1answer.
Ask question
Login Signup
Ask question
All categories
  • English
  • Mathematics
  • Social Studies
  • Business
  • History
  • Health
  • Geography
  • Biology
  • Physics
  • Chemistry
  • Computers and Technology
  • Arts
  • World Languages
  • Spanish
  • French
  • German
  • Advanced Placement (AP)
  • SAT
  • Medicine
  • Law
  • Engineering
Leokris [45]
3 years ago
13

The Company management has asked that you compare the OSSTMM and the PTES to determine which methodology to select for internal

testing. Compare these two methodologies and write a report to management. When writing your report, make sure you are writing it as though you are writing it as a report to management, not as though you were answering a homework assignment question.
Computers and Technology
1 answer:
Sonbull [250]3 years ago
7 0

Answer:

The basic comaprism of OSSTMN and PTES includes the following: OSSTMN is more theoretical, security assessment methodology, and Metrics based why PTES is technology oriented, penetration testing methodology ,  extended analysis of all stages

Explanation:

Solution

Penetration testing has several methodologies which include :OSSTMM and PTES  

The comparison between OSSTMM and PTES is stated as follows:

OSSTMM:                                                

Security assessment methodology

More Theoretical  

Metrics based

PTES :

Technology oriented

Penetration testing methodology

Extended analysis of all stages

Now,

There are 7 stages which is used to define PTES for penetration testing.(Penetration Testing Execution Standard)

  • Pre-engagement Interactions
  • Intelligence Gathering
  • Threat Modeling
  • Vulnerability Analysis
  • Exploitation
  • Post Exploitation
  • Reporting

Now,

The OSSTMM is used to obtain security metrics and performing penetration testing .The OSSTMM provides transparency to those who have inadequate security policies and configurations.

The OSSTMM includes the entire risk assessment process starting from requirement analysis to report creation.

Six areas are covered by OSSTMM which are:

  • Information security
  • Process security
  • Internet technology security
  • Communications security
  • Wireless security
  • Physical security
You might be interested in
Which best describes obliteration in a forged document?
Drupady [299]
The answer is B bc obliteration is related to covering the document
4 0
3 years ago
Write a loop that subtracts 1 from each element in lowerScores. If the element was already 0 or negative, assign 0 to the elemen
Verdich [7]

Answer:

Replace <STUDENT CODE> with

for (i = 0; i < SCORES_SIZE; ++i) {

       if(lowerScores.at(i)<=0){

           lowerScores.at(i) = 0;

       }

       else{

           lowerScores.at(i) = lowerScores.at(i) - 1;

       }  

   }

Explanation:

To do this, we simply iterate through the vector.

For each item in the vector, we run a check if it is less than 1 (i.e. 0 or negative).

If yes, the vector item is set to 0

If otherwise, 1 is subtracted from that vector item

This line iterates through the vector

for (i = 0; i < SCORES_SIZE; ++i) {

This checks if vector item is less than 1

       if(lowerScores.at(i)<1){

If yes, the vector item is set to 0

           lowerScores.at(i) = 0;

       }

       else{

If otherwise, 1 is subtracted from the vector item

           lowerScores.at(i) = lowerScores.at(i) - 1;

       }  

   }

Also, include the following at the beginning of the program:

<em>#include <vector></em>

8 0
3 years ago
What does "ttyt" stand for?
EastWind [94]
TTYT stands for "talk to you tomorrow".
6 0
3 years ago
Read 2 more answers
You are troubleshooting a computer that is in the design phase. The problem you see is that the CPU is not receiving information
iogann1982 [59]

Answer:

Control bus

Explanation:

A control bus is a PC bus that is utilized by the CPU to speak with gadgets that are contained inside the PC. This happens through physical associations, for example, links or printed circuits.

The CPU transmits an assortment of control sign to parts and gadgets to transmit control sign to the CPU utilizing the control bus. One of the principle targets of a transport is to limit the lines that are required for communication

An individual bus licenses communication between gadgets utilizing one information channel. The control transport is bidirectional and helps the CPU in synchronizing control sign to inside gadgets and outer segments. It is included interfere with lines, byte empower lines, read/compose sign and status lines.

8 0
3 years ago
In general, the pilot and _______ approaches are the most favored conversion approaches.
Karo-lina-s [1.5K]

Answer:

The correct approach is "Phased".

Explanation:

  • The pilot step requires just to validate the development's implementation goals and objectives and then when the SDMX objects were introduced to development, several perhaps all problems have indeed been detected as well as logged through so that they're being corrected either by the detailed technical advisory committee.
  • The staggered or phased approach towards deployment provides the time possible to obtain the very next knowledge on evaluation criteria, staff including diverse cultures such that the strategy produced could be customized accordingly.
6 0
3 years ago
Other questions:
  • 1. When centering one paragraph on a page of text, the user needs to _____.
    15·2 answers
  • Convert to octal. Convert to hexadecimal. Then convert both of your answers todecimal, and verify that they are the same.(a) 111
    12·1 answer
  • describe a real-world scenario where data is collected and needs to be both accurate and precise for the safety of the community
    9·1 answer
  • Which term refers to a type of an attack in which an attacker makes his data look like it is coming from a different source addr
    10·1 answer
  • An index purports to speed data retrieval. you, therefore, index every attribute in each table. select the likely consequence.
    15·1 answer
  • Which of the following is a hardware component used to hold the BitLocker encryption key and ensures encrypted data is not acces
    5·1 answer
  • What are the classifications of computer
    9·1 answer
  • If a file you are opening for appending does not exist, the operating system will detect the missing file and terminate the oper
    14·1 answer
  • What is the missing line of code?
    7·2 answers
  • Advantages and disadvantages of java
    10·1 answer
Add answer
Login
Not registered? Fast signup
Signup
Login Signup
Ask question!