Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

This is an archive
(replace .gov by .rip)

SP 800-115

Technical Guide to Information Security Testing and Assessment

Date Published: September 2008

Supersedes: SP 800-42 (October 2003)

Author(s)

Karen Scarfone (NIST), Murugiah Souppaya (NIST), Amanda Cody (BAH), Angela Orebaugh (BAH)

Abstract

Keywords

Penetration testing; risk assessment; security assessment; security examination; security testing; vulnerability scanning
Control Families

Audit and Accountability; Security Assessment and Authorization; Risk Assessment; System and Communications Protection; System and Information Integrity; System and Services Acquisition;

Documentation

Publication:
SP 800-115 (DOI)
Local Download

Supplemental Material:
SP 800-115 (EPUB) (txt)