when selecting a security testing method or tool, the security practitioner needs to consider many different things, such as:

when selecting a security testing method or tool, the security practitioner needs to consider many different things, such as attack surface and supported technologies

Access to all endpoint devices, including desktop PCs, laptops, mobile devices, USB ports, and partially treated disk disks, is included in a physical attack surface. Once an attack has actually gained access to a portable computer, the invader will hunt for digital attack surfaces that have been left unprotected due to bad coding, default security settings, or poorly maintained software that has not been updated or patched.

Inside threats, such as rogue employees, social engineering ploys, and intruders acting as service personnel, might leverage a physical attack surface, particularly in public firms. Credential recovery from negligently abandoned devices, passwords on post-it notes, and actual break-ins are examples of extrinsic risks.

Learn more about attack surface here:https://brainly.com/question/28145956

#SPJ4

Your question is incomplete but probably the full question was:

When selecting a security testing method or tool, the security practitioner needs to consider many different things, such as:

Security roles and responsibility of staff

Local annual frequency estimate (LAFE), and standard annual frequency estimate (SAFE)

Culture of the organization and likelihood of exposure

Attack surface and supported technologies