IT Examiner School, Seaside, CA
Vulnerability Assessments Testing:
• Requires specific skills/knowledge • Audit team tries to find weak points • Tools used simulate a variety of attacks • Results are used in Penetration Testing for potential exploitation Basic Vulnerability Assessment description: • Checking building windows and doors to see if they are secured • Checking if building is susceptible to other events, e.g. natural catastrophes
Vulnerability Assessment vs. Risk Assessment
• Cataloging assets and capabilities (resources) in a system • Assigning quantifiable value and importance to a resource • Identifying the vulnerability or potential threat(s) to each resource • Assist in mitigating or eliminating vulnerabilities for key resources
Entity will sometimes use vulnerability assessment to aid in completing the risk assessment process
Made with FlippingBook - Online catalogs