Le 28 juin 2016, 08:33 dans Technologie • 0
A network security assessment is a comprehensive analysis of an organization's computing infrastructure performed by an IT security specialist to locate vulnerabilities and risks. In order to conduct a proper assessment, a diverse set of scanning tools and common techniques are used to gather information about operating systems, applications and network devices. The security specialist assigned to the assessment performs a scheduled attack upon the designated organization attempting to attain administrative control of servers and other devices without being detected.
The assessment focuses on several key areas; I will briefly define each of the 19 components.
Authentication focuses on the access control mechanisms that secure the network such as usernames and passwords. A file system review focuses on the structure of network shares and the mechanisms in place to ensure the integrity and confidentiality of information stored on these devices.
The purpose of any IT security assessment is to expose vulnerabilities and determine the organizations overall security rating. Within the security rating matrix, there are five ratings that can be attributed to the overall security posture. A high-risk rating exposes serious vulnerabilities that are easily exploitable and significant deficiencies in design, implementation or management. A medium-high risk rating exposes vulnerabilities with a moderate likelihood of being exploited, and multiple deficiencies in design, implementation or management. A moderate risk rating exposes vulnerabilities with a moderate likelihood of being exploited and at least one deficiency in design, implementation or management. An elevated risk rating exposes vulnerabilities with a low likelihood of exploitation, and minor deficiencies in design, implementation or management. A low risk rating determines that no vulnerabilities or deficiencies in design, implementation or management were found and that all patches and service packs were applied properly.
Host security focuses on the server and workstation operating systems, while content inspection reviews content controls and inspection mechanisms. This component covers URL blocking, ActiveX blocking, malicious code inspection and end-user auditing.
A quick review of remote access to the corporate network is essential along with reviewing virtual private networks (VPN). The network security or protocols that are used to enable communication on the network must also be reviewed, such as an IP protocol that enables computers to communicate over the Internet. This component also deals with the lan switches , VLANs and routers.