After reading this week’s materials, please respond to TWO (2) of

the following questions AND PROVIDE CITATION IN APA
-Describe the steps in the information system security audit process.
-Describe the differences between Black box, White box, and Gray box forms of vulnerability and penetration testing.
-What are the five steps a team goes through when conducting a penetration test? What are the three degrees of knowledge that a penetration team can have about the target?
-Discuss any three of the commonly exploited vulnerabilities targeted in penetration tests and the appropriate countermeasures to mitigate them.
-Discuss the various test types that Operations and Security Departments should carry out to monitor the environment’s vulnerability to attack.
-Define the following KPI terms: factor, measurement, baseline, metric, and indicator. What is the difference between a KPI and KRI?
-What are the key elements that should be included in a good technical audit report? What should be included to provide senior management a brief overview of the report highlights?