Please enable JavaScript.

Coggle requires JavaScript to display documents.

Security of Networks, Systems, Applications and Data (Network security…

- - - - • Fit the goals of the organization
      - • Adequately address the environment being assessed
      - • Use assessment methodologies that fit collected data
      - • It is important to remember that risk assessment is an ongoing process.
    - - • Risk Response Strategies Risk Reduction
      - • Risk Avoidance
      - • Risk Transfer or Sharing
      - • Risk Acceptance
  - - - Vulnerability scanning is the process of using proprietary or open source tools to search for known vulnerabilities and should be conducted regularly.
      - Common type of vulnerabilities
        
        Technical – error in design, configuration ex: coding errors, open network ports.
        
        Process – error in operations ex: failure to monitor logs, failure to patch software
        
        Organizational - Errors in management, decision-making, planning ex: Lack of policies, Lack of awareness
        
        Emergent – Interactions between environments ex: Implementing new technology
      - Vulnerabilities must be analyzed in the context of how they are exploited.
      - Once vulnerabilities are identified and assessed, appropriate remediation can take place to mitigate or eliminate the vulnerability.
  - - - • Confirm exposures
      - • Ensure compliance
      - • Assess the effectiveness and quality of existing security controls
      - • Identify how specific vulnerabilities expose IT resources and assets
    - - • Clearly define the scope of the test.
      - • Provide explicit, written permission authorizing testing.
      - • Implement “do no harm” procedures to ensure no assets are harmed (e.g., deletions, denial-of-service).
      - • Have communication and escalation plans.
    - - • PCI Penetration Testing Guide
      - • Penetration Testing Execution Standard
      - • Penetration Testing Framework
      - • Information Systems Security Assessment Framework (ISSAF)
      - • Open Source Security Testing Methodology Manual (OSSTMM)
- - - - • Repeaters - Physical layer devices that extend the range of a network
      - • Hubs - Physical layer devices serve as network concentrator
      - • Layer 2 switches - data link-level devices that interconnect network segments
      - • Routers - link two or more physically
    - - • Integrating an automatic remediation process that fixes noncompliant nodes before access is allowed
      - • Enabling network infrastructure to work with back office services and end-user computing to ensure that the network is secure prior to allowing access
    - - Virus and worm infection
      - Internal users sniffing
    - - • Declaring ownership of programs, files and storage
      - • Limiting access to a read-only basis
      - • Implementing record and file locking to prevent simultaneous update
  - - - • Denial-ofservice (DoS)
      - • Malicious third parties
    - - • Policy and standards
      - • Proper authorizations
      - • Identification and authentication mechanisms
      - • Encryption tools and techniques, such as use of a VPN
      - • Restriction of access to controlled systems, networks and applications
- - - - • Authentication and authorization
      - • File system permissions
      - • Access privileges
      - • Logging and system monitoring
      - • System services
  - - - • Strong physical and logical access controls
      - • Sound configuration management practices and system hardening for the host
      - • Appropriate network segregation
      - • Strong change management practices
- - - - • Threat and risk assessment of the proposed system
      - • Identification and implementation of controls
      - • Vulnerability testing and review
    - - • injection
      - • Cross-site scripting (XSS)
      - • Security misconfiguration
    - - • Verification and validation that programs, applications and controls perform the functions for which they have been designed.
      - • Confirmation that the tested units operate without malfunction or adverse effect on other components of the system.
      - • Vulnerability and control testing, taken from a security perspective.
      - • The review phase of SDLC