Chapter 13 - Vulnerability Assessment And Data Security Flashcards
Vulnerability assessment
A systematic and methodical evaluation of the security posture of the enterprise.
5 parts of vulnerability assessment
1) asset identification
2) threat evaluation
3) vulnerability appraisal
4) risk assessment
5) risk mitigation
Asset identification
Inventory the assets.
Determine the assets relative value.
Threat evaluation
Classify threats by category.
Design attack tree.
Vulnerability appraisal
Determine current weaknesses in protecting assets.
Use vulnerability assessment tools.
Risk assessment
Estimate impact of vulnerability on organization.
Calculate risk likelihood and impact of the risk.
Risk mitigation
Decide what to do with the risk.
Protocol analyzer
Hardware or software that captures packets to decode and analyze their contents. Ex. Wireshark
Vulnerability scanner
Generic term for a range of products that look for vulnerabilities in networks or systems.
Active scanner
A vulnerability scanner that sends “probes” to network devices and examines the responses received back to evaluate whether a specific device needs remediation.
Passive scanner
A vulnerability scanner that can identify the current software operating systems and applications being used on the network, and indicate which devices might have a vulnerability.
Honeypot
A computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, but are actually imitations of real data files, to trick attackers into revealing their attack techniques.
Honeynet
A network set up with intentional vulnerabilities to invite attacks and reveal attackers’ methods.
Banner grabbing
Gathering information from messages that a service transmits when another program connects to it.
Wireless cracker
Hardware or software that tests the security of a wireless LAN system by attempting to break its protections of Wi-Fi Protected Access (WPA) or WPA2
