CISSP Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and Solution Elements – Bk1D3T5
Assessing information security vulnerabilities can be done by inspection or testing. Inspection can be manual, reviewing the design and implementation looking for vulnerabilities, or automated, in which software analyzes the configuration or code. Testing can be white-box, in which the tester knows the details of the system’s design and implementation; black-box, in which the tester knows nothing about the internals of the system; or gray-box, in which the tester has some knowledge. Related Product : …