SlideShare une entreprise Scribd logo

PACE-IT, Security+3.7: Overview of Security Assessment Tools

Télécharger en tant que PPTX, PDF
Pace IT at Edmonds Community College
Pace IT at Edmonds Community College

CompTIA exam study guide presentations by instructor Brian Ferrill, PACE-IT (Progressive, Accelerated Certifications for Employment in Information Technology)

Formation
1  sur  14
Overview of security assessment tools.
Page 2 Instructor, PACE-IT Program – Edmonds Community College Areas of Expertise Industry Certifications  PC Hardware  Network Administration  IT Project Management  Network Design  User Training  IT Troubleshooting Qualifications Summary Education  M.B.A., IT Management, Western Governor’s University  B.S., IT Security, Western Governor’s University Entrepreneur, executive leader, and proven manger with 10+ years of experience turning complex issues into efficient and effective solutions. Strengths include developing and mentoring diverse workforces, improving processes, analyzing business needs and creating the solutions required— with a focus on technology.
Page 3 PACE-IT. – Types of security assessments. – Assessment tools.
Page 4 Overview of security assessment tools.
Page 5 Security assessments are a necessity, but they will not do any good if the results are misinterpreted. It is vital that the personnel conducting the security assessments understand how to do them properly (e.g., using the correct tool for the correct job) or the results may not be accurate. This could lead to an unknown weakness in the security of an organization. Just as important as using the proper tools, is properly interpreting the results. A misinterpretation of the results can lead to an incorrect conclusion on the security posture of the organization. Because of this, it is crucial that security assessments be conducted with the correct tools and that the results be properly interpreted. Overview of security assessment tools.
Page 6 Overview of security assessment tools. – Assessment types. » Risk assessments or risk analysis: identifying all risks to all assets within an organization and determining how those threats will be treated. • The usual steps include: identifying assets, identifying threats against assets, prioritizing the threats, and determining how threats will be treated (handled). » Threat assessments: identifying the individual threats to individual assets within an organization. They are conducted as part of the risk assessment process. • Assets may have more than one threat present. » Vulnerability assessments: the process of identifying any weaknesses that may be present in the configuration of computing systems, network appliances, and networks. • Most vulnerability assessments are conducted automatically using special software tools called vulnerability scanners. • Most vulnerability scanners take a passive approach to the assessment; they are not attacking the system, only trying to identify possible weaknesses in the configuration.
Page 7 Overview of security assessment tools. – Assessment techniques. » Baseline reporting: using a baseline—how the system operates under normal conditions—after an incident has occurred to help determine what may be causing system issues. » Code review: having a security tester review and analyze application code developed by in-house programmers before deploying an application. » Attack surface review: having a security expert review all of the software and services (the attack surfaces) that are running on any system. • The goal is to remove any unnecessary software or services to reduce the attack surfaces that are present. » Architecture review: a review of the underlying structure (architecture) to ensure that all applications and services operate in the correct manner (e.g., determining that an application does not have access to kernel code). » Design review: a careful review of systems and solutions from a security point of view. • Should be done before implementation—secure by design. • Should be conducted after implementation—to ensure that what was requested (designed) was actually implemented.
Page 8 Overview of security assessment tools.
Page 9 Overview of security assessment tools. – Protocol analyzer (packet sniffer). » A tool that will passively collect information that is traversing the network. It can be used to determine what systems and processes are in operation. • One goal, when used for security purposes, is to determine if sensitive information is being transmitted in clear text. – Port scanner. » A tool that will actively scan the network for the status of ports. • One goal, when used for security purposes, is to determine if any vulnerable ports are open (easy to exploit), so they can be closed. – Vulnerability scanner. » A tool that is similar to the port scanner, but is actively searching the system for known vulnerabilities. » It will not only check for open ports, but it will also verify configurations and patch levels. • It checks the scan results against a database of known vulnerabilities.
Page 10 Overview of security assessment tools. – Banner grabbing. » Often used in conjunction with a port scan or vulnerability scan type assessment. • When used with either the port or vulnerability scan, it will return what software (and which version of it) is operating on the open port. • The information returned can be used to determine if the open port truly represents a security issue. – Honeypots and honeynets. » A computing system or network established with the sole purpose of attracting any hackers who breach the network. • They have a high level of auditing in place in order to help determine how the hacker entered the system and any actions that the hacker engaged in while in the system. • The actual assessment of the results of hacked honeypots/honeynets is used to further harden the legitimate system.
Page 11 Some assessment tools are passive and some are active. It is important to know which are which. Passive assessment tools are used to collect information on the network (or system) but do not actually attempt to exploit any weaknesses. Active assessment tools do the same thing, but then probe the vulnerabilities to actively determine if they can be exploited. Using an active assessment tool without explicit permission from the organization being examined can lead to being prosecuted. Active assessments are, in actuality, a form of hacking—which, of course, is an illegal activity. Overview of security assessment tools.
Page 12 Overview of security assessment tools. When conducting a security assessment, it is vital that security experts understand what type of assessment to conduct and how to interpret the results, or the assessment may not be valid. The different types of security assessments include: risk, threat, and vulnerability assessments. Assessment techniques include: baseline reporting, code review, attack surface review, architecture review, and design review. Topic Types of security assessments. Summary There are different tools available to security experts that can be used when conducting a security assessment. Some of those tools include: packet analyzers, port scanners, vulnerability scanners, banner grabbing applications, and honeypots and honeynets. It is important to know the difference between passive and active assessment tools. Using an active assessment tool without proper authorization could lead to the security expert being prosecuted. Assessment tools.
Page 13 THANK YOU!
This workforce solution was 100 percent funded by a $3 million grant awarded by the U.S. Department of Labor's Employment and Training Administration. The solution was created by the grantee and does not necessarily reflect the official position of the U.S. Department of Labor. The Department of Labor makes no guarantees, warranties, or assurances of any kind, express or implied, with respect to such information, including any information on linked sites and including, but not limited to, accuracy of the information or its completeness, timeliness, usefulness, adequacy, continued availability or ownership. Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53. PACE-IT is an equal opportunity employer/program and auxiliary aids and services are available upon request to individuals with disabilities. For those that are hearing impaired, a video phone is available at the Services for Students with Disabilities (SSD) office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call 425.354.3113 on a video phone for more information about the PACE-IT program. For any additional special accommodations needed, call the SSD office at 425.640.1814. Edmonds Community College does not discriminate on the basis of race; color; religion; national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran status; or genetic information in its programs and activities.

Recommandé

Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
Dilum Bandara
 
PACE-IT, Security+3.4: Summary of Wireless Attacks
PACE-IT, Security+3.4: Summary of Wireless AttacksPACE-IT, Security+3.4: Summary of Wireless Attacks
PACE-IT, Security+3.4: Summary of Wireless Attacks
Pace IT at Edmonds Community College
 
PACE-IT, Security+2.7: Physical Security and Enviornmental Controls
PACE-IT, Security+2.7: Physical Security and Enviornmental ControlsPACE-IT, Security+2.7: Physical Security and Enviornmental Controls
PACE-IT, Security+2.7: Physical Security and Enviornmental Controls
Pace IT at Edmonds Community College
 
Network Security Architecture
Network Security Architecture Network Security Architecture
Network Security Architecture
InnoTech
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
primeteacher32
 
Nessus Software
Nessus SoftwareNessus Software
Nessus Software
Megha Sahu
 
Key management
Key managementKey management
Key management
Sujata Regoti
 
Network forensics1
Network forensics1Network forensics1
Network forensics1
Santosh Khadsare
 

Recommandé

Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
Dilum Bandara
 
PACE-IT, Security+3.4: Summary of Wireless Attacks
PACE-IT, Security+3.4: Summary of Wireless AttacksPACE-IT, Security+3.4: Summary of Wireless Attacks
PACE-IT, Security+3.4: Summary of Wireless Attacks
Pace IT at Edmonds Community College
 
PACE-IT, Security+2.7: Physical Security and Enviornmental Controls
PACE-IT, Security+2.7: Physical Security and Enviornmental ControlsPACE-IT, Security+2.7: Physical Security and Enviornmental Controls
PACE-IT, Security+2.7: Physical Security and Enviornmental Controls
Pace IT at Edmonds Community College
 
Network Security Architecture
Network Security Architecture Network Security Architecture
Network Security Architecture
InnoTech
 
Network Forensics
Network ForensicsNetwork Forensics
Network Forensics
primeteacher32
 
Nessus Software
Nessus SoftwareNessus Software
Nessus Software
Megha Sahu
 
Key management
Key managementKey management
Key management
Sujata Regoti
 
Network forensics1
Network forensics1Network forensics1
Network forensics1
Santosh Khadsare
 
firewall and its types
firewall and its typesfirewall and its types
firewall and its types
Mohammed Maajidh
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing
RomSoft SRL
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasures
karanwayne
 
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
Priyanka Aash
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
BharathiKrishna6
 
Host-based Security
Host-based SecurityHost-based Security
Host-based Security
secdevmel
 
Domain 6 - Security Assessment and Testing
Domain 6 - Security Assessment and TestingDomain 6 - Security Assessment and Testing
Domain 6 - Security Assessment and Testing
Maganathin Veeraragaloo
 
Best!
Best!Best!
Best!
gofortution
 
Security
SecuritySecurity
Security
Rupesh Mishra
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases
Nasir Bhutta
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
Amine SAIGHI
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Umesh Dhital
 
Malicious traffic
Malicious trafficMalicious traffic
Malicious traffic
Ishraq Al Fataftah
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques
أحلام انصارى
 
Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...
Edureka!
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
Suvrat Jain
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
Mohammed Adam
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
Piyush Jain
 
Security Threats at OSI layers
Security Threats at OSI layersSecurity Threats at OSI layers
Security Threats at OSI layers
Department of Computer Science
 
Offensive OSINT
Offensive OSINTOffensive OSINT
Offensive OSINT
Christian Martorella
 
PACE-IT, Security+3.8: Vulnerability Scanning vs Pen Testing
PACE-IT, Security+3.8: Vulnerability Scanning vs Pen TestingPACE-IT, Security+3.8: Vulnerability Scanning vs Pen Testing
PACE-IT, Security+3.8: Vulnerability Scanning vs Pen Testing
Pace IT at Edmonds Community College
 
PACE-IT, Security+3.6: Security Enhancement Techniques
PACE-IT, Security+3.6: Security Enhancement TechniquesPACE-IT, Security+3.6: Security Enhancement Techniques
PACE-IT, Security+3.6: Security Enhancement Techniques
Pace IT at Edmonds Community College
 

Contenu connexe

Tendances

Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Umesh Dhital
 

Tendances (20)

firewall and its types
firewall and its typesfirewall and its types
firewall and its types
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing
 
Network Attacks and Countermeasures
Network Attacks and CountermeasuresNetwork Attacks and Countermeasures
Network Attacks and Countermeasures
 
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
 
Network security - OSI Security Architecture
Network security - OSI Security ArchitectureNetwork security - OSI Security Architecture
Network security - OSI Security Architecture
 
Host-based Security
Host-based SecurityHost-based Security
Host-based Security
 
Domain 6 - Security Assessment and Testing
Domain 6 - Security Assessment and TestingDomain 6 - Security Assessment and Testing
Domain 6 - Security Assessment and Testing
 
Best!
Best!Best!
Best!
 
Security
SecuritySecurity
Security
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Malicious traffic
Malicious trafficMalicious traffic
Malicious traffic
 
Password craking techniques
Password craking techniques Password craking techniques
Password craking techniques
 
Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...Network Security Tutorial | Introduction to Network Security | Network Securi...
Network Security Tutorial | Introduction to Network Security | Network Securi...
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
 
Security Threats at OSI layers
Security Threats at OSI layersSecurity Threats at OSI layers
Security Threats at OSI layers
 
Offensive OSINT
Offensive OSINTOffensive OSINT
Offensive OSINT
 

Similaire à PACE-IT, Security+3.7: Overview of Security Assessment Tools

17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
abhichowdary16
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise Infilteration
Shritam Bhowmick
 
Risk Assessment: Approach to enhance Network Security
Risk Assessment: Approach to enhance Network SecurityRisk Assessment: Approach to enhance Network Security
Risk Assessment: Approach to enhance Network Security
IJCSIS Research Publications
 

Similaire à PACE-IT, Security+3.7: Overview of Security Assessment Tools (20)

PACE-IT, Security+3.8: Vulnerability Scanning vs Pen Testing
PACE-IT, Security+3.8: Vulnerability Scanning vs Pen TestingPACE-IT, Security+3.8: Vulnerability Scanning vs Pen Testing
PACE-IT, Security+3.8: Vulnerability Scanning vs Pen Testing
 
PACE-IT, Security+3.6: Security Enhancement Techniques
PACE-IT, Security+3.6: Security Enhancement TechniquesPACE-IT, Security+3.6: Security Enhancement Techniques
PACE-IT, Security+3.6: Security Enhancement Techniques
 
Phi 235 social media security users guide presentation
Phi 235 social media security users guide presentationPhi 235 social media security users guide presentation
Phi 235 social media security users guide presentation
 
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
17-MOD 6 Conducting Security Audits & MOD 7 Information Security Audit Prepar...
 
(VAPT) Vulnerability Assessment And Penetration Testing
(VAPT) Vulnerability Assessment And Penetration Testing(VAPT) Vulnerability Assessment And Penetration Testing
(VAPT) Vulnerability Assessment And Penetration Testing
 
Best Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxBest Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docx
 
Backtrack manual Part1
Backtrack manual Part1Backtrack manual Part1
Backtrack manual Part1
 
Demystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
Demystifying Penetration Testing: A Comprehensive Guide for Security EnhancementDemystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
Demystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
 
New Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise InfilterationNew Age Red Teaming - Enterprise Infilteration
New Age Red Teaming - Enterprise Infilteration
 
Risk Assessment: Approach to enhance Network Security
Risk Assessment: Approach to enhance Network SecurityRisk Assessment: Approach to enhance Network Security
Risk Assessment: Approach to enhance Network Security
 
Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016
 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
 
Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3
 
PACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and TechniquesPACE-IT, Security+ 4.1: Application Security Controls and Techniques
PACE-IT, Security+ 4.1: Application Security Controls and Techniques
 
SDET UNIT 5.pptx
SDET UNIT 5.pptxSDET UNIT 5.pptx
SDET UNIT 5.pptx
 
Security operations center 5 security controls
Security operations center 5 security controls Security operations center 5 security controls
Security operations center 5 security controls
 
Vapt life cycle
Vapt life cycleVapt life cycle
Vapt life cycle
 
Phases of Penetration Testing
Phases of Penetration TestingPhases of Penetration Testing
Phases of Penetration Testing
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 
The 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan KochThe 5 Layers of Security Testing by Alan Koch
The 5 Layers of Security Testing by Alan Koch
 

Plus de Pace IT at Edmonds Community College

Plus de Pace IT at Edmonds Community College (20)

PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 2)
 
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
PACE-IT, Security+ 6.3: Introduction to Public Key Infrastructure (part 1)
 
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 2)
 
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
PACE-IT, Security+ 6.2: Cryptographic Methods (part 1)
 
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 1)
 
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)
PACE-IT, Security+ 6.1: Introduction to Cryptography (part 2)
 
PACE-IT, Security + 5.3: Security Controls for Account Management
PACE-IT, Security + 5.3: Security Controls for Account ManagementPACE-IT, Security + 5.3: Security Controls for Account Management
PACE-IT, Security + 5.3: Security Controls for Account Management
 
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 2)
 
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)
PACE-IT, Security + 5.2: Authentication and Authorization Basics (part 1)
 
PACE-IT, Security + 5.1: Summary of Authentication Services
PACE-IT, Security + 5.1: Summary of Authentication ServicesPACE-IT, Security + 5.1: Summary of Authentication Services
PACE-IT, Security + 5.1: Summary of Authentication Services
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 1)
 
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative EnvironmentsPACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
PACE-IT, Security+ 4.5: Mitigating Risks in Alternative Environments
 
PACE-IT, Security+ 4.4: Controls to Ensure Data Security
PACE-IT, Security+ 4.4: Controls to Ensure Data SecurityPACE-IT, Security+ 4.4: Controls to Ensure Data Security
PACE-IT, Security+ 4.4: Controls to Ensure Data Security
 
PACE-IT, Security+ 4.3: Solutions to Establish Host Security
PACE-IT, Security+ 4.3: Solutions to Establish Host SecurityPACE-IT, Security+ 4.3: Solutions to Establish Host Security
PACE-IT, Security+ 4.3: Solutions to Establish Host Security
 
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
PACE-IT, Security+ 4.2: Mobile Security Concepts and Technologies (part 2)
 
PACE-IT, Security+3.5: Types of Application Attacks (part 2)
PACE-IT, Security+3.5: Types of Application Attacks (part 2)PACE-IT, Security+3.5: Types of Application Attacks (part 2)
PACE-IT, Security+3.5: Types of Application Attacks (part 2)
 
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)PACE-IT, Security+3.5: Types of Application Attacks (part 1)
PACE-IT, Security+3.5: Types of Application Attacks (part 1)
 
PACE-IT, Security+3.3: Summary of Social Engineering Attacks
PACE-IT, Security+3.3: Summary of Social Engineering AttacksPACE-IT, Security+3.3: Summary of Social Engineering Attacks
PACE-IT, Security+3.3: Summary of Social Engineering Attacks
 
PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 2)
 
PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)
PACE-IT, Security+3.2: Summary of Types of Attacks (part 1)
 

Dernier

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
Association for Project Management
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 

Dernier (20)

1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
Kodo Millet PPT made by Ghanshyam bairwa college of Agriculture kumher bhara...
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...Making communications land - Are they received and understood as intended? we...
Making communications land - Are they received and understood as intended? we...
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Third Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptxThird Battle of Panipat detailed notes.pptx
Third Battle of Panipat detailed notes.pptx
 

PACE-IT, Security+3.7: Overview of Security Assessment Tools

  • 2. Page 2 Instructor, PACE-IT Program – Edmonds Community College Areas of Expertise Industry Certifications  PC Hardware  Network Administration  IT Project Management  Network Design  User Training  IT Troubleshooting Qualifications Summary Education  M.B.A., IT Management, Western Governor’s University  B.S., IT Security, Western Governor’s University Entrepreneur, executive leader, and proven manger with 10+ years of experience turning complex issues into efficient and effective solutions. Strengths include developing and mentoring diverse workforces, improving processes, analyzing business needs and creating the solutions required— with a focus on technology.
  • 3. Page 3 PACE-IT. – Types of security assessments. – Assessment tools.
  • 4. Page 4 Overview of security assessment tools.
  • 5. Page 5 Security assessments are a necessity, but they will not do any good if the results are misinterpreted. It is vital that the personnel conducting the security assessments understand how to do them properly (e.g., using the correct tool for the correct job) or the results may not be accurate. This could lead to an unknown weakness in the security of an organization. Just as important as using the proper tools, is properly interpreting the results. A misinterpretation of the results can lead to an incorrect conclusion on the security posture of the organization. Because of this, it is crucial that security assessments be conducted with the correct tools and that the results be properly interpreted. Overview of security assessment tools.
  • 6. Page 6 Overview of security assessment tools. – Assessment types. » Risk assessments or risk analysis: identifying all risks to all assets within an organization and determining how those threats will be treated. • The usual steps include: identifying assets, identifying threats against assets, prioritizing the threats, and determining how threats will be treated (handled). » Threat assessments: identifying the individual threats to individual assets within an organization. They are conducted as part of the risk assessment process. • Assets may have more than one threat present. » Vulnerability assessments: the process of identifying any weaknesses that may be present in the configuration of computing systems, network appliances, and networks. • Most vulnerability assessments are conducted automatically using special software tools called vulnerability scanners. • Most vulnerability scanners take a passive approach to the assessment; they are not attacking the system, only trying to identify possible weaknesses in the configuration.
  • 7. Page 7 Overview of security assessment tools. – Assessment techniques. » Baseline reporting: using a baseline—how the system operates under normal conditions—after an incident has occurred to help determine what may be causing system issues. » Code review: having a security tester review and analyze application code developed by in-house programmers before deploying an application. » Attack surface review: having a security expert review all of the software and services (the attack surfaces) that are running on any system. • The goal is to remove any unnecessary software or services to reduce the attack surfaces that are present. » Architecture review: a review of the underlying structure (architecture) to ensure that all applications and services operate in the correct manner (e.g., determining that an application does not have access to kernel code). » Design review: a careful review of systems and solutions from a security point of view. • Should be done before implementation—secure by design. • Should be conducted after implementation—to ensure that what was requested (designed) was actually implemented.
  • 8. Page 8 Overview of security assessment tools.
  • 9. Page 9 Overview of security assessment tools. – Protocol analyzer (packet sniffer). » A tool that will passively collect information that is traversing the network. It can be used to determine what systems and processes are in operation. • One goal, when used for security purposes, is to determine if sensitive information is being transmitted in clear text. – Port scanner. » A tool that will actively scan the network for the status of ports. • One goal, when used for security purposes, is to determine if any vulnerable ports are open (easy to exploit), so they can be closed. – Vulnerability scanner. » A tool that is similar to the port scanner, but is actively searching the system for known vulnerabilities. » It will not only check for open ports, but it will also verify configurations and patch levels. • It checks the scan results against a database of known vulnerabilities.
  • 10. Page 10 Overview of security assessment tools. – Banner grabbing. » Often used in conjunction with a port scan or vulnerability scan type assessment. • When used with either the port or vulnerability scan, it will return what software (and which version of it) is operating on the open port. • The information returned can be used to determine if the open port truly represents a security issue. – Honeypots and honeynets. » A computing system or network established with the sole purpose of attracting any hackers who breach the network. • They have a high level of auditing in place in order to help determine how the hacker entered the system and any actions that the hacker engaged in while in the system. • The actual assessment of the results of hacked honeypots/honeynets is used to further harden the legitimate system.
  • 11. Page 11 Some assessment tools are passive and some are active. It is important to know which are which. Passive assessment tools are used to collect information on the network (or system) but do not actually attempt to exploit any weaknesses. Active assessment tools do the same thing, but then probe the vulnerabilities to actively determine if they can be exploited. Using an active assessment tool without explicit permission from the organization being examined can lead to being prosecuted. Active assessments are, in actuality, a form of hacking—which, of course, is an illegal activity. Overview of security assessment tools.
  • 12. Page 12 Overview of security assessment tools. When conducting a security assessment, it is vital that security experts understand what type of assessment to conduct and how to interpret the results, or the assessment may not be valid. The different types of security assessments include: risk, threat, and vulnerability assessments. Assessment techniques include: baseline reporting, code review, attack surface review, architecture review, and design review. Topic Types of security assessments. Summary There are different tools available to security experts that can be used when conducting a security assessment. Some of those tools include: packet analyzers, port scanners, vulnerability scanners, banner grabbing applications, and honeypots and honeynets. It is important to know the difference between passive and active assessment tools. Using an active assessment tool without proper authorization could lead to the security expert being prosecuted. Assessment tools.
  • 14. This workforce solution was 100 percent funded by a $3 million grant awarded by the U.S. Department of Labor's Employment and Training Administration. The solution was created by the grantee and does not necessarily reflect the official position of the U.S. Department of Labor. The Department of Labor makes no guarantees, warranties, or assurances of any kind, express or implied, with respect to such information, including any information on linked sites and including, but not limited to, accuracy of the information or its completeness, timeliness, usefulness, adequacy, continued availability or ownership. Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53. PACE-IT is an equal opportunity employer/program and auxiliary aids and services are available upon request to individuals with disabilities. For those that are hearing impaired, a video phone is available at the Services for Students with Disabilities (SSD) office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call 425.354.3113 on a video phone for more information about the PACE-IT program. For any additional special accommodations needed, call the SSD office at 425.640.1814. Edmonds Community College does not discriminate on the basis of race; color; religion; national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran status; or genetic information in its programs and activities.