From the course: CompTIA PenTest+ (PT0-002) Cert Prep
Unlock this course with a free trial
Join today to access over 23,400 courses taught by industry experts.
Mitigation strategies
From the course: CompTIA PenTest+ (PT0-002) Cert Prep
Mitigation strategies
- Even though every part of your pen test report is important, perhaps one of the most important ones would be the call to action, the recommended mitigation strategies. These are the things that you tell the client at the end, "Hey, I found these problems and now here is what you need to do about them." Be very explicit. Be very clear. You provide mitigation strategies that will fix the problems that you found. 'Cause just about every pen test is going to discover multiple vulnerabilities. Your report has to explain how to mitigate each vulnerability. The solutions will vary. It all depends on the vulnerability that has been found. And if you can effectively provide multiple solution alternatives, that's even better. It gives the client a choice. And don't just stick with one particular type of mitigation strategy. In fact, there's several categories of solution categories or mitigation strategy categories. There are people categories, process, and technology. People means that you…
Contents
-
-
-
-
-
-
-
-
-
-
-
-
Report writing14m 47s
-
(Locked)
Important components of written reports2m 37s
-
(Locked)
Mitigation strategies5m
-
(Locked)
Technical and physical controls3m 46s
-
(Locked)
Administrative and operational controls5m 11s
-
(Locked)
Communication8m 38s
-
(Locked)
Presentation of findings2m 57s
-
(Locked)
Post-report activities5m 23s
-
(Locked)
Data destruction process1m 37s
-
-
-