SKILL BENCHMARK

CISSP: Security Assessment and Testing Proficiency

  • 15m
  • 15 questions
The CISSP: Security Assessment and Testing Proficiency benchmark will measure your ability to recognize key terms and concepts related to security assessment and testing proficiency. You will be evaluated on security assessments and testing, pen testing, and software assessment. A learner who scores high on this benchmark demonstrates that they have the skills related to security assessment and testing proficiency terminology and concepts.

Topics covered

  • conduct security control testing
  • describe active reconnaissance techniques such as footprinting
  • describe passive reconnaissance as it relates to pen testing as in drones/unmanned aerial vehicle (UAV), war flying, and war driving
  • describe penetration testing and its purpose
  • describe the characteristics of security orchestration, automation, response (SOAR) systems
  • describe the importance of a security management process and its common functions
  • describe the major components of a security assessment and test strategies approaches
  • describe threat hunting concepts such as intelligence fusion, threat feeds, advisories, bulletins, and maneuvers
  • design and validate assessment, test, and audit strategies
  • gather technical and administrative security process data
  • list common software vulnerabilities such as buffer overflow and injection flaws
  • recognize best practices for analyzing test output and generating reports
  • recognize methods to detect potential software vulnerabilities
  • recognize steps and techniques to analyze risk
  • survey fundamental methods for pen testing like lateral movement, privilege escalation, persistence, and pivoting