions Taken and Lessons Learned

Topics in Data-Flow Testing - College of Computing & …spiros/teaching/CS576/slide… ·  · 2010-12-09Topics in Data-Flow Testing ... character sequence of actions. ... Static

Use of Substance Abuse Testing in Licensure Actions

LPTv4 Module 31 VoIP Penetration Testing_NoRestriction

LPTv4 Module 13 Rules of Engagement

LPTv4 Module 15 Pre Penetration Testing Checklist_NoRestriction

LPTv4 Module 47 Standards and Compliance

LPTv4 Module 25 Password Cracking Penetration Testing_NoRestriction

Testing, Treatment, Care and Support Draft Actions for Phase II

LPTv4 Module 11 Penetration Testing Methodologies_NoRestriction

UNITED STATES GENERAL ACCOUNTING OFFICE WASHINGTON, … · testing for the presence of DEG as part of its regular wine sampling program. BUREAU ACTIONS . The Bureau began testing

LPTv4 Module 22 IDS Penetration Testing_NoRestriction

LPTv4 Module 12 Customers and Legal Agreements

Cat-App VF 630x297 01 vecto · 2019-09-02 · sos (91) Filtre nomalie Actions Actions Actions Actions Actions Actions Actions Actions Actions Actions Actions Compteur d'entretien

The Earthquake Actions and Testing Approaches for Curtain Wallsmartstructures-civil.sites.olt.ubc.ca/files/2014/12/6-Wang-Y... · The Earthquake Actions and Testing Approaches for

LPTv4 Module 18 External Penetration Testing_NoRestriction

LPTv4 Module 26 Social Engineering Penetration Testing_NoRestriction

LPTv4 Module 33 Wardialing_NoRestriction

LPTv4 Module 36 File Integrity Checking

LPTv4 Module 40 Security Patches Penetration Testing_NoRestriction

LPTv4 Module 14 Penetration Testing Planning and Scheduling_NoRestriction

LPTv4 Module 33 Wardialing

Hardness Testing Machines - Allied High Tech …...unloading testing actions. Display test conditions and test results. Enter the specimen thickness and the presumed hardness to set

LPTv4 Module 40 Security Patches Penetration Testing

VERIFICATION & TESTING STRATEGIES FOR ... Testing...Verification and Validation Corrective and Preventative Actions Webinar Outline 1. Overview of Medical Device Testing 2. How to

Evalid Benchmark Testing and Java Applets.. Introduction to Benchmark Testing The Benchmark Test measures the amount of time a sequence of browser actions