Security Rules: Rules of Engagement

IT Security
  • 14 Videos | 53m 25s
  • Includes Assessment
  • Earns a Badge
Likes 16 Likes 16
Prior to performing any penetration testing, it is important to outline the Rules of Engagement (RoE) with the client. Begin this 14-video course with a general overview of the RoE, how it relates to business, and the potential consequences of not having the RoE in place. Look at benefits of having an easy reference checklist prepared when defining RoE. Learn how to determine the appropriate scope of engagement; examine client (IT staff) considerations; and view common risks and limitations, such as impact on systems. Explore the logistics and considerations such as testing tools, personnel, and test schedules. Delve into incident handling and best practices; testing and best practices, and also best practices in information handling. Examine elements that should be included in final reports, such as action taken, problems, and findings. Look at liabilities, warranty, limitation of a liability, and indemnification considerations to include when outlining the intent of testing activities. Finally, learn how to ensure proper authorization has been granted to commence any testing.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    provide a general overview of the Rules of Engagement, how the ROE relates to business, and the potential consequences of not having the ROE in place
    provide an overview of the benefits of having a easy reference checklist or templates prepared when defining RoE
    recognize how to determine the appropriate scope of engagement
    describe client (IT staff) considerations such as client contact details and potential impacts on their working environment
    describe common risks and limitations you should outline such as impact on systems, and ensuring backups are available and the disaster recovery plan is intact
    list key logistical considerations such as testing tools, personnel, and test schedules
  • describe incident handling best practices such as law enforcement contact, sensitive data/privacy, and encryption
    describe best practices you should outline in the event that testing is successful or unsuccessful
    outline best practices to follow or consider when in possession of a company's data, such as encryption and data destruction
    describe elements that should be included in a final report such as actions taken, problems, and findings
    describe warranty, limitation of liability, and indemnification considerations to include when outlining the intent of testing activities, as well as and any liability concerns
    describe how to ensure proper authority has been granted to commence any testing, such as obtaining signatures from key stakeholders
    summarize the key concepts covered in this course

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Likes 120 Likes 120  
Likes 172 Likes 172  
Likes 24 Likes 24