Chapter 8 - 03 - Discuss Vulnerability Assessment - 05_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Network Security Assessment Techniques and Tools Exam 212-82 Vulnerability-Management Life Cycle E N & Identify Assets and Create a Baseline Monitor Verification Vulnerability-Management Life Cycle The vulnerability management life cycle is an important process that helps identify and remediate security weaknesses before they can be exploited. This includes defining the risk posture and policies for an organization, creating a complete asset list of systems, scanning, and assessing the environment for vulnerabilities and exposures, and taking action to mitigate the vulnerabilities that are identified. The implementation of a vulnerability management lifecycle helps gain a strategic perspective regarding possible cybersecurity threats and renders insecure computing environments more resilient to attacks. Vulnerability management should be implemented in every organization as it evaluates and controls the risks and vulnerabilities in the system. The management process continuously examines the IT environments for vulnerabilities and risks associated with the system. Organizations should maintain a proper vulnerability management program to ensure overall information security. Vulnerability management implemented in a sequence of well-organized phases. provides the best results when it is The phases involved in vulnerability management are: = |dentify Assets and Create a Baseline This phase identifies critical assets and prioritizes them to define the risk based on the criticality and value of each system. This creates a good baseline for vulnerability management. This phase involves the gathering of information about the identified systems to understand the approved ports, software, drivers, and basic configuration of each system in order to develop and maintain a system baseline. Module 08 Page 1077 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Assessment Techniques and Tools = Exam 212-82 Vulnerability Scan This phase is very crucial in vulnerability management. In this step, the security analyst performs the vulnerability scan on the network to identify the known vulnerabilities in the organization’s infrastructure. Vulnerability scans can also be performed on applicable compliance templates to assess the organization’s Infrastructure weaknesses against the respective compliance guidelines. = Risk Assessment In this phase, all serious uncertainties that are associated with the system are assessed and prioritized, and remediation is planned to permanently eliminate system flaws. The risk assessment selected summarizes the vulnerability and assets. It determines whether risk level identified for each of the the risk level for a particular asset is high, moderate, or low. Remediation is planned based on the determined risk level. For example, vulnerabilities ranked high-risk are targeted first to decrease the chances of exploitation that would adversely impact the organization. = Remediation Remediation is the process of applying fixes on vulnerable systems in order to reduce the impact and severity of vulnerabilities. This phase is initiated after the successful implementation of the baseline and assessment steps. = Verification In this phase, the security team performs a re-scan of systems to assess if the required remediation is complete and whether the individual fixes have been applied to the impacted assets. This phase provides clear visibility into the firm and allows the security team to check whether all the previous phases have been perfectly employed or not. Verification can be performed by using various means such as ticketing systems, scanners, and reports. = Monitor Organizations need to performed regular monitoring to maintain system security. They use tools such as IDS/IPS and firewalls. Continuous monitoring identifies potential threats and any new vulnerabilities that have evolved. As per security best practices, all phases of vulnerability management must be performed regularly. Module 08 Page 1078 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Network Security Assessment Techniques and Tools Exam 212-82 Vulnerability Assessment Tools: Qualys Vulnerahility Nllanagement Yy = - Acloud-based service that offers immediate global visibility into IT system areas that might be vulnerable to the latest Internet threats and how to protect them CONR AP T 30 204 Wibwcato togecren Bonre famean atine aad Leisase Masagrrren Aids in the continuous identification of threats and monitoring of ok um G s et ot telvong089 Sevwrity Matosligeraties Vasing faretion Levet Access Castind unexpected changes in a mutemmemwn ot HY e S e PTIrR—r— ‘ network before they become breaches s https.//www.quolys.com Copyright © by ¢il. All Rights Reserved. Reproduction is Strictly Prohibited. Vulnerability Assessment Tools: OpenVAS and GFI LanGuard A framework of several services and tools offering a comprehensive and powerful. ". vulnerability scanning and vulnerability management solution OpenVAS - KR e ey Secinte Confguration Extras Administration Help o Scans, detects, assesses, and rectifies security vulnerabilities in a network and connected devices Laxft;;;lax d 7 >« ¥ Q e tews = Mottt s ot & Mamedie Ovrvee | i L. 'l':--;::;‘l:l - S ® Comgten ) SERVER2016 @ I : et T Actions O LTI s0% 10101016 135acp (0 SSA/TLS: Report Vieak Cpher Suites 108 timestamps