Related Essays

  • Steps Of A Security Risk Assessment

    As a large Fortune 500 company, it is extremely important that all measures against threats are managed properly. With the advancement in Information Technol...

  • IT-548: Information Security Threat

    These are traps set in the firewall of the system which help in recording the attacks of intruders on the system. Honeypots are used to research on the compl...

  • Security Analysis Of Yahoo

    As such, the company’s information technology department is concerned with the process of making sure that each of the organization’s computer systems are sa...

  • Unit 3 Assignment 3.1: Network Assessments

    Network assessments have appeared almost as long as host assessments, starting with the Security Administrator Tool for Analyzing Networks (SATAN), released ...

  • Vulnerabilities And Threats

    The goal of this step is to identify a list of system weakness, by using security test of system, audit comments and security requirements that could be expl...

  • Security Software Proposal Essay

    Proposal for Security Software Name: Jamonte Reed Institution: University of Maryland University College Proposal for Security Software Owing to the c...

  • Internal Security Audits

    One of the most popular and open source applications is known as the “Nmap” able to run on both UNIX and windows Operating Systems. But overall the Nmap appl...

  • Case Study: Sysadmin, Audit, Network And Security Institute

    SANS (Sysadmin, Audit, Network and Security) Institute is a privatized company by the United States, which is specialized in 400 training courses including c...

  • Case Study: Network Intrusion

    A scan reported open ports that were undetected from within the operating system. Audit Security Roles and Responsibilities. The establishment of strong s...

  • Henry And Mea Case Study

    Loss or compromisation of these servers and information systems could not only cripple the day to day operations at Henry and Mea and all of their franchise ...

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/31

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

31 Cards in this Set

  • Front
  • Back

Looking for potential risks

Vulnerability Assessment

Confirms or denies vulnerabilities

Penetration Testing

HTTPS port

443

Someone with knowledge and privilege from within the organization

Insider Threat

Someone trying to access an organization's resources from outside the organization

External Threat

FTP port

21

SSH port

22

TFTP port

69

HTTP port

80

POP3

110

Telnet port

23

SMTP port

25

SNMP port

161

DNS port

53

System placed within a DMZ or private network that is designed to lure malicious users away from production environments

Honeypots

Entire network designed to attract attackers away from production environments

Honeynets

Used to identify potential threats and weaknesses within a network infrastructure

Vulnerability Scanners

Multi-platform scanner

GFI LANguard

Patch, configuration and compliance auditing

Nessus

Identify IT exposures and prioritize remediation

Retina

Identify flaws in operating systems and applications

IBM ISS Internet Scanner

Specifically designed to help monitor the behavior and health of the Mac OS-X system

X-Scan

Security Auditors Research Assistant

SARA

Find and track vulnerabilities and perimeter servers and devices

QualysGuard

Uncovers areas of weakness and recommends fixes

SAINT

Provides a streamlined method to identify missing security updates and common misconfigurations

MBSA

Vulnerability scan that will not directly attack a system

Passive Vulnerability Assessment

Vulnerability scan that can disrupt normal network operations and trigger alerts

Active Vulnerability Assessment

Evaluate security posture using the same techniques employed by cyber criminals

CORE Impact Pro

Hundreds of exploits on automated exploitation system and development framework

CANVAS

Helps verify vulnerabilities and manage security assessments

Metasploit