vulnerability report. This is an important type of report in the information security industry, and will be the culmination of your work in IT 320. This is your opportunity to bring all that you have learned together to analyze a network, evaluate vulnerabilities and risks, and recommend mitigation strategies.
A vulnerability report typically includes the following:
ï‚· A security assessment of a computer network
ï‚· Identification of vulnerabilities, supported with evidence
ï‚· An interpretive analysis of risks, including benchmarking or ranking risk using levels or similar metrics
ï‚· Recommended mitigation steps or solutions
Vulnerability reports are written for a diverse audience within an organization. Therefore, they include an executive summary for managers and decision-makers as well as technical data for analysis by other IT professionals. Organizations may require vulnerability reports to meet compliance requirements or may have internal policies that call for a vulnerability assessment and completion of a report on a fixed schedule.