Penetration Testing
Physical Security audit (PCI DSS) Nov 07 2011 09:54AM
cribbar (crib bar hotmail co uk) (1 replies)
Re: Physical Security audit (PCI DSS) Nov 07 2011 06:46PM
Justin Rogosky (jrogosky gmail com) (2 replies)
Have you checked out the PTES?
http://www.pentest-standard.org/index.php/Main_Page

It isn't a checklist per se but it has a technical guide that gives
you lots of ideas for use during a pen test.
http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines

--Justin

On Mon, Nov 7, 2011 at 4:54 AM, cribbar <crib.bar (at) hotmail.co (dot) uk [email concealed]> wrote:
>
> Hey,
>
> Does anyone have a comprehensive audit program/checklist for physical
> security? I would want something that maps up to the PCI DSS standards
> (although this ?data? doesn?t process payment data it is highly sensitive
> and thus meets the same security requirements). It isn?t a data centre we
> are auditing, more a physical centre that wipes our disks on our behalf. A
> few of the physical security audit programs I checked out through a Google
> search weren?t up to much. Any such programs that you use and would be
> willing to share would be great, right up to the policies, risk assessments,
> BIA, logs and physical controls.
>
> Many Thanks
>
> --
> View this message in context: http://old.nabble.com/Physical-Security-audit-%28PCI-DSS%29-tp32788712p3
2788712.html
> Sent from the Penetration Testing mailing list archive at Nabble.com.
>
>
> ------------------------------------------------------------------------

> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

>
>

------------------------------------------------------------------------

This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

[ reply ]
Re: Physical Security audit (PCI DSS) Nov 07 2011 07:18PM
Chris Campbell (chris ctcampbell com)
Re: Physical Security audit (PCI DSS) Nov 07 2011 07:10PM
Ali-Reza Anghaie (ali packetknife com)


 

Privacy Statement
Copyright 2010, SecurityFocus