Refer to NIST SP 800-53 (Rev. 4) for the 18 candidate security control families and associated security controls.
Security Assessment must be incorporated into the Software Development Life Cycle (SDLC) in order to be a secure, integrated process. Testing of selected security controls ensures that applications meet business requirements, function as planned, and protect associated data securely from attack. A security assessment of the targeted environment identifies vulnerabilities that may cause a security breach and specifies the security controls that mitigate the vulnerabilities.
For this assignment, use the organization you chose in Week 1.
Penetration Testing and Vulnerability Scanning
Provide a 1-page description of penetration testing and vulnerability scanning processes.
Describe how they are used as part of the organization’s testing and assessment strategy.
Format your citations according to APA guidelines.
Submit your assignment.