Network Security Assessment: Part 1 - Vulnerabilities Assessment
Added on -2019-09-22
This document provides an overview of network security and vulnerabilities, including missing patches, misconfigured firewall rules, insecure wireless network, weak passwords, and more. The report includes information collection techniques, terminology and clarifications, and findings and analysis. The subject is network security assessment and the course code and college/university are not mentioned.
| 9 pages
| 1749 words
| 483 views
Trusted by 2+ million users, 1000+ happy students everyday
Introduction The purpose of this document is to provide an overview of the areas of network security and vulnerabilities of the network and the devices connected to the network.This process involves performing an in depth threat and risk assessment on all the different areas and network component to determine which of the areas are needed to be hardened for security. This will be done by using various tools and methods for the assessment. The final report will be including the areas which are needed to be hardened and what vulnerabilities are associated with that system and what steps and measures are needed to be applied in order to remove or mitigate such network security vulnerabilities.Information Collection TechniquesThe Network Security Assessment Team used the following information collection techniques and tools to gain and collect information and understanding of the network and server vulnerabilities: Information was collected through physical inventory:HardwareSoftwareData and information
The following automated discovery/collection tools were used on the servers to collect technical information:Network Mapper (NMAP)Nessus Vulnerability ScannerPersonal observationManual inspectionAccess control permissionsWireless LeakageIntrusion Detection testingFirewall testingIdentification of potential threats that could adversely impact systems or data’s Confidentiality, Integrity, and/or Availability (CIA).Identification of vulnerabilities discoveredEstimation of the likelihood that threats would/could exploit identified vulnerabilitiesAssess the impact to the systems and / or data’s CIA if a threat were to exploit a given vulnerability.Identification of ports and access open for non - authorized personalPerimeter security check for firewall rules.System checks for necessary protection software and unauthorized accessPolicy for data protectionTerminology and Clarifications
Found this document preview useful?
You are reading a preview Upload your documents to download or Become a Desklib member to get accesss