This paper is being furnished to provide the CIO with a technology evaluation of vulnerability scanning. The information provided will ensure that the CIO has the required information to make the best decision in regards to this technology. This paper provides a brief understanding of vulnerability scanning, its many forms, the types of scanners available, the advantages and disadvantages, and the costs involved.
Introduction
Vulnerability scanning is an automated process that is conducted by an organization’s IT staff to identify any vulnerability that their information systems might possess and used to help “secure your own network” (Bradley). It is also used by hackers that are conducting reconnaissance on an organizations network to find any vulnerability that they might exploit. These next few pages will provide information on vulnerabilities, the many different forms of vulnerability scanning, the different types, pro’s and con’s, and costs.
Vulnerabilities
Vulnerabilities occur when corrupted code or misconfigured hardware are on a network. This is why it is important for an organization to have an effective vulnerability assessment plan that includes regular scans of the network and annual penetration tests. These scans are very important to prevent hackers from “utilizing these flaws to gain access to your machines” (Houghton, 2003). An excellent source of information to get “summaries, technical details, remediation information, and lists of affected vendors” (US-CERT) is the Vulnerability Notes Database. Please view Appendix B for current threats.
What Are The Forms of Vulnerability Scanning?
Just like any other security tool or software available, there are many different forms of vulnerability s...
... middle of paper ...
....infosec.gov.hk/english/technical/files/vulnerability.pdf
Houghton, K. (2003). Vulnerabilities & Vulnerability Scanning. Retrieved from https://www.sans.org/reading-room/whitepapers/threats/vulnerabilities-vulnerability-scanning-1195
NWN Corporation (n.d.). Vulnerability Scanning. Retrieved November 12, 2013, from http://www.nwnstar.com/NWN_STAR/Vulnerability_Scanning.html
Orrill, J. (n.d.). What Is the Difference Between Active & Passive Vulnerability Scanners? | Chron.com. Retrieved from http://smallbusiness.chron.com/difference-between-active-passive-vulnerability-scanners-34805.html
Secure State (n.d.). External Vulnerability Scans. Retrieved November 12, 2013, from http://www.securestate.com/Services/Risk%20Management/Pages/External-Vulnerablity-Scans.aspx
US-CERT (n.d.). Vulnerability Notes. Retrieved November 12, 2013, from http://www.kb.cert.org/vuls/
Commencing penetration tests within the infrastructure of Alexander Rocco Corporation may be a strenuous, yet beneficial process. However, before commencing penetration tests, much planning, strategizing, and research is necessary in order to ensure successful, seamless, and legal operations. Based on information provided by the SANS Institute, an initial meeting should be coordinated between those responsible for conducting the tests, along with the appropriate leadership personnel of the company (source). Within the meeting, the scope of the project should be established, classifying company data appropriately, and determining which components of the company’s infrastructure require penetration testing, which may include Alexander Rocco Corporation’s
This project must meet the requirements of DoD security policies and standards for delivery of the technology services. The first requirement we are to discuss is Federal Information Security Management Act (FISMA) which is a United States legislation that defines a comprehensive framework to protect government information, operations and assets against natural or man-made threats. FISMA assigned the National Institute of Standards and Technology (NIST), the responsibility of defining standards and security procedures to be followed and must be complied. There are nine processes NIST outlines to be in compliance with FISMA:
There is constant concern about different kinds of devices and tools because of their vulnerability: laptops; personal computers in the home; libraries and public workstations; USB Flash Drives and email, to name a few. These items are easily accessible for those attempting to breach security.... ... middle of paper ... ...
This essay answers two questions. Question one is to describe the methods and tools used in scanning and enumerating system and network targets and how one can use the results during the rest of the penetration test. The second question concerns what is the favorite tool that this student learned about in this class, how one uses it and an explanation of why and how it enhances one’s ability to conduct a penetration test.
CVSS, or Common Vulnerability Scoring System, provides a method for assessing and prioritizing previously unknown vulnerabilities in an application’s code that have been identified for IT management to address (Scarfone & Mell, 2007). CCSS, or Common Configuration Scoring System, is based off of using similar metrics to CVSS but is focused on known vulnerabilities based upon decisions regarding security configurations of the program.
1.) (3 points) The US Computer Emergency Readiness Team (US-CERT) publishes what are called Technical Cyber Security Alerts and Vulnerability Notes and these documents alert users to potential threats to the security of their systems. Select a Technical Security Alert or Vulnerability Note published in the last twelve months that has a network related component to it and research the reported problem and the suggested solution (if one is available.) Analyze and describe the problem, and the solution paying close attention to the network related issues that it raises. We are interested in reading your analysis, and not a cut-and-paste of what is on the website. The listing of recent Technical Security Alerts can be found at: http://www.us-cert.gov/cas/techalerts/ and the listing of Vulnerability Notes is at http://www.kb.cert.org/vuls
Security helps the organization meet its business objectives or mission by protecting its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets through the selection and application of appropriate safeguards. Businesses should establish roles and responsibilities of all personnel and staff members. However, a Chief Information Officer should be appointed to direct an organization’s day to day management of information assets. Supporting roles are performed by the service providers and include systems operations, whose personnel design and operate the computer systems. Each team member must be held accountable in ensuring all of the rules and policies are being followed, as well as, understanding their roles, responsibilities and functions. Organizations information processing systems are vulnerable to many threats that can inflict various types of damage that can result in significant losses (Harris, 2014). Losses can come from actions from trusted employees that defraud the system, outside hackers, or from careless data entry. The major threat to information protection is error and omissions that data entry personnel, users, system operators and programmers make. To better protect business information resources, organizations should conduct a risk analysis to see what
For this assignment, I will discuss the evaluation process in assessing and calculating vulnerabilities for one of our nation’s Critical Infrastructures identified, as Defense Industrial Base. A vulnerability assessment is a tool used to evaluate weaknesses of a facility against threats and hazards. Norman describes vulnerability as (Norman, 2010, p.32),” Any condition or factor associated with the selected target that can be exploited to carry out an attack – vulnerabilities may be individuals or systems.” The more vulnerable an asset is, the more it’s deemed attractive, or susceptible to threats. In general, a vulnerability assessment identifies an organizations most critical assets needed to continue its function. They help determine, if functions can be repeated under threat scenarios, or need to be
The term, “penetration testing”, often crosses our minds, but many a times we just let it go thinking of its literal meaning. A little curious folks give it a second thought, for, “what is it?” and “is it really needed?” So we are here to throw a little light on it and its benefits.
Penetration testing - using tools and processes to scan the network environment for vulnerabilities, [03& T, J.K et al. 2002] there are many different types of vulnerability assessments. Penetration Testing focuses on understanding the vulnerabilities of components that you’ve made available on the network as seen from the perspective of a skilful and determined attacker who has access to that network. It will provide a thorough overview of the ...
Nessus is an efficient, comprehensive vulnerability scanner that provides less false positives than many other tools currently available in th...
Risk assessment identifies an organizations potential risks and potential threats and by analyzing these threats countermeasures are prepared to respond and eliminate the hazard. In the article by Blanke & McGrady, (2016) the researcher is identifying a checklist of several known risks that most of us are comfortable with until the risks disrupt our services. Risks include any online device such as a portable laptops, tablets, printers, and smart devices, insiders, and physical breaches. In this case healthcare information is proprietary information that must be protected from cyber-attacks and require a robust cyber security risk management framework. The checklist identifies three known vulnerabilities and threats from known healthcare breaches. Risk assessment is analyzing the risk to develop security controls based on the type of risk the organization may encounter i.e. Malware, Ransomware, Spyware and Denial of Service techniques which are some of the most common types of cyber security attacks. Risk Assessment will ensure that all vulnerabilities and threats are assessed when conducting my research.
Vulnerability is a weakness in a security system. A threat is a set of circumstances that has the potential to cause loss or harm. How do we address the problems of threats and vulnerabilities? We use control as a defensive method. Control is an action, device, procedure, or technique that removes or reduces vulnerability. (Pfleeger & Pfleeger, 2007)It is essential to have adequately qualified IT personnel on the security team to properly monitor the network’s activity log because this log records the activities occurring in an organization’s systems and on its networks.
Companies must ensure that the all data processing equipment like computers, routers and networks are robust and secure to withstand any type of malicious attack.
The first thing that we must consider about Information Security is that there is not a final destination at which we can arrive. IT Security is an ongoing set of processes and activities that requires attention and expertise on a daily basis. It is important to understand that systems are not secured by themselves and it is our responsibility to maintain and improve them periodically as required. It is of vital importance to establish the appropriate mechanisms and requirements in order to support the company’s CIA triad. The following report will provide you guidance about auditing and hardening techniques applied though the 7 Domains by utilizing IT Security Best Practices.