A1 project lifecycle - Study guides, Class notes & Summaries

CREST CPSA - Appendix A: Soft Skills and Assessment Management Exam Questions and Answers A1 Engagement Lifecycle - Answer-A1 Engagement Lifecycle A1 (1) What are the benefits of penetration testing to the client? - Answer-Penetration testing can identify vulnerabilities in a client's systems and networks, allowing them to take steps to remediate them before they can be exploited by malicious actors. It also helps organizations comply with regulatory requirements and industry standards...

Which due diligence activity for supply chain security should occur in the initiation phase of the software acquisition life cycle? A Developing a request for proposal (RFP) that includes supply chain security risk management B Lessening the risk of disseminating information during disposal C Facilitating knowledge transfer between suppliers D Mitigating supply chain security risk by providing user guidance Correct answer- A Which due diligence activity for supply chain security investi...

Minimise client-side attacks. Protect clients, partners and third-parties. Comply with regulation. A1) Pentest structure - ANSWER-Reconnaissance (i.e. find live hosts, sweeping, find services, scanning, banner matching, find vulnerabilities). Target prioritisation (e.g. assess servers rather than printers). Testing of services and exploitation if applicable. Consult/Confirm with customer if ok to exploit. Inform customer of any high risk issues that need addressing immediately. A1) Projec...

A1) Benefits of pentesting Manage risk. Increase business continuity. Minimise client-side attacks. Protect clients, partners and third-parties. Comply with regulation. A1) Pentest structure Reconnaissance (i.e. find live hosts, sweeping, find services, scanning, banner matching, find vulnerabilities). Target prioritisation (e.g. assess servers rather than printers). Testing of services and exploitation if applicable. Consult/Confirm with customer if ok to exploit. Inform customer of an...