From the course: CompTIA PenTest+ (PT0-003) Cert Prep
Join today to access over 25,500 courses taught by industry experts.
Data destruction process
From the course: CompTIA PenTest+ (PT0-003) Cert Prep
Data destruction process
- One of the last steps in the pen testing process comes after you actually deliver the report, is what do we do with all the data that we use to put in the report? Penetration testing accumulates lots of sensitive data. Attackers could use pen test data to plan new attacks. Data that you've uncovered likely includes intellectual property and other organizational sensitive data. You don't want attackers to get ahold of that. Testing agreements should include a destruction expectation. You need to lay out procedures for how you're going to get rid of the data at the end. Follow and document adherence with the expectations by following the procedures that you set out during the testing plan. The first thing you do is identify what information collected is in scope. Then you document the procedures that you followed to dispose of all the covered data, which means you have to have procedures in place before you start…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
-
-
-
Report writing14m 41s
-
(Locked)
Important components of written reports2m 33s
-
(Locked)
Mitigation strategies4m 55s
-
(Locked)
Technical and physical controls3m 43s
-
(Locked)
Administrative and operational controls5m 2s
-
(Locked)
Communication8m 34s
-
(Locked)
Presentation of findings2m 53s
-
(Locked)
Post-report activities5m 18s
-
(Locked)
Data destruction process1m 31s
-
-
-