This paper is being furnished to provide the CIO with a technology evaluation of vulnerability scanning. The information provided will ensure that the CIO has the required information to make the best decision in regards to this technology. This paper provides a brief understanding of vulnerability scanning, its many forms, the types of scanners available, the advantages and disadvantages, and the costs involved.
Introduction
Vulnerability scanning is an automated process that is conducted by an organization’s IT staff to identify any vulnerability that their information systems might possess and used to help “secure your own network” (Bradley). It is also used by hackers that are conducting reconnaissance on an organizations network to find any vulnerability that they might exploit. These next few pages will provide information on vulnerabilities, the many different forms of vulnerability scanning, the different types, pro’s and con’s, and costs.
Vulnerabilities
Vulnerabilities occur when corrupted code or misconfigured hardware are on a network. This is why it is important for an organization to have an effective vulnerability assessment plan that includes regular scans of the network and annual penetration tests. These scans are very important to prevent hackers from “utilizing these flaws to gain access to your machines” (Houghton, 2003). An excellent source of information to get “summaries, technical details, remediation information, and lists of affected vendors” (US-CERT) is the Vulnerability Notes Database. Please view Appendix B for current threats.
What Are The Forms of Vulnerability Scanning?
Just like any other security tool or software available, there are many different forms of vulnerability s...
... middle of paper ...
....infosec.gov.hk/english/technical/files/vulnerability.pdf
Houghton, K. (2003). Vulnerabilities & Vulnerability Scanning. Retrieved from https://www.sans.org/reading-room/whitepapers/threats/vulnerabilities-vulnerability-scanning-1195
NWN Corporation (n.d.). Vulnerability Scanning. Retrieved November 12, 2013, from http://www.nwnstar.com/NWN_STAR/Vulnerability_Scanning.html
Orrill, J. (n.d.). What Is the Difference Between Active & Passive Vulnerability Scanners? | Chron.com. Retrieved from http://smallbusiness.chron.com/difference-between-active-passive-vulnerability-scanners-34805.html
Secure State (n.d.). External Vulnerability Scans. Retrieved November 12, 2013, from http://www.securestate.com/Services/Risk%20Management/Pages/External-Vulnerablity-Scans.aspx
US-CERT (n.d.). Vulnerability Notes. Retrieved November 12, 2013, from http://www.kb.cert.org/vuls/
Commencing penetration tests within the infrastructure of Alexander Rocco Corporation may be a strenuous, yet beneficial process. However, before commencing penetration tests, much planning, strategizing, and research is necessary in order to ensure successful, seamless, and legal operations. Based on information provided by the SANS Institute, an initial meeting should be coordinated between those responsible for conducting the tests, along with the appropriate leadership personnel of the company (source). Within the meeting, the scope of the project should be established, classifying company data appropriately, and determining which components of the company’s infrastructure require penetration testing, which may include Alexander Rocco Corporation’s
This essay answers two questions. Question one is to describe the methods and tools used in scanning and enumerating system and network targets and how one can use the results during the rest of the penetration test. The second question concerns what is the favorite tool that this student learned about in this class, how one uses it and an explanation of why and how it enhances one’s ability to conduct a penetration test.
CVSS, or Common Vulnerability Scoring System, provides a method for assessing and prioritizing previously unknown vulnerabilities in an application’s code that have been identified for IT management to address (Scarfone & Mell, 2007). CCSS, or Common Configuration Scoring System, is based off of using similar metrics to CVSS but is focused on known vulnerabilities based upon decisions regarding security configurations of the program.
It is best to prevent security incidents from occurring in the first place – therefore prevention should be a top priority for the IT staff at CEG. The National Institute of Standards and Technology (NIST) recommends five main categories of incident prevention; risk assessments, host security, network security, malware prevention, and user awareness training (Cichonski P., Grance T., Millar T., & Scarfone K., 2012 p.24). Risks of the various types of possible security incidents should be identified and prioritized based on likelihood and potential harm. Risk assessment should be periodic and ongoing. Host security is achieved by hardening each host on the network. Host hardening includes keeping current on the latest software patches, enabling and monitoring audit logs, and assigning permissions based on a system of least privilege. Network security is primarily concerned with securing the perimeter of the network to prevent unauthorized intrusion. This includes the use of firewalls, intrusion detection systems (IDS), securing VPN, and blocking unnecessary ports. All hosts on the network must run and regularly update malware protection software. And all employees should...
1.) (3 points) The US Computer Emergency Readiness Team (US-CERT) publishes what are called Technical Cyber Security Alerts and Vulnerability Notes and these documents alert users to potential threats to the security of their systems. Select a Technical Security Alert or Vulnerability Note published in the last twelve months that has a network related component to it and research the reported problem and the suggested solution (if one is available.) Analyze and describe the problem, and the solution paying close attention to the network related issues that it raises. We are interested in reading your analysis, and not a cut-and-paste of what is on the website. The listing of recent Technical Security Alerts can be found at: http://www.us-cert.gov/cas/techalerts/ and the listing of Vulnerability Notes is at http://www.kb.cert.org/vuls
For this assignment, I will discuss the evaluation process in assessing and calculating vulnerabilities for one of our nation’s Critical Infrastructures identified, as Defense Industrial Base. A vulnerability assessment is a tool used to evaluate weaknesses of a facility against threats and hazards. Norman describes vulnerability as (Norman, 2010, p.32),” Any condition or factor associated with the selected target that can be exploited to carry out an attack – vulnerabilities may be individuals or systems.” The more vulnerable an asset is, the more it’s deemed attractive, or susceptible to threats. In general, a vulnerability assessment identifies an organizations most critical assets needed to continue its function. They help determine, if functions can be repeated under threat scenarios, or need to be
Network hackers are forever inventing ways to break into the computer systems of organizations. Their aim is to take adventure of the susceptibilities of the system. Hackers remain only limited by the created activity of their minds. Hackers have the time, capability, and experience to infra trace any system. The organization has the responsibility to prevent hackers from infra tracing their system. Organizations remain required to plan for the assaults of hackers. Organization can only be better prepared to defend against hackers, if the organization has taken the necessary action to hinder the hackers’ assaults. There remain various ways in which an organization can prepare to do battle with hackers. The first step to battling hackers is for the organization to have an excellent understanding of its abilities and capabilities. Security analysis systems remain invented to aid organizations in the process of un...
Risk assessment identifies an organizations potential risks and potential threats and by analyzing these threats countermeasures are prepared to respond and eliminate the hazard. In the article by Blanke & McGrady, (2016) the researcher is identifying a checklist of several known risks that most of us are comfortable with until the risks disrupt our services. Risks include any online device such as a portable laptops, tablets, printers, and smart devices, insiders, and physical breaches. In this case healthcare information is proprietary information that must be protected from cyber-attacks and require a robust cyber security risk management framework. The checklist identifies three known vulnerabilities and threats from known healthcare breaches. Risk assessment is analyzing the risk to develop security controls based on the type of risk the organization may encounter i.e. Malware, Ransomware, Spyware and Denial of Service techniques which are some of the most common types of cyber security attacks. Risk Assessment will ensure that all vulnerabilities and threats are assessed when conducting my research.
The term, “penetration testing”, often crosses our minds, but many a times we just let it go thinking of its literal meaning. A little curious folks give it a second thought, for, “what is it?” and “is it really needed?” So we are here to throw a little light on it and its benefits.
Businesses today must manage growing risks to their mission critical networks from attacks such as spyware, rogue wireless LANs, compromised remote/VPN users, DDOS attacks, system misconfigurations, and unpatched OS's, all of which increase the risk of a network breach and interruption to both sales and business operations.
Penetration testing - using tools and processes to scan the network environment for vulnerabilities, [03& T, J.K et al. 2002] there are many different types of vulnerability assessments. Penetration Testing focuses on understanding the vulnerabilities of components that you’ve made available on the network as seen from the perspective of a skilful and determined attacker who has access to that network. It will provide a thorough overview of the ...
Nessus is an efficient, comprehensive vulnerability scanner that provides less false positives than many other tools currently available in th...
Vulnerability is a weakness in a security system. A threat is a set of circumstances that has the potential to cause loss or harm. How do we address the problems of threats and vulnerabilities? We use control as a defensive method. Control is an action, device, procedure, or technique that removes or reduces vulnerability. (Pfleeger & Pfleeger, 2007)It is essential to have adequately qualified IT personnel on the security team to properly monitor the network’s activity log because this log records the activities occurring in an organization’s systems and on its networks.
Companies must ensure that the all data processing equipment like computers, routers and networks are robust and secure to withstand any type of malicious attack.
The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.