Proving due diligence and compliance.
The scope should be clearly defined, not only in the context of the components to be (or not to be) assessed and the constraints under which testing should be conducted, but also the business and technical objectives. For example penetration testing may be focused purely on a single application on a single server, or may be more far reaching; including all hosts attached to a particular network.
Read More.. | Comments (0) | Resources.