Before we can start working practically with security assessments, there's essentially a lot of groundwork that needs to be done, including planning, scoping, choosing the correct tests, resource allocation, test plans, and getting the documentation signed and approved. All these prerequisites will help ensure the smooth conduct of the security assessment. The topics to be discussed in this chapter are as follows:
- Target scoping and planning
- Gathering requirements
- Deciding upon the type of vulnerability assessment
- Estimating the resources and deliverables
- Preparing a test plan and test boundaries
- Getting approval and signing NDAs
