Vulnerability assessments top 8 most useful analysis the method of recognizing, categorizing and characterizing the safety holes among the network infrastructure, computers & package, etc. Few samples of such vulnerabilities resort of a misconfiguration of parts in network infrastructure. A defect in associate degree software system, any ambiguity during a marketable product, etc.
Given below are the different types of vulnerability assessments:
Active Assessments
Active evaluation are a type of vulnerability assessment that uses network scanners to scan the network to identify the hosts, services, and vulnerabilities present in that network. This network scanners have the capability to reduce the intrusiveness of the checks they perform.
Passive Assessments
Passive assessments sniff the traffic present on the network to identify the active systems, network services, applications, and vulnerability assessments. Even passive assessments provide a list of the users who are a recently using the network.
External Assessments
External assessment assesses the network from a hacker’s point of view to find out what exploits and vulnerabilities are accessible to the outside world. These types of assessments use external devices like firewalls, routers, and servers. An external assessment estimates the threat of network security attacks external to the organization. it determines how secure the external network and firewall are.
The following are some of the possible steps in performing an external assessments:
- Determine the set of rules for firewall and router configurations for the external network.
- Check whether external server devices and network devices are mapped.
- Identify open ports and related services on the external network.
- Examine patch levels on the server and external network devices.
- Review detection systems such as IDS, firewalls, and application-layer protection systems.
- Get information on DNS zones.
- Scan the external network through a variety of proprietary tools available or the Internet.
- Examine web applications sickish as e-commerce arc shopping cart software for vulnerability
Internal Assessments
An internal assessment involves scrutinizing the internal network to find exploits and vulnerability assessments.
The following are some of the possible steps in performing an internal assessments:
- Specify the open ports aria related services on network devices, servers, and systems.
- Check for router configurations and tire wall rule sets.
- List the internal vulnerabilities of the operating system and server.
- Scan for Trojans that may be present in the internal environment.
- Check the patch levels on the organization’s internal network devices, servers, and systems.
- Check for the existence of malware, spyware, and virus activity and document them.
- Evaluate the physical security.
- Identify and review the remote management process and events.
- Assess the file-sharing mechanisms if or example, NFS and SMB/CIFS shares) 0 Examine the antivirus implementation and events.
Also Read : Top vulnerability scanning tools
Host-based Assessments
Host-based assessments are a type of security check that involves carrying out a configuration-level check through the command line. These assessments check the security of a particular network or server. Host-based scanners assess systems to identify vulnerabilities such as incorrect registry and file permissions, as well as software configuration errors. Host-based assessment can use many commercial and open-source scanning tools.
Network Assessments
vulnerabilities such as missing patches, unnecessary services, weak authentication, and weak encryption. Network assessment professionals use firewall and network scanners such as Nessus. These scanners find open ports, recognize the services running on those parts, and find vulnerabilities associated with these services. These assessments help organizations determine how vulnerable systems are to Internet and Intranet attacks. and how an attacker can gain access to important information. A typical network assessment conducts the following tests on a network:
- Checks the network typologies for inappropriate firewall configuration.
- Examines the router filtering rules.
- Identities inappropriately configured database servers.
- Tests individual services and protocols such as HTTP, SNMP, and FTP.
- Reviews HTML source code for unnecessary information.
- Performs bounds checking on variables.
Application Assessments
An application assessment focuses on transaction web applications, traditional client-server applications, and hybrid systems. It analyzes all elements of an application infrastructure, including deployment and communication within the client and server. This type of assessment tests the web server infrastructure for any misconfiguration, outdated content, and known vulnerabilities. Security professionals use both commercial and open-source tools to perform as, assessments.
Wireless Network Assessments
Wireless network assessment determines the vulnerabilities in an organization’s wireless networks. In the past, wireless networks used weak and defective data encryption mechanisms. Wireless network standards have evolved, but many networks still use the weak and outdated security mechanisms and are open for attack. Wireless network assessments try to attack wireless authentication mechanisms and get unauthorized access. This type of assessment tests wireless networks and identifies rogue wireless networks that may exist within an organization’s perimeter. These assessments audit client-specified sites with a wireless network. They sniff wireless network traffic and try to crack encryption keys. Auditors test other network access once they get access to the wireless network.
- Identify open ports and related services on the external network
- Examine patch levels on the server and external network devices
- Review detection systems such as IDS, firewalls, and application-layer protection systems
- Get information on DNS zones
- Scan the external network through a variety of proprietary tools available or the Internet
- Examine web applications sickish as e-commerce arc shopping cart software for vulnerability.
Related Product:- EC-Council Security Analyst v10 | ECSA
Questions related to this topic
- How do I scan my network for vulnerability?
- What are the types of vulnerability scans?
- What are the 4 main types of vulnerability in cyber security?
- Which of these are examples of security tools that can scan computer systems and networks for vulnerabilities?
Learn advanced security techniques by ECSA
- Enterprise Information Security Architecture
- Vulnerability Assessments Top 8 Most Useful
- What Is Incident Response Orchestration?
- Types of Penetration Testing:
Learn CEH & Think like hacker
- What is Ethical Hacking? & Types of Hacking
- 5 Phases of Hacking
- 8 Most Common Types of Hacker Motivations
- What are different types of attacks on a system
- Scope and Limitations of Ethical Hacking
- TEN Different Types Of Hackers
- What is the Foot-printing?
- Top 12 steps for Foot printing Penetration Testing
- Different types of tools with Email Foot printing
- What is “Anonymizer” & Types of Anonymizers
- Top DNS Interrogation Tools
- What is SNMP Enumeration?
- Top vulnerability scanning tools
- Information Security of Threat
- Foot printing tools:
- What is Enumeration?
- Network Security Controls
- What is Identity and Access Management?
- OWASP high TEN web application security risks
- Password Attacks
- Defend Against Key loggers
- Defend Against Spyware
- Covering Tracks
- Covering Track on Networks
- Everything You Need To Know About Sniffing – Part 1
- Everything You Need To Know About Sniffing – Part 2
- Learn more about GPS Spyware & Apparatuses
- Introduction of USB Spyware and It’s types
- 10 Types of Identity Theft You Should Know About
- Concepts of Denial-of-Service Attack & Distributed Denial of Service Attack
- Most Effective Ways to Overcome Impersonation on Social Networking Site’s Problem
- How Dynamic Host Configuration Protocol (DHCP) Works
- DHCP Request/Reply Messages
- DHCP Starvation Attack
- Rogue DHCP Server Attack
- IOS Switch Commands
- Web Server Concept
- Web Server Attacks
- Web Server Attack Tools
- Web Server Security Tools
- 6 Quick Methodology For Web Server Attack
- Learn Skills From Web Server Foot Printing / Banner Grapping
- The 10 Secrets You Will Never Know About Cyber Security And Its Important?
- Ways To Learn Finding Default Content Of Web Server Effectively
- How will Social Engineering be in the Future
- Understand The Background Of Top 9 Challenges IT Leaders Will Face In 2020 Now
- Learning Good Ways To Protect Yourself From Identity Theft
- Anti-phishing Tools Guide
This Blog Article is posted by
Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092
Contact us – www.info-savvy.com