Register
When creating your written report of findings after completing a penetration test, you should identify the standard or guidelines you used to conduct the test in the
86.1k views
3 votes
When creating your written report of findings after completing a penetration test, you should identify the standard or guidelines you used to conduct the test in the

User Artoonie
by
7.2k points

1 Answer

3 votes

Final answer:

When drafting a report post penetration testing, it's crucial to state the standards or guidelines used such as PCI DSS, NIST, or ISO/IEC 27001 early in the document to provide context for the testing framework.

Step-by-step explanation:

When creating your written report of findings after completing a penetration test, it is essential to identify the standard or guidelines you used to conduct the test in the opening sections of the report. This establishes the framework and context in which the penetration testing activities were performed and ensures that the findings are interpreted correctly by the report's readers. Common standards include the PCI DSS for payment card industry, NIST guidelines for federal information systems, and ISO/IEC 27001 for information security management. By mentioning the standards or guidelines early in the report, you set a professional tone and demonstrate compliance with industry best practices.

User Ptriek
by
8.0k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

8.8m questions

11.4m answers

Other Questions

Why did people immigrate to the United States in the late 1800s?
In the peaceful period of the Middle Kingdom, what area of culture thrived?
Why wasn't New England's land well-suited for farming
Which city was located nearest the nile river delta
''Life in a city is more rewarding than life outside a city."List two or three arguments in favor of this opinion and two or three arguments opposing this opinion
Link Copied!