In this chapter, we have examined a number of the different process and methodology references that are available for us to use when it comes to practicing our professional security testing.
We started the chapter by looking at the comprehensive international reference of the OSSTMM. We looked at the process and steps within the reference of conducting a wireless assessment.
Following the OSSTMM, we took a brief look at CHECK, which is a part of performing security assessments in the United Kingdom. We also discussed assessments of networks that contain data that is classified as marked.
The next reference that we reviewed was the NIST SP 800-115. We investigated the format of the document and discussed a number of sections from the reference. We looked at examples of the required skills for both an assessment and a penetration test. One of the common items was the knowledge of TCP/IP.
We looked at an example flow chart from the CEH course material and ended the chapter with a customization...