UPDATED CREST CPSA - Appendix A: Soft Skills and Assessment Management

What are the Benefits and utility of penetration testing to the client? - 1.) Identifies existing and potential security risks. 2.) Obtain recommendations to remove vulnerabilities and increase security and protection against attack. 3.) Increase awareness of security issues 4.) Meet regulatory requirements 5.) Satisfy external customers of the client that there system meets recognised security standards What is NDA? - Non-disclosure agreement What is infrastructure testing? - Security review of network connected IT equipment including security/networking devices, servers, and workstations. What is application testing? - Security review of computer program running on a IT system. What is Blackbox testing? - Zero knowledge of internal workings