Hello;
If I were in your position I would grab a copy of the latest OSSTMM. This
is a good methodology to start off with. Many newcomers and veterans alike
utilize this resource.
Check it out at:
http://www.isecom.org/projects/osstmm.shtml
That's where I would start. Once you get into the swing of things, gain
experience and research, you'll be well on your way to finding the best
methodology for your own specific services. I tend to use this for private
sector companies, and I use NIST's guide to security testing for government
clients. You can find good NIST security government resources here:
http://csrc.nist.gov/
Hope this helps. Congrats on your cert and keep it up :o)
Marcos
http://www.agape-tech.com
---------------------------------------------------------------------------
----------------------------------------------------------------------------
Received on Dec 02 2003
Intro
