Domain 6 Security Assessment and Testing
6.1 Design and validate assessment, test, and audit strategies
6.2 Conduct security control testing
6.3 Collect security process data (e.g. technical and administrative)
6.4 Analyze test output and generate report
6.5 Conduct or facilitate security audits