20.1: Establish a Penetration Testing Program

CSF v1.1 References:

PF v1.0 References:

Group:

Next Version:

Control Statement

Establish a program for penetration tests that includes a full scope of blended attacks, such as wireless, client-based, and web application attacks.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]