264 Managing Network Vulnerability Assessment
Exhibit C-4.1 Supplemental CD Readme File
Your Company Vulnerability Assessment
Final Report Supplemental CD for
CLIENT
© Copyright 2002, Your Company
Your Company confidential
Version 1.3 XXX XX, XXXX
This CD is governed by PSA XXXX dated XXX XX, XXXX
This CD is governed by and produced under EA XXXXX-X-XX/XX
Dated XXX XX, XXXX
This CD contains information that is supplemental to the VULNERABILITY
ASSESSMENT Final Report
Referenced above.
All reports are available in HTML, Text, or Microsoft Word 97 format.
Contents of this CD are as follows:
eadme.txt — This readme document
VULNERABILITY ASSESSMENT Supplemental Reports TOC.xls
— A Microsoft Excel 97 spreadsheet listing the name and
characteristics of all ISS, NetRecon, and ESM reports on the
Supplemental CD.
index.html — HTML file containing links to the ISS, NetRecon, and ESM
reports on the Supplemental CD.
Additional Data — Contains data from the Zero-Information-Based Scan, password
crackers, and other miscellaneous tools and tests designed to
verify what PA found in other tests.
Data Files — Contains the original ISS Scanner 6, Axent NetRecon, and Axent
ESM Data Files.
ESM Reports — Contains the reports produced by ESM as a part of the
configuration audit.
ISS Reports — Contains the reports produced by ISS as a part of the directed
vulnerability scans. ISS performs tests that attempt to directly
test for vulnerabilities.