A newly joined employee, Janet, has been allocated an existing system used by a previous employee. Before issuing the system to Janet, it was assessed by Martin, the administrator. Martin found that there were possibilities of compromise through user directories, registries, and other system parameters. He also identified vulnerabilities such as native configuration tables, incorrect registry or file permissions, and software configuration errors. What is the type of vulnerability assessment performed by Martin?
Option 1 : Distributed assessment
Option 2 : Database assessment
Option 3 : Credentialed assessment
Option 4 : Host-based assessment
1. Distributed assessment
Large-scale high performance systems have significant amount of process power. One example of such system is the HP-SEE’s HPC and supercomputing infrastructures, that is geologically distributed, and provides 24/7, high performance/high output computing services primarily for high-end research communities. due to the direct impact on research and indirectly on economy such systems can be categorized as critical infrastructure. System options (like non-stop availability, geographically distributed and community based usage) create such infrastructure vulnerable and valuable targets of malicious attacks. so as to decrease the threat, we designed the Advanced Vulnerability Assessment Tool (AVAT) suitable for HPC/supercomputing systems. Our developed solution will submit vulnerability assessment jobs into the HP-SEE infrastructure and run vulnerability assessment on the infrastructure components. It collects assessment info by the decentralized Security Monitor and archives the results received from the elements and visualize them via an online interface for the local/regional directors. during this paper we gift our Advanced Vulnerability Assessment Tool, we describe its functionalities and supply its watching check results captured in real systems.
2. Database assessment
Database security vulnerability assessments evaluate your database environment and compare it with national configuration and security best practices. Security vulnerabilities area unit known and prioritized therefore you correct weaknesses and safeguard your vital enterprise knowledge from each internal and external threats.
FEATURES The database vulnerability assessment:
- Identifies all databases on your network
- Scans the selected databases for known vulnerabilities like missing patches, weak passwords, misconfigured privileges and default vendor accounts
- Runs a series of over 100 preconfigured tests in accordance with Defense information system Agency (DISA) Security Technical Implementation Guide (STIG), National Institutes of standard and Technology (NIST) and the Center for web Security (CIS) security standards.
- Generates security health report card and recommends concrete action plans to strengthen information security
- Combines 3 essential detection methods: information scanning, agent-based scanning and dynamic watching
- Provides complete coverage while not impacting performance or stability
- doesn’t run intrusive exploits which will crash systems by imitating attacker behavior
- Supported platforms include:
- Databases: Oracle, SQL Server, IBM DB2, Informix, Sybase and MySQL
- Applications: SAP, Oracle Financials, PeopleSoft, Siebel, Business Objects
3. Credentialed assessment
Credential-based vulnerability assessment, that create use of the admin account, do a a lot of thorough check by looking for issues that can’t be seen from the network. On the other hand, non-credentialed scans give a fast view of vulnerabilities by solely gazing network services exposed by the host. unfortunately, non-credentialed scans don’t give deeper insight into application and operating system vulnerabilities not exposed to the network, or those vulnerabilities behind a firewall. It provides a false hope that the system is safe.
When it involves the credential-based vulnerability assessment, maintaining an accurate list of all credentials could be a huge worry. an inaccurate list is one in all the most reasons why security groups have a tough time finishing documented scans. for example, in large organizations, it’s not always doable to trace down owners of specific assets; in some cases, even asking the plus owner for their credentials might run in hassle and even be prohibited by company policy.
Nevertheless, a credential test preforms a dry run of all credentials and so reports on the with success echt hosts and the unsuccessful ones. this permits security groups to quickly establish and resolve credential issues. In fact, it prevents the security teams from performing VAs which will encounter errors or give inaccurate or incomplete info due to incorrectly configured credentials
Benefits of Credential-based Vulnerability Assessment:
- Does not disrupt operations or consume too many resources because the scan is performed with credentials
- Queries the local host to see if a patch for a given vulnerability has been applied instead of probe a service remotely and arrange to realize vulnerability
- Identifies client-side software vulnerabilities
- Identifies many alternative vulnerabilities
- Permits safer scanning to secure info from system servers and workstations
- Enables customized auditing of in operation systems, applications, databases, and file content
4. Host-based assessment
The host-based vulnerability assessment (VA) resolution arose from the auditors’ got to periodically review systems. Arising before the net becoming common, these tools typically take an “administrator’s eye” read of the setting by evaluating all of the knowledge that an administrator has at his or her disposal.
Host VA tools verify system configuration, user directories, file systems, registry settings, and all forms of other info on a number to gain information about it. Then, it evaluates the chance of compromise. it should also live compliance to a predefined company policy so as to satisfy an annual audit. With administrator access, the scans area unit less possible to disrupt traditional operations since the computer code has the access it has to see into the complete configuration of the system.
What it Measures Host
VA tools will examine the native configuration tables and registries to spot not solely apparent vulnerabilities, however additionally “dormant” vulnerabilities – those weak or misconfigured systems and settings which will be exploited when an initial entry into the setting. Host VA solutions will assess the safety settings of a user account table; the access management lists related to sensitive files or data; and specific levels of trust applied to other systems. The host VA resolution will a lot of accurately verify the extent of the danger by determinant however way any specific exploit could also be ready to get.
Learn CEH & Think like hacker
- What is Ethical Hacking? & Types of Hacking
- 5 Phases of Hacking
- 8 Most Common Types of Hacker Motivations
- What are different types of attacks on a system
- Scope and Limitations of Ethical Hacking
- TEN Different Types Of Hackers
- What is the Foot-printing?
- Top 12 steps for Footprinting Penetration Testing
- Different types of tools with Email Footprinting
- What is “Anonymizer” & Types of Anonymizers
- Top DNS Interrogation Tools
- What is SNMP Enumeration?
- Top vulnerability scanning tools
- Information Security of Threat
- Footprinting tools:
- What is Enumeration?
- Network Security Controls
- What is Identity and Access Management?
- OWASP high TEN web application security risks
- Password Attacks
- Defend Against Key loggers
- Defend Against Spyware
- Covering Tracks
- Covering Track on Networks
- Everything You Need To Know About Sniffing – Part 1
- Everything You Need To Know About Sniffing – Part 2
- Learn more about GPS Spyware & Apparatuses
- Introduction of USB Spyware and It’s types
- 10 Types of Identity Theft You Should Know About
- Concepts of Denial-of-Service Attack & Distributed Denial of Service Attack
- Most Effective Ways to Overcome Impersonation on the Social Networking Site’s Problem
- How Dynamic Host Configuration Protocol (DHCP) Works
- DHCP Request/Reply Messages
- DHCP Starvation Attack
- Rogue DHCP Server Attack
- IOS Switch Commands
- Web Server Concept
- Web Server Attacks
- Web Server Attack Tools
- Web Server Security Tools
- 6 Quick Methodology For Web Server Attack
- Learn Skills From Web Server Foot Printing / Banner Grabbing
- The 10 Secrets You Will Never Know About Cyber Security And Its Important?
- Ways To Learn Finding Default Content Of Web Server Effectively
- How will Social Engineering be in the Future
- Understand The Background Of Top 9 Challenges IT Leaders Will Face In 2020 Now
- Learning Good Ways To Protect Yourself From Identity Theft
- Anti-phishing Tools Guide
This Blog Article is posted by
Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092
Contact us – www.info-savvy.com