Tuesday, February 08, 2011

Security+ Exam objectives 4.2

4.2 Vulnerability Assessments

For section 4.2, you’ll want to gather information that deals with using certain tools to seek out weaknesses in a system. These tools can be used to prevent a major breach in said system. A successful security project requires constant vigilance and monitoring alongside with routine vulnerability assessments.
        
  •  Port scanners – An assessment tool used to determine the status of a target system’s port by sending probes or test packets. The target port can be either open, or closed. By sending a SYN flagged packet to an open TCP port then the response will be a SYN/ACK flagged packet, however, if the TCP port is closed the received packet will be a RST packet. If a firewall is present then no response may be received.

  •  Vulnerability scanners – These are tools used to find know weaknesses, vulnerabilities, or holes in a system by using a series of probes and scripts. They can be run either inside the network or outside and are not designed to cause damage to the target system although they can cause slow performance on the system.

  • Protocol analyzers – Used to target network traffic and examine the contents. By capturing packets the information can be stored onto a storage device or into memory. Protocol analyzers can be utilized in detecting communication problems in software and hardware

  • OVAL – (Open Vulnerability and Assessment Language) is an internal security program with the intent to make available tools and information in a standard format for the world.  OVAL is based on XML (Extensible Markup Language.)

  •  Password crackers – These are tools used to obtain information on passwords that are forgotten or unknown to the user by way of four main cracking techniques: dictionary, brute force, hybrid and pre-computed hash. Though they can be used negatively, one can also use them to test the true strength of system passwords.

Network mappers – A network mapper is a tool that passively builds an infrastructure map of a network by utilizing protocol analyzers and port scanners.
GetCertify4Less and GetCertified4Less

No comments: