Security Testing Methodologies

Question 1

Description:

Answer 1

Simplified explanation: a way of finding vulnerabilities and patching them later on.
- - - - - - - - - - - - - - - -
Security testing methodology is an approach which attempts to find vulnerabilities in the system’s security mechanisms. The goal is to enable the system administrators to protect the data and information by applying appropriate security controls.

Question 2

Two types of testing methodologies:

Answer 2

1. Proprietary methodologies
2. Open source methodologies
   - open source does not necessarily mean it is free of charge, it just means that the code is open source

Question 3

Examples of proprietary methodologies:

Answer 3

• IBM
• McAfee Foundstone
• EC-Council LPT

All are very similar and generally operate in a similar way, but depending on the situation, one may be more suited than another.
This isn’t crucial information for the certification, but it’s good to be familiar with these programs in the long run.

Question 4

Examples of open source methodologies:

Answer 4

• OWASP (Open Web Application Security Project)
• OSSTMM (Open Source Security Testing Methodology Manual)
• ISSAF (Information System Security Assessment Framework)
• NIST (National Institute of Standards and Technology)

All are very similar and generally operate in a similar way, but depending on the situation, one may be more suited than another.
This isn’t crucial information for the certification, but it’s good to be familiar with these programs in the long run.

Question 5

IBM:

Answer 5

IBM is generally used by mid-sized companies. Provides fairly quick results and can patch most known vulnerabilities. Not the most thorough option, but it reduces a pretty hefty amount of risk for the time it takes.

Question 6

McAfee Foundstone:

Answer 6

Used over a lengthier period of time to ensure a more encompassing vulnerability analysis. Provides guides to client enterprises.

• anything that’s not generic and has been custom made has a very good chance of slipping through McAfee software.

side-note: non-generic malicious code has a real good chance of slipping through any antivirus software (that Ermin’s heard of thus far).

Question 7

EC-Council LPT:

Answer 7

EC-Council LPT is a comprehinsive auditing framework.

• widely accepted by the industry. They is big boys.

Question 8

OWASP (Open Web Application Security Project):

Answer 8

Great for developers, system architects, anybody who’s working in any sort of coding or creating any sort of an application.
It provides free automated tests that you can perform on the spot without too hassle.

Question 9

OSSTMM (Open Source Security Testing Methodology Manual):

Answer 9

OSSTMM is a standard set of pentesting tests.

• It was an attempt to standardize penetration testing and make it consistent across the board.
• It is entirely peer-review and open-source.
• It’s become a leading industry standard, providing the most consistent and accurate results of all the methodologies mentioned here.
• It was compiled by Pete Herzog.

Question 10

ISSAF (Information System Security Assessment Framework):

Answer 10

Provides the user with information on how to conduct penetration tests.
In essence, an instruction manual.

Question 11

NIST (National Institute of Standards and Technology):

Answer 11

Federal technology agency which works with the industry in order to keep pace with current technology and threats.

• Provides a lot of standards, and dictates a bit of what must be complied with.
• Does a lot of research and publishes their findings freely, saving you a lot of time.