Vulnerability Assessment Methodology | Define the desired state of security Create a baseline Prioritize the vulnerabilities Mitigate vulnerabilities Monitor the network and systems
|
Penetration Testing Methodology | Penetration tests look at a network’s vulnerabilities from the outside
Metasploit and CANVAS are commonly used 1) Get permission and document info
2) Conduct reconnaissance
3) Enumerate the targets
4) Exploit the targets
5) Document the results |
Penetration Testing: Pivot & Persistence | Pivot:
Occurs when an attacker moves onto another workstation or user account Persistence:
Ability of an attacker to maintain a foothold inside the compromised network |
| Tabletop Exercise:
Exercise that uses an incident scenario against a framework of controls or a red team A tabletop exercise is a discussion of simulated emergency situations and security incidents |
| Red Team
The hostile or attacking team in a penetration test or incident response exercise Blue Team
The defensive team in a penetration test or incident response exercise White Team
Staff administering, evaluating, and supervising a penetration testor incident response exercise Purple Team
Defense and offense work together |
| Open Vulnerability & Assessment Language:
A standard designed to regulate the transfer of secure public information across networks and the Internet utilizing any security tools and services available OVAL is comprised of a language and an interpreter A shared standard & language for various tools to share vulnerability info Language is an XML schema |
| A reference developed to ensure the information passed around by these programs complies with the OVAL schemas and definitions used by the OVAL language |
| Discovery and documentation of physical and logical connectivity that exists in the network Commercial and free network mapping software is available |
Vulnerability Scanning: Banner Grabbing | A technique used to gain information about servers and inventory the systems or services Nessus and Qualysguard are commercial vulnerability scanners |
| The process of finding and investigating other computers on the network by analyzing the network traffic or capturing the packets being sent Network sniffer, packet sniffing, and protocol analyzer can all conduct packet capture |
| Software tool that allows for the capture, reassembly, and analysis of packets from the network
|
| Comparing a precomputed encrypted password to a value in a lookup table |
| List of precomputed values used to more quickly break a password since values don’t have to be calculated for each password being guessed |
| Attempt to crack a password by threatening or causing a person physical harm in order to make them tell you the password |
