Please enable JavaScript.
Coggle requires JavaScript to display documents.
CompTIA Security + Certification Support (SkillsAssessment Tools and…
CompTIA Security + Certification Support (SkillsAssessment Tools and Techniques)
Vulnerability Assessments and Pentests
Penetration testing (“pentest”)
Find ways to bypass security controls
Find ways to remove or disable controls
Exploit vulnerabilities to prove threat exists (“pwned”)
Vulnerability assessment
In-depth analysis of security systems and policies
Generally “passive” techniques
Discover vulnerabilities without exploiting them
Identify lack of security controls / misconfigurations
Establishing a Methodology
“No holds barred” or rules and restrictions
Identify only or identify and exploit?
Attack profile
White box (full disclosure)
Grey box (somewhere between – to model insider threat agents for instance)
Black box (blind)
Environment and disclosure
Security Assessment Techniques
Determine a methodology and scope eg NIST SP 800-115
Testing
Examining
Interviewing
Scope
External threats, insider threats, software vulnerabilities
Require different approaches and skill sets
Other methodologies / certification / use of contractors
Open Source Security Testing Methodology Manual
Certified Ethical Hacker
GIAC
Offensive Security
Vulnerability Scanners
Software configured with list of known exploits / vulnerabilities
Active or passive detection
Host / OS or web application
Standards-based reporting
Intrusive vs non-intrusive scanning
Credentialed vs non-credentialed scanning
Identifying lack of controls and misconfigurations
Interpreting scan results
OVAL
CVE
SANS Top 20
Bugtraq
Honeypots and Honeynet
Analyze and identify attacks
Act as decoys
Low interaction
Software simulates a host and typical services
High interaction
Complete simulated system