Executing a physical penetration test without
adequate planning and information gathering is an exercise doomed to failure.
During the planning phase you should review this chapter to ensure all your
bases are covered. You should now be familiar with the following topics:
· Building an Operating Team – This involves selecting the
right people for the right role, which is heavily dependent on the nature and
scale of the test. It is likely that team members will be required to acquire
multiple skill sets and assume multiple roles.
· Project Planning – Different organizations favor
different approaches to project management and the language used in this
chapter is loose enough to integrate into any existing methodology.
· Rules of Engagement – In this chapter, I introduced
the concept of RoE and how this will influence your approach to testing. The
RoE are critical; they are usually part of the legal contract between the
testing company and the client.
· Conducting Preliminary Research – This chapter covered
preliminary research from the perspective of the planning phase and how this
fits into the overall approach. The different types of intelligence gathering
were examined.
·
Evaluating Risk – Risks encountered during
testing come in different forms and can be expressed in different ways. The
concept of COLE was introduced as means of evaluating risks to the testing team
and company.
· The Test Plan – You should now be able to write
a test plan even if you're not familiar with the practical elements of the
testing itself. I start to discuss these in.
· Legal Issues and Documentation – You should now be able to
produce the required documentation to support a physical penetration test and
be familiar with some of the legal aspects.
Really nice post, you have explained very good attributes of all security guards. Nice to read. thanks for sharing.
ReplyDeleteHawaii Security Guard Training