| Line 18: | Line 18: | ||
== References == |
== References == |
||
| − | <references /> |
||
| − | |||
| − | ==References== |
||
<references /> |
<references /> |
||
Revision as of 03:58, 10 August 2014
Definitions
DMCA
Security testing means
| “ | accessing a computer, computer system, or computer network, solely for the purpose of good faith testing, investigating, or correcting, a security flaw or vulnerability, with the authorization of the owner or operator of such computer, computer system, or computer network.[1] | ” |
General
Security testing is
| “ | [a] process used to determine that the security features of a system are implemented as designed. This includes hands-on functional testing, penetration testing, and verification.[2] | ” |
Overview
Such testing should be one component of an overall security program that also includes assigned security responsibilities, risk assessment, system requirements, planning, policies, and procedures. This testing includes hands-on functional testing, penetration testing, and verification.
References
- ↑ 17 U.S.C. §1201(j)(1)(A).
- ↑ Department of Defense, National Computer Security Center, Glossary of Computer Security Terms (NCSC-TG-004, Ver. 1) (Oct. 21, 1988).
See also
- Active security testing
- Covert security testing
- External security testing
- Internal security testing
- NIST Special Publication 800-115 (Technical Guide to Information Security Testing and Assessment)
- Overt security testing
- Security test and evaluation
- Voting system security testing