Process Monitoring (3.3) Flashcards
NMAP
Network Mapper, find and learn more about network devices
Ports Scan
Find devices and identify open ports
Operating System Scan
Discover the OS without logging into a device
Service Scan
What service is available on the device?
Additional Scripts
NMAP scripting engine (NSE)
Vulnerability Scanning
Usually minimally invasive, poke around and see whats open, identify systems and security devices and you can test from the outside or the inside. They gather as much info as possible.
Vulnerability scan results
- Lack of security controls (no firewall, no anti-virus)
- Misconfigurations (open shares, guest access)
- Real vulnerabilities (especially newer ones, occasionally old ones)
Patch Management
- Incredibly Important for system stability and security fixes
- Service Packs all at once
- Monthly Updates - Incremental
- Emergency out of band updates - Zero day and important security discoveries
Baseline Review
Allows you to understand what normal operation of network might be over time. Any reports that show a change to baseline might require investigation
Protocol Analyzer
- Solves complex application issues (gets into Details)
- Gathers packets on the network
- Allows you to see traffic paters (Identify unknown traffic, verify packet filtering and security controls
- Large Scale Storage