Security vulnerability test: Vulnerability scanning

Describe the test and purpose of the test.

Vulnerability scanning is a security technique to identify security weaknesses in a computer system.

The purpose of Vulnerability scanning is to check whether there is an error or a problems within the security. Such as if a hacker can hack a system or not.

Discuss how it works.

 A vulnerability scan detect and classifies system weakness in computers, network and communications equipment and predicts the effectiveness of countermeasures.

A vulnerability scanner runs from the end point of the person inspecting the attack surface in question. The software compares details about the target attack surface to a database of information about known security holes in services and ports, anomalies in packet construction, and potential paths to exploitable programs or scripts. The scanner software attempts to exploit each vulnerability that is discovered.

Provide example of the test.

 By using Nessus Professional


Discuss the solution if there is vulnerability after a test.

 If there is a problems after using vulnerability scanning, the best way to approach this is that to find out the problem itself or update the vulnerability tools being used (???)

 Produce an audit document showing the range of tests in IT systems and networks ( Example WANs/LANs and wireless network).



Reference:

Techopedia.com. (2019). What is Vulnerability Scanning? - Definition from Techopedia. [online] Available at: https://www.techopedia.com/definition/4160/vulnerability-scanning [Accessed 25 Apr. 2019].


SearchSecurity. (2019). What is network vulnerability scanning? - Definition from WhatIs.com. [online] Available at: https://searchsecurity.techtarget.com/definition/vulnerability-scanning [Accessed 25 Apr. 2019].

Comments

Post a Comment

Popular posts from this blog

Website Design & Development (LO 1: Exercise)

Image
Explain: Domain Names: Domain Names is the name of the websites. In other words, the IP address of the website, in which, it allows users to access the website. Domain Names can be found in the combination of letters and numbers or as an extension to the domain names. Such as (.com, .net and so on) DNS Services: DNS Services is a type of server that manages, maintains, processes the Internet domain names and its associated record. Communication protocols to access a website: Communication protocols to access a website is a type of technology that is used to transfer information across the internet. There are a lot of types of communication protocols that are used to access a website: Http: Http also is known as HyperText Transfer Protocol is the protocol of transferring the file on the WWW. Https  Https also is known as HyperText Transfer Protocol Secure is protocols that secure the communication between two systems. Ftp  Ftp i...
Read more

WDD

Image
ISP: Telbru, Free registration $10 per months. Domain Name: RandomBlogger.life Website Hosting: Dream Host $2.59/mo Website Management: Joomla!
Read more

Research Activity: IT Security Solution

Find two tools (2) used for implementing network security. Wireshark: use to capture and view the data traveling back and forth on your network. It provides the ability to drill down and read the contents of each packet and is filtered to meet your specific needs. It is commonly used to troubleshoot network problems and to develop and test software. Nessus Professional: makes no assumptions regarding what services are running on what ports and it actively attempts to exploit vulnerabilities rather than just comparing version numbers of the active services. Find two techniques (2) used for implementing network security. Encryption:  A password manager that controls access. People within companies cause the most problems. Provide training on how to avoid malware and phishing attacks. The Yahoo breach was due to an employee clicking on a malicious link. Real-time ingestion and visualization:  to track the intruder as they move in and around the network. Find ...
Read more