RE: Vulnerability Assessment Checklists?

["dave kleiman" <dave () isecureu com>]

Hi Kim,

http://www.isaca.org/ on their Standards and Research Pages they have .PDF's
with guidelines to auditing.

http://www.isecom.org/public_repository.shtml  and

http://www.isecom.org/projects/toolsandtemplates.shtml  There are a ton
there, enough free tools and templates to keep you busy for a good year or
so.


Hope that helps,

 
_______________________________
Dave Kleiman, CISSP, MCSE, CIFI
dave () isecureu com
www.SecurityBreachResponse.com

"High achievement always takes place in the framework of high expectation."
Jack Kinder

 

-----Original Message-----
From: Kim Clark [mailto:kclark20001 () hotmail com] 
Sent: Monday, December 01, 2003 17:46
To: security-basics () securityfocus com
Subject: Vulnerability Assessment Checklists?


Hello,

I've finished my Security+, and am almost through my Security Certified 
Network Professional training.

I'm looking for some basic tips and resources (checklists or templates?) to 
do some vulnerability assessments because I just went  to  donate my 
services at a nonprofit job fair and got plenty of responses.

Since I've never evaluated the security posture of a company before I could 
use some resources on how to best get started. They run the gamut from P2P 
to WANs. Of course, I want to give them some value while gaining valuable 
experience for my resume.



---------------------------------------------------------------------------
----------------------------------------------------------------------------