Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Slides:



Advertisements
Similar presentations
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Advertisements

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Is There a Security Problem in Computing? Network Security / G. Steffen1.
Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
System Security Scanning and Discovery Chapter 14.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
9-Performing Vulnerability Assessments Dr. John P. Abraham Professor UTPA.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Introducing Computer and Network Security
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Examining IP Header Fields
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Computer Security and Penetration Testing
SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.
Operating System Security Chapter 9. Operating System Security Terms and Concepts An operating system manages and controls access to hardware components.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 5 Network Defenses.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Security+ Guide to Network Security Fundamentals, Fourth Edition
Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.
Chapter 4: Security Baselines Security+ Guide to Network Security Fundamentals Second Edition.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Using Windows Firewall and Windows Defender
Cryptography and Network Security
 Prototype for Course on Web Security ETEC 550.  Huge topic covering both system/network architecture and programming techniques.  Identified lack.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 4 Finding Network Vulnerabilities By Whitman, Mattord, & Austin© 2008 Course Technology.
Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.
Introducing Computer and Network Security. Computer Security Basics What is computer security? –Answer depends on the perspective of the person you’re.
--Harish Reddy Vemula Distributed Denial of Service.
SNORT Feed the Pig Vicki Insixiengmay Jon Krieger.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.
Linux Networking and Security
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
Engineering Essential Characteristics Security Engineering Process Overview.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
CHAPTER 9 Sniffing.
.  Define risk and risk management  Describe the components of risk management  List and describe vulnerability scanning tools  Define penetration.
1 HoneyNets. 2 Introduction Definition of a Honeynet Concept of Data Capture and Data Control Generation I vs. Generation II Honeynets Description of.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Intrusion Detection Reuven, Dan A. Wei, Li Patel, Rinku H.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
Chapter 11: Policies and Procedures Security+ Guide to Network Security Fundamentals Second Edition.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Chap1: Is there a Security Problem in Computing?.
Policies and Procedures Security+ Guide to Network Security Fundamentals Chapter 11.
Introduction to Security Dr. John P. Abraham Professor UTPA.
Carrie Estes Collin Donaldson.  Zero day attacks  “zero day”  Web application attacks  Signing up for a class  Hardening the web server  Enhancing.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Chapter 14.  Upon completion of this chapter, you should be able to:  Identify different types of Intrusion Detection Systems and Prevention Systems.
Unit 2: Cyber Security Part 3 Monitoring Tools & other Security Products.
© SYBEX Inc All Rights Reserved. CompTIA Security+ Study Guide (SY0-201) “Chapter 2: Identifying Potential Risks”
Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.
Information Systems Security
CS457 Introduction to Information Security Systems
CompTIA Security+ Study Guide (SY0-401)
Chapter 4: Security Baselines
Firewalls.
Security in Networking
CompTIA Security+ Study Guide (SY0-401)
CIS 333 Competitive Success/snaptutorial.com
CIS 333Competitive Success/tutorialrank.com
CIS 333 RANK Education for Service-- cis333rank.com.
Presentation transcript:

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments

Security+ Guide to Network Security Fundamentals, Third Edition Objectives Define risk and risk management Describe the components of risk management List and describe vulnerability scanning tools Define penetration testing 2

Security+ Guide to Network Security Fundamentals, Third Edition Risk Management, Assessment, and Mitigation One of the most important assets any organization possesses is its ___________ Unfortunately, the importance of data is generally __________________________ The first steps in data protection actually begin with ____________________________ ______________________________ 3

Security+ Guide to Network Security Fundamentals, Third Edition What Is Risk? In information security, a ________ is the likelihood that a ________________ will ___________________________ More generally, a risk can be defined as an ______________________________ Risk generally denotes a potential ________ ________________ to an asset 4

Security+ Guide to Network Security Fundamentals, Third Edition Definition of Risk Management Realistically, risk ____________ ever be entirely eliminated  Would cost too much or take too long Rather, some degree of risk must always be assumed ____________________________  A _________________________________ to managing the ______________________ that is related to a threat 5

Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management Five Steps: 1. Asset Identification 2. Threat Identification 3. Vulnerability Appraisal 4. Risk Assessment 5. Risk Mitigation More to come on these… 6

Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management 1. The first step in risk management is ________________________________  Determine the assets that _____________________  Involves the process of _________________________ these items Types of assets:  Data  Hardware  Personnel  Physical assets  Software 7

Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) Along with the assets, the _________ of the assets need to be ___________ (example on following slide…) Important to determine each item’s ______________ Factors that should be considered in determining the relative value are:  How _________________ to the goals of the organization?  How difficult would it be to replace it?  How much does it ________________________?  How much _______________ does it generate? 8

Security+ Guide to Network Security Fundamentals, Third Edition9

Steps in Risk Management (continued) Factors that should be considered in determining the relative value are: (continued)  How quickly can it be replaced?  What is the ____________________?  What is the _____________ to the organization if this ____________________?  What is the security implication if this asset is unavailable? 10

Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) 2. Next step in risk management is _______________  Determine the threats from threat agents ______________________  Any _______________ with the power to ______________ against an asset (examples on following slide…) Threat __________________  Constructs _________________ of the types of threats that assets can face  Helps to understand who the attackers are, why they attack, and what types of attacks might occur 11

Security+ Guide to Network Security Fundamentals, Third Edition12

Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) __________________________  Provides a __________________ of the attacks that may occur against an asset 13

Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) 14

Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) 3. Next step in risk management is ______________ ___________________________  Takes a snapshot of the _______________________ as it now stands Every asset must be viewed in light of each threat Determining vulnerabilities often depends upon the background and experience of the assessor  A ________________________ is better for determining vulnerabilities vs. just a single person 4. Next step in risk management is _______________  Involves determining the ______________________ from an attack and the ____________ that the _____________ ____________________ to the organization 15

Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) ________________________ can be helpful in determining the impact of a vulnerability Two formulas are commonly used to calculate expected losses  Single Loss Expectancy (___________) The expected _______________________________  Annualized Loss Expectancy (_________) The expected ________________ that can be expected for an asset due to a risk _______________________ 16

Security+ Guide to Network Security Fundamentals, Third Edition17

Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) 5. Last step in risk management is ______________________________  Must ask oneself what can we do about the risks? Options when confronted with a risk:  ____________ the risk 18

Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management- Summary 19

Security+ Guide to Network Security Fundamentals, Third Edition Identifying Vulnerabilities Identifying vulnerabilities through a __________________________  Determines the _____________________ that could expose assets to threats Two categories of software and hardware tools  Vulnerability scanning  Penetration testing 20

Security+ Guide to Network Security Fundamentals, Third Edition Vulnerability Scanning ___________________ is typically used by an organization to ___________________ ____________________  need to be addressed in order to ___________ _________________________ Tools include port scanners, network mappers, protocol analyzers, vulnerability scanners, the Open Vulnerability and Assessment Language, and password crackers 21

Port Scanners Internet protocol (IP) addresses  The primary form of address identification on a TCP/IP network  Used to uniquely identify each network device ___________________  TCP/IP uses a numeric value as an __________ ____________________________________ Each datagram (packet) contains not only the source and destination IP addresses  But also the source port and destination port Security+ Guide to Network Security Fundamentals22

Security+ Guide to Network Security Fundamentals, Third Edition23 Port Scanners (continued)

Security+ Guide to Network Security Fundamentals, Third Edition Port Scanners (continued) If an attacker knows a specific port is used, that _____________________________ ___________________  Used to ______________________________ that could be used in an attack  __________________________ to know what applications are running and could be exploited Three port states:  Open, closed, and blocked 24

Security+ Guide to Network Security Fundamentals, Third Edition25

Security+ Guide to Network Security Fundamentals, Third Edition26

Security+ Guide to Network Security Fundamentals, Third Edition Network Mappers ______________________  Software tools that can __________________ _________________________ Most network mappers utilize the TCP/IP protocol ___________________  Uses _____________ Internet Control Message Protocol (ICMP)  Provides support to IP in the form of ICMP messages that allow different types of communication to occur between IP devices 27

Security+ Guide to Network Security Fundamentals, Third Edition Network Mappers (continued) Can be used by Network Admins to ___________________________________ attached to the network Can be used by __________ to discover what ______________________ for attempted attack 28

Security+ Guide to Network Security Fundamentals, Third Edition Protocol Analyzers _________________ (also called a _______)  ______________________ to decode and __________________ its contents  Can fully decode application-layer network protocols Common uses include:  ______________________  Network _____________________  _______________________ 29

Security+ Guide to Network Security Fundamentals, Third Edition30

Security+ Guide to Network Security Fundamentals, Third Edition Vulnerability Scanners ______________________  A generic term that refers to a range of products that ________________ in networks or systems  Intended to ________________________ and _______________________ to these problems Most vulnerability scanners maintain a database that categorizes and describes the vulnerabilities that it can detect Other types of vulnerability scanners __________________________________ __________________________________ 31

Security+ Guide to Network Security Fundamentals, Third Edition32

Security+ Guide to Network Security Fundamentals, Third Edition Open Vulnerability and Assessment Language (OVAL) Open Vulnerability and Assessment Language (__________)  Designed to promote ___________________ _____________________________  ____________ the transfer of information across ____________________________  A “____________________” for the exchange of information regarding security vulnerabilities These vulnerabilities are identified using industry- standard tools 33

Security+ Guide to Network Security Fundamentals, Third Edition Open Vulnerability and Assessment Language (OVAL) (continued) OVAL vulnerability definitions are recorded in Extensible Markup Language (XML)  __________________________________ Structured Query Language (SQL) OVAL supports Windows, Linux, and UNIX platforms 34

Security+ Guide to Network Security Fundamentals, Third Edition Open Vulnerability and Assessment Language (OVAL) (continued) 35

Security+ Guide to Network Security Fundamentals, Third Edition Password Crackers Password- RECALL…  A secret combination of letters and numbers that only the user knows Because passwords are common yet provide weak security, they are a _________________________ Password cracker programs…  Use the file of ____________________ and then attempts to break the hashed passwords _______________ The most common offline password cracker programs are based on _____________ attacks or ________________________ 36

Security+ Guide to Network Security Fundamentals, Third Edition37

Security+ Guide to Network Security Fundamentals, Third Edition Password Crackers (continued) ______________________  A defense against password cracker programs for UNIX and Linux systems A shadow password mechanism _________ _______________, the “shadow” password file  This shadow file can ___________________ ___________________ and contains only the hashed passwords 38

Security+ Guide to Network Security Fundamentals, Third Edition Penetration Testing ______________________  Method of _____________________________ ________________________ By _______________ instead of just scanning for vulnerabilities  Involves a more _______________ of a system for vulnerabilities One of the first tools that was widely used for penetration testing as well as by attackers was ______________ Security Administrator Tool for Analyzing Networks 39

Security+ Guide to Network Security Fundamentals, Third Edition Penetration Testing (continued) SATAN could __________________________ by performing penetration testing  Tests determine the ________________________ and what vulnerabilities may still have existed SATAN would:  Recognize several common networking-related security problems  Report the problems _________________________  Offer a tutorial that explained the problem, what its impact could be, and how to resolve the problem 40

Security+ Guide to Network Security Fundamentals, Third Edition Summary In information security, a risk is the likelihood that a threat agent will exploit a vulnerability A risk management study generally involves five specific tasks Vulnerability scanning is typically used by an organization to identify weaknesses in the system that need to be addressed in order to increase the level of security Vulnerability scanners for organizations are intended to identify vulnerabilities and alert network administrators to these problems 41

Security+ Guide to Network Security Fundamentals, Third Edition Summary (continued) More rigorous than vulnerability scanning, penetration testing is a method of evaluating the security of a computer system or network by simulating an attack by a malicious hacker instead of only scanning for vulnerabilities 42

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.