Legal/Regulatory Compliance
Description
Topics Covered
- Identify Legal Requirements pertaining to Red Team
- Engagements
- Target of the Engagement (Target of Evaluations)
- How to deal with Sensitive Data Client blames pen tester for loss of data
- How to get permission in writing-statement of
- Intent
- Confidentiality/Non-Disclosure Agreements
- Federally Mandated Red Team reporting
- PCI, FERPA, HIPAA, HITEC, SOX, GLBA State Laws on Hacking
- Authorized Actions vs. Restricted Actions
Topics for this course
2 Lessons