Module 22 Flashcards
Operations security starts with..
the planning and implementation process of a network
What happens during the phases of operations security?
the operations team analyzes designs, identifies risks and vulnerabilities, and makes necessary adaptations
When does the actual operational tasks begin?
After the network is set up and include the continual maintenance of the environment
Staff that set up and conduct security testing should have knowledge in what areas?
-Device hardening
-Firewalls
-IPSs
-Operating systems
-Basic programming
-Networking protocols (TCP/IP)
-Network vulnerabilities and risk mitigation
What is ST&E?
An examination of the protective measures that are placed on an operational network
What security tests can be conducted to assess operational status of the network?
-Penetration testing
-Network scanning
-Vulnerability scanning
-Password cracking
-Log review
-Integrity checkers
-Virus detection
What are tools available to test the security of systems and networks?
-Nmap/Zenmap
-SuperScan
-SIEM
-GFI LANguard
-Tripwire
-Nessus
-L0phtCrack
-Metasploit
What type of tool is Nmap and Zenmap?
Commonly used and free low-level scanners
What is SuperScan?
A free Microsoft Windows port scanning tool
What is SIEM? (Security Information Event Management)
A technology used in enterprise organizations to provide real time reporting and long-term analysis of security events
What do SIEMs provide?
Correlation, aggregation, forensic analysis, and retention
What does Nmap/Zenmap do?
Discovers computers and their services on an network, therefore creating a map of the network
What does SuperScan do?
Detects open TCP and UDP ports, determine what services are running on those ports, and runs queries, such as who is, ping, traceroute, and hostname lookups
What does GFI LANguard do?
Network and security scanner that detects vulnerabilities
What does Tripwire do?
Assesses and validates IT configurations against internal policies, compliance standards, and security best practices