Vulnerability assessment is a method to find the vulnerabilities in the system a

Question

Vulnerability assessment is a method to find the vulnerabilities in the system and to take a more overall look at security system of the organisation. Penetration testing is a method which focuses on an attack of vulnerabilities that would be generally known to exist or are suspected of existing in the system.Both the system assessments provide a way for remedial action to be taken in the system.

No, an organisation could not have a strong Risk assessment program without including them, as said above these systems helps organisation to get a blueprint on what corrective actions could be taken on the different vulnerabilities in the system which would be harmful to the organisations security, these are more of preventive measures which helps organisation to prevent such mishaps before happening.

I have used Metasploit for network segmentation testing, I used it testing the security and possible vulnerabilities to the subnetworks created by the network segmentation

Explanation / Answer

How do Vulnerability Assessments/Penetration Tests and Patch Management correlate? Can an organization have a strong Risk Assessment plan/program and NOT include both? Why or why not? Do you have any experience with Vulnerability Scanning/Penetration Testing tools, such as Nessus, SAINT, or Metasploit? What have you used them for, and how helpful are they?

Related Questions

Navigate

• Browse (All)
• Browse V
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.