▶ 1.6 Ethical Issues in Security Analysis
Security analysis exists to improve system security. Students of security analysis must ensure that they themselves do not pose a risk to the systems they review. When an organization requests a security assessment, the security analyst’s situation is clear:
■ The analyst needs written authorization from the organization to verify that the assessment should take place.
■ The analyst should use the appropriate tools to perform the assessment.
■ When finished, the analyst should collect the results and report them to the appropriate people in the organization.
The assessment results could pose a risk to the organization, so they are treated as confidential. The results are shared only with the ...
Get Elementary Information Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
