| Line 7: | Line 7: | ||
== General == |
== General == |
||
| − | Security testing is a process used to evaluate the effectiveness of |
+ | Security testing is a process used to evaluate the [[effectiveness]] of [[implement]]ed [[security measure]]s or [[security controls|controls]] and to [[identify]], [[validate]], and [[assess]] [[security]] weaknesses so that they can be addressed. Such [[testing]] should be one component of an overall [[security]] program that also includes assigned [[security]] responsibilities, [[risk assessment]], system requirements, planning, [[policies]], and procedures. This [[testing]] includes hands-on [[functional testing]], [[penetration testing]], and [[verification]]. |
==References== |
==References== |
||
Revision as of 23:32, 13 November 2011
DMCA
Under Section 1201 of the U.S. copyright law, security testing means
| “ | accessing a computer, computer system, or computer network, solely for the purpose of good faith testing, investigating, or correcting, a security flaw or vulnerability, with the authorization of the owner or operator of such computer, computer system, or computer network.[1] | ” |
General
Security testing is a process used to evaluate the effectiveness of implemented security measures or controls and to identify, validate, and assess security weaknesses so that they can be addressed. Such testing should be one component of an overall security program that also includes assigned security responsibilities, risk assessment, system requirements, planning, policies, and procedures. This testing includes hands-on functional testing, penetration testing, and verification.
References
- ↑ 17 U.S.C. §1201(j)(1)(A).