Please enable JavaScript.
Coggle requires JavaScript to display documents.
Explain the importance of scoping an engagement properly (Threat actors…
Explain the importance of scoping an engagement properly
Special scoping considerations
Supply chain
Premerger
Tolerance to impact
Strategy
Black box vs. white box vs gray box
Threat actors
Intent
Threat models
Capabilities
Adversary tier
Script kiddies
Hacktivist
APT
Insider threat
Target selection
Targets
Physical
Users
First-party vs. third-party hosted
SSIDs
External
Internal
On-site vs. off-site
Applications
Considerations
White-listed vs. black-listed
Security exceptions
NAC
Certificate pinning
IPS/WAF whitelist
Company’s policies
Scheduling
Types of assessment
Compliance-based
Red team
Goals-based/objectives-based
Risk acceptance
Scope creep