Professional Documents
Culture Documents
Objectives
Define vulnerability assessment and explain why it is important List vulnerability assessment techniques and tools Explain the differences between vulnerability scanning and penetration testing List techniques for mitigating and deterring attacks
Vulnerability Assessment
Systematic evaluation of asset exposure
Attackers Forces of nature Any potentially harmful entity
Common assets
People Physical assets Data Hardware Software
Threat modeling
Goal: understand attackers and their methods Often done by constructing scenarios
Attack tree
Provides visual representation of potential attacks Inverted tree structure
Every asset should be viewed in light of each threat Catalog each vulnerability
Risk assessment
Determine damage resulting from attack Assess likelihood that vulnerability is a risk to organization
10
11
12
13
15
Assessment Techniques
Baseline reporting
Baseline: standard for solid security Compare present state to baseline Note, evaluate, and possibly address differences
16
Challenges to approach
Software application size and complexity Lack of security specifications Future attack techniques unknown
17
Correct bugs during verification phase Create and distribute security updates as necessary
18
19
Assessment Tools
IP addresses uniquely identify each network device TCP/IP communication
Involves information exchange between one systems program and another systems corresponding program
Port number
Unique identifier for applications and services 16 bits in length
20
21
22
23
24
26
27
28
29
30
31
32
Honeynet
Network set up with one or more honeypots
33
34
Penetration Testing
Designed to exploit system weaknesses Relies on testers skill, knowledge, cunning Usually conducted by independent contractor Tests usually conducted outside the security perimeter
May even disrupt network operations
35
36
37
38
39
40
Configuring Controls
Properly configuring controls is key to mitigating and deterring attacks Some controls are for detection
Security camera
41
Fail-open lock unlocks doors automatically upon failure Fail-safe lock automatically locks
Highest security level
42
Hardening
Purpose of hardening
Eliminate as many security risks as possible
43
Reporting
Providing information regarding events that occur Alarms or alerts
Sound warning if specific situation is occurring Example: alert if too many failed password attempts
44