Please enable JavaScript.
Coggle requires JavaScript to display documents.
Assesment Tools and Techniques, Dzaki Rachmanda Malik Imanudin, SI42INT,…
Assesment Tools and Techniques
Vulnerability Assesment and Penetration Testing :
Vulnerability Assesment
In-depth analysis of security system and policies
Generally "passive" techniques
Discover vulnerabilities without exploiting them
Identify lack of security controls / misconfigurations
Penetration Testing
Find ways to bypass security controls
Find ways to remove or disable controls
Security Assesment Techniques
Scope
External threats, insider threats, software vulnerabilities
Other methodologies / certification / use of contractors
Certified Ethical Hacker
GIAC
Determine a methodology and scope
Examining
Interviewing
Testing
Establishing a Methodology
Attack Profile
Environment and Disclosure
Vulnerability Scanners
Software configured with list of known exploits
Active or passive detection
Standards-based reporting
Intrusive versus non-intrusive scanning
Credentialed versus non-credentialed scanning
Honeypots and Honeynets
Analyze and identify attacks
Act as decoys
Low interaction
High interaction
Dzaki Rachmanda Malik Imanudin
SI42INT
1202180359