IT Examiner School - Oct 2023
Internal Use Only
Vulnerability Assessment vs. Risk Assessment
Assist in mitigating or eliminating vulnerabilities for key resources
Assigning quantifiable value and importance to a resource
Identifying the vulnerability or potential threat(s) to each resource
Cataloging assets and capabilities (resources) in a system
FI will sometimes use vulnerability assessment to aid in completing the risk assessment process
23
Internal Use Only
Penetration Test Considerations External Penetration Testing Internal Penetration Testing “Black Box, White Box” Application Penetration Tests Independent Party Qualifications of Penetration Testers
24
Made with FlippingBook - professional solution for displaying marketing and sales documents online