Objectives Develop questions to gain further insight and help get the client and tester on the same page Create a sample scope for an security assessment Create and revise Rules of Engagement for the test
Objectives
- Develop questions to gain further insight and help get the client and tester on the same page
- Create a sample scope for an security assessment
- Create and revise Rules of Engagement for the test
Overview
You were given a Request For Proposal (RFP) but it seems to be lacking enough details to determine what the client is requesting for a test. We will need to come up with some information and questions to discuss with the client to determine what exactly they are wanting. This will allow both the client and the tester to be on the same page prior to beginning any assessment. We will be building a Scope and Rules of Engagement (ROE) to determine what is in scope and the document that outlines specifics of the project and how it will occur.
Below are some of the key points pulled from the RFP that was lacking a lot of details:
- The test is for CIT-E Corp with 2,000 employees located throughout the United States
- They want a penetration test from either an outside company or group within the company
- Minimize or eliminate business risks and exposures
- Overall goal is to ensure the appropriate security controls are implemented and functioning to preserve the confidentiality, integrity, and availability of the data they house and are responsible for.
Objectives
- Develop questions to gain further insight and help get the client and tester on the same page
- Create a sample scope for an security assessment
- Create and revise Rules of Engagement for the test
Overview
You were given a Request For Proposal (RFP) but it seems to be lacking enough details to determine what the client is requesting for a test. We will need to come up with some information and questions to discuss with the client to determine what exactly they are wanting. This will allow both the client and the tester to be on the same page prior to beginning any assessment. We will be building a Scope and Rules of Engagement (ROE) to determine what is in scope and the document that outlines specifics of the project and how it will occur.
Below are some of the key points pulled from the RFP that was lacking a lot of details:
- The test is for CIT-E Corp with 2,000 employees located throughout the United States
- They want a penetration test from either an outside company or group within the company
- Minimize or eliminate business risks and exposures
- Overall goal is to ensure the appropriate security controls are implemented and functioning to preserve the confidentiality, integrity, and availability of the data they house and are responsible for. provide full source link with. Need help with this please.
Step by step
Solved in 5 steps