Re: What a security test should do?- from thinking about: Ethical Hacking Training

From: Meritt James (meritt_james@bah.com)
Date: Fri Jan 23 2004 - 16:15:29 EST

• Next message: Jason Ellison: "Re: AIX Pen test tools"
• Previous message: Robert Masse: "RE: AIX Pen test tools"
• In reply to: Pete Herzog: "What a security test should do?- from thinking about: Ethical Hacking Training"
• Next in thread: Frank Knobbe: "Re: What a security test should do?- from thinking about: Ethical Hacking Training"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

The rest. Physical, legal, operational, communications, policy, ... It
is a tiny piece of the overall picture. Familiarity with just one piece
may well blind one to the additional components.

Jim

Pete Herzog wrote:

> So my question is, what parts of security can't be verified in a security
> test? No flames please-- I'm just trying to make the OSSTMM (osstmm.org)
> better.

-- 
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566
---------------------------------------------------------------------------
----------------------------------------------------------------------------

• Next message: Jason Ellison: "Re: AIX Pen test tools"
• Previous message: Robert Masse: "RE: AIX Pen test tools"
• In reply to: Pete Herzog: "What a security test should do?- from thinking about: Ethical Hacking Training"
• Next in thread: Frank Knobbe: "Re: What a security test should do?- from thinking about: Ethical Hacking Training"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:46 EDT