Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Published byOsborn Martin Modified over 8 years ago

Similar presentations

Presentation on theme: "Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments."— Presentation transcript:

1 Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments

2 Security+ Guide to Network Security Fundamentals, Third Edition Objectives Define risk and risk management Describe the components of risk management List and describe vulnerability scanning tools Define penetration testing 2

3 Security+ Guide to Network Security Fundamentals, Third Edition Risk Management, Assessment, and Mitigation One of the most important assets any organization possesses is its data Unfortunately, the importance of data is generally underestimated The first steps in data protection actually begin with understanding risks and risk management 3

4 Security+ Guide to Network Security Fundamentals, Third Edition What Is Risk? In information security, a risk is the likelihood that a threat agent will exploit a vulnerability More generally, a risk can be defined as an event or condition that could occur –And if it does occur, then it has a negative impact Risk generally denotes a potential negative impact to an asset 4

5 Security+ Guide to Network Security Fundamentals, Third Edition Definition of Risk Management Realistically, risk cannot ever be entirely eliminated –Would cost too much or take too long Rather, some degree of risk must always be assumed Risk management –A systematic and structured approach to managing the potential for loss that is related to a threat 5

6 Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management The first step or task in risk management is to determine the assets that need to be protected Asset identification –The process of inventorying and managing these items Types of assets: –Data –Hardware –Personnel –Physical assets –Software 6

7 Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) Along with the assets, the attributes of the assets need to be compiled Important to determine each item’s relative value Factors that should be considered in determining the relative value are: –How critical is this asset to the goals of the organization? –How difficult would it be to replace it? –How much does it cost to protect it? –How much revenue does it generate? 7

8 Security+ Guide to Network Security Fundamentals, Third Edition8

9 Steps in Risk Management (continued) Factors that should be considered in determining the relative value are: (continued) –How quickly can it be replaced? –What is the cost to replace it? –What is the impact to the organization if this asset is unavailable? –What is the security implication if this asset is unavailable? 9

10 Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) Threat identification –The next step is to determine the threats from threat agents Threat agent –Any person or thing with the power to carry out a threat against an asset Threat modeling –Constructs scenarios of the types of threats that assets can face –Helps to understand who the attackers are, why they attack, and what types of attacks might occur 10

11 Security+ Guide to Network Security Fundamentals, Third Edition11

12 Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) Attack tree –Provides a visual image of the attacks that may occur against an asset 12

13 Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) 13

14 Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) 14

15 Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) Vulnerability appraisal –Takes a snapshot of the security of the organization as it now stands Every asset must be viewed in light of each threat Determining vulnerabilities often depends upon the background and experience of the assessor Risk assessment –Involves determining the damage that would result from an attack and the likelihood that the vulnerability is a risk to the organization 15

16 Security+ Guide to Network Security Fundamentals, Third Edition16

17 Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) Calculating the anticipated losses can be helpful in determining the impact of a vulnerability Two formulas are commonly used to calculate expected losses –Single Loss Expectancy (SLE) The expected monetary loss every time a risk occurs –Annualized Loss Expectancy (ALE) The expected monetary loss that can be expected for an asset due to a risk over a one-year period 17

18 Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) Risk mitigation –The final step is to determine what to do about the risks Options when confronted with a risk: –Diminish the risk –Transfer the risk –Accept the risk 18

19 Security+ Guide to Network Security Fundamentals, Third Edition Steps in Risk Management (continued) 19

20 Security+ Guide to Network Security Fundamentals, Third Edition Identifying Vulnerabilities Identifying vulnerabilities through a vulnerability appraisal –Determines the current security weaknesses that could expose assets to threats Two categories of software and hardware tools –Vulnerability scanning –Penetration testing 20

21 Security+ Guide to Network Security Fundamentals, Third Edition Vulnerability Scanning Vulnerability scanning is typically used by an organization to identify weaknesses in the system –That need to be addressed in order to increase the level of security Tools include port scanners, network mappers, protocol analyzers, vulnerability scanners, the Open Vulnerability and Assessment Language, and password crackers 21

22 Port Scanners Internet protocol (IP) addresses –The primary form of address identification on a TCP/IP network –Used to uniquely identify each network device Port number –TCP/IP uses a numeric value as an identifier to applications and services on the systems Each datagram (packet) contains not only the source and destination IP addresses –But also the source port and destination port Security+ Guide to Network Security Fundamentals22

23 Security+ Guide to Network Security Fundamentals, Third Edition23 Port Scanners (continued)

24 Security+ Guide to Network Security Fundamentals, Third Edition Port Scanners (continued) If an attacker knows a specific port is used, that port could be probed for weakness Port scanner –Used to search a system for port vulnerabilities that could be used in an attack –Determines the state of a port to know what applications are running and could be exploited Three port states: –Open, closed, and blocked 24

25 Security+ Guide to Network Security Fundamentals, Third Edition25

26 Security+ Guide to Network Security Fundamentals, Third Edition26

27 Security+ Guide to Network Security Fundamentals, Third Edition Network Mappers Network mappers –Software tools that can identify all the systems connected to a network Most network mappers utilize the TCP/IP protocol ICMP Internet Control Message Protocol (ICMP) –Provides support to IP in the form of ICMP messages that allow different types of communication to occur between IP devices 27

28 Security+ Guide to Network Security Fundamentals, Third Edition Network Mappers (continued) 28

29 Security+ Guide to Network Security Fundamentals, Third Edition29

30 Security+ Guide to Network Security Fundamentals, Third Edition Protocol Analyzers Protocol analyzer (also called a sniffer) –Captures each packet to decode and analyze its contents –Can fully decode application-layer network protocols Common uses include: –Network troubleshooting –Network traffic characterization –Security analysis 30

31 Security+ Guide to Network Security Fundamentals, Third Edition31

32 Security+ Guide to Network Security Fundamentals, Third Edition Vulnerability Scanners Vulnerability scanner –A generic term that refers to a range of products that look for vulnerabilities in networks or systems –Intended to identify vulnerabilities and alert network administrators to these problems Most vulnerability scanners maintain a database that categorizes and describes the vulnerabilities that it can detect Other types of vulnerability scanners combine the features of a port scanner and network mapper 32

33 Security+ Guide to Network Security Fundamentals, Third Edition33

34 Security+ Guide to Network Security Fundamentals, Third Edition Open Vulnerability and Assessment Language (OVAL) –Designed to promote open and publicly available security content –Standardizes the transfer of information across different security tools and services –A “common language” for the exchange of information regarding security vulnerabilities These vulnerabilities are identified using industry- standard tools 34

35 Security+ Guide to Network Security Fundamentals, Third Edition Open Vulnerability and Assessment Language (OVAL) (continued) OVAL vulnerability definitions are recorded in Extensible Markup Language (XML) –Queries are accessed using the database Structured Query Language (SQL) OVAL supports Windows, Linux, and UNIX platforms 35

36 Security+ Guide to Network Security Fundamentals, Third Edition Open Vulnerability and Assessment Language (OVAL) (continued) 36

37 Security+ Guide to Network Security Fundamentals, Third Edition Password Crackers Password –A secret combination of letters and numbers that only the user knows Because passwords are common yet provide weak security, they are a frequent focus of attacks Password cracker programs –Use the file of hashed passwords and then attempts to break the hashed passwords offline The most common offline password cracker programs are based on dictionary attacks or rainbow tables 37

38 Security+ Guide to Network Security Fundamentals, Third Edition38

39 Security+ Guide to Network Security Fundamentals, Third Edition Password Crackers (continued) Shadow password –A defense against password cracker programs for UNIX and Linux systems On a system without a shadow password –The file that contains the hashed passwords and other user information is visible to all users A shadow password mechanism creates a second password file, the “shadow” password file –This shadow file can only be accessed at the highest level and contains only the hashed passwords 39

40 Security+ Guide to Network Security Fundamentals, Third Edition Penetration Testing Penetration testing –Method of evaluating the security of a computer system or network By simulating a malicious attack instead of just scanning for vulnerabilities –Involves a more active analysis of a system for vulnerabilities One of the first tools that was widely used for penetration testing as well as by attackers was SATAN 40

41 Security+ Guide to Network Security Fundamentals, Third Edition Penetration Testing (continued) SATAN could improve the security of a network by performing penetration testing –To determine the strength of the security for the network and what vulnerabilities may still have existed SATAN would: –Recognize several common networking-related security problems –Report the problems without actually exploiting them –Offer a tutorial that explained the problem, what its impact could be, and how to resolve the problem 41

42 Security+ Guide to Network Security Fundamentals, Third Edition Summary In information security, a risk is the likelihood that a threat agent will exploit a vulnerability A risk management study generally involves five specific tasks Vulnerability scanning is typically used by an organization to identify weaknesses in the system that need to be addressed in order to increase the level of security Vulnerability scanners for organizations are intended to identify vulnerabilities and alert network administrators to these problems 42

43 Security+ Guide to Network Security Fundamentals, Third Edition Summary (continued) More rigorous than vulnerability scanning, penetration testing is a method of evaluating the security of a computer system or network by simulating an attack by a malicious hacker instead of only scanning for vulnerabilities 43

Download ppt "Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments."

Similar presentations

5-Network Defenses Dr. John P. Abraham Professor UTPA.

5-Network Defenses Dr. John P. Abraham Professor UTPA.
Honeypot 서울과학기술대학교 Jeilyn Molina 121336101. Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.

Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 © 2002 Carnegie.

Networked Systems Survivability CERT ® Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA © 2002 Carnegie.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
9-Performing Vulnerability Assessments Dr. John P. Abraham Professor UTPA.

9-Performing Vulnerability Assessments Dr. John P. Abraham Professor UTPA.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Introducing Computer and Network Security

Introducing Computer and Network Security
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
BUSINESS DRIVEN TECHNOLOGY

BUSINESS DRIVEN TECHNOLOGY
SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.

SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 5 Network Defenses.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 5 Network Defenses.
INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.

INTRUSION DETECTION SYSTEMS Tristan Walters Rayce West.
Security+ Guide to Network Security Fundamentals, Fourth Edition

Security+ Guide to Network Security Fundamentals, Fourth Edition

Similar presentations

Ads by Google