E-Book, Englisch, 312 Seiten
Peltier / Blackley Managing A Network Vulnerability Assessment
Erscheinungsjahr 2003
ISBN: 978-0-203-50304-1
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
E-Book, Englisch, 312 Seiten
ISBN: 978-0-203-50304-1
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
The instant access that hackers have to the latest tools and techniques demands that companies become more aggressive in defending the security of their networks. Conducting a network vulnerability assessment, a self-induced hack attack, identifies the network components and faults in policies, and procedures that expose a company to the damage caused by malicious network intruders.
Managing a Network Vulnerability Assessment provides a formal framework for finding and eliminating network security threats, ensuring that no vulnerabilities are overlooked. This thorough overview focuses on the steps necessary to successfully manage an assessment, including the development of a scope statement, the understanding and proper use of assessment methodology, the creation of an expert assessment team, and the production of a valuable response report. The book also details what commercial, freeware, and shareware tools are available, how they work, and how to use them.
By following the procedures outlined in this guide, a company can pinpoint what individual parts of their network need to be hardened, and avoid expensive and unnecessary purchases.
Zielgruppe
IT, network, and information security managers; information security consultants; cyber crime investigators
Autoren/Hrsg.
Fachgebiete
Weitere Infos & Material
Introduction
Information Security Lifecycle
Network Vulnerability Assessment
Do I Need to be a Technical Expert to Run an NVA?
What Level of Skill Is Needed?
Which Specific Skills Are Needed?
Can One Person Run an NVA?
Introduction to Vulnerability Assessment
Goals of Vulnerability Assessment
How Many Trees Should Die to Generate This Type of Report?
What Are Vulnerabilities?
Classes of Vulnerabilities
Elements of a Good Vulnerability Assessment
Project Scoping
General Scoping Practices
Developing the Project Overview Statement
Developing the Project Scope
Project Scope Document
Project Scope Change
Summary
Assessing Current Network Concerns
Network Vulnerability Assessment Timeline
Network Vulnerability Assessment Team (NVAT)
Threats to Computer Systems
Other Concerns
Additional Threats
Prioritizing Risks and Threats
Other Considerations
Checklists
Summary
Network Vulnerability Assessment Methodology
Methodology Purpose
Definitions
Justification
Philosophy
Top-Down Examination
Bottom-Up Examination
Network Vulnerability Assessment Methodology
The NVA Process (Step-by-Step)
Summary
Policy Review (Top-Down) Methodology
Definitions
Policy
Review Elements
Summary
Technical (Bottom-Up)
Step 1: Site Survey
Step 2: Develop a Test Plan
Step 3: Building the Toolkit
Step 4: Conduct the Assessment
Step 5: Analysis
Step 6: Documentation
Summary
Network Vulnerability Assessment Sample Report
Table of
Executive Summary
Body of the NVA Report
Summary
Summary
Appendixes
ISO17799 Self-Assessment Checklist
Window NT Server 4.0 Checklist
Network Vulnerability Assessment Checklist
Pre-NVA Checklist
Sample NVA Report
NIST Special Publications
Glossary of Terms
