Penetration Testing mailing list archives
Re: [PEN-TEST] Help defining job scope
From: "Tonick, Mike" <Mike.Tonick () PS NET>
Date: Wed, 23 Aug 2000 10:56:59 -0500
Steve, What you need is a "Get Out of Jail - Free" card. Write up a description of the type of activities you will be performing, and then have your upper management sign off on it. Carry it with you. Also, I think it is a good practice to notify someone of authority, other than yourself, that you or your team, is going to be doing XYZ during a certain time frame. Especially if the probes are friendly and to be used for internal direction and improvement. Regards, Michael D. Tonick, CISSP Senior Security Consultant Perot Systems Dallas, Texas -----Original Message----- From: Steven W. Smith [mailto:SYSSWS () GC MARICOPA EDU] Sent: Tuesday, August 22, 2000 11:13 AM To: PEN-TEST () SECURITYFOCUS COM Subject: Help defining job scope I'm transitioning from systems management and programming into a "site security person" role. We don't even have an appropriate job title, yet. I've read horror stories about security people prosecuted for performing their jobs and I don't want to follow in their footsteps. I'd like to write a document alluding to job duties that I'm authorized to perform: port scans, probing for vulnerabilities, etc. and get a hardcopy signed by my boss and his boss. I'm not looking for a laundry list of what I can do, rather, a "this guy is *supposed* to be doing scary stuff" doc. I'd really appreciate any suggestions toward this goal and/or pointers to net resources. Thanks much! If this is off-topic for the list I trust it won't make it past the moderator. Steve Steven W. Smith, Systems Programmer Glendale Community College. Glendale Az. syssws () gc maricopa edu
Current thread:
- [PEN-TEST] Help defining job scope Steven W. Smith (Aug 22)
- Re: [PEN-TEST] Help defining job scope Missy, E (Aug 23)
- Re: [PEN-TEST] Help defining job scope Drew Simonis (Aug 24)
- Re: [PEN-TEST] Help defining job scope T. Barrick (Aug 24)
- Re: [PEN-TEST] Help defining job scope Steven Kastl (Aug 24)
- <Possible follow-ups>
- Re: [PEN-TEST] Help defining job scope Tonick, Mike (Aug 24)
- Re: [PEN-TEST] Help defining job scope Thomas Hayward (Aug 24)
- Re: [PEN-TEST] Help defining job scope Tonick, Mike (Aug 26)