Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Vulnerability and Penetration Testing


Published on

This is a Brief overview of what Vulnerability and Penetration Testing are in the Information Technology Security. The focus is on the issues that always arise within a Security Network. How you as an IT can identify or notice activity of any the Attacks from Hackers or unknown Individual that are a Client.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Vulnerability and Penetration Testing

  1. 1. Title: Vulnerability And Penetration Testing Name: Jeffery Felix Brown Class: Computer Networks and Security ITCO361-1501B-01 Date: April 20, 2015 Time: 11:55 p.m. E.S.T.
  2. 2. Explanation on Penetration Testing and Vulnerability Assessment. {Part 1} • Penetration Testing is a service to design an stimulate any attack on Operating Systems, in any Partners Environment. • In defining the Characteristic toward Penetration Testing that individuals that will actively in attacking a number of Systems to Scope similar Methods actually attackers will used. • For as Penetration can always be done within a {Black Box Manner}, how none of the information provided for the Testing Team or specific information given to the Testing Team giving for a Jumps Start in the Right Things. • Advantages for Penetration Test to demonstrate the way Critical Topics in the form of Patch Management to the Organization. • Lastly, Penetration Testing useful in the later stage of a Vulnerability Management processing for validating that nothing been overlook.
  3. 3. Explanation on Penetration Testing and Vulnerability Assessment. {Part 2} • Vulnerability Assessment gives service to design for Analyzing these Hosts within the Scope an locate Areas where attacks might more likely to occur, cutting out unnecessary exploiting issues Locations. • For vulnerability Assessment sometimes involve investigation of any Machine by determining whether current Patches being Applied. • Advantage of Vulnerability Assessment is the Enterprise are looking at large number of Systems and having feedback on each of them. • Disadvantage in Vulnerability Assessment are the actual Attacks that aren’t being Performed, but sometimes is difficult in simultaneous tested toward incident response procedures or other Migration Controls. • In general Vulnerability Assessment are useful in activity to evaluate every process in Control, to put into place as a Patch Management for security configuration of the Host to a degree as security is associated with System Administration Processes
  4. 4. Identify Benefits Using Penetration Testing and Vulnerability Assessments Relative to Threats. There are several reason why Organizations always performs Vulnerability and Penetrations Testing: • First, to help identify Threats in facing your Organization’s information Assets. • Secondly, with this information can qualify Data risks an provide adequacy for Security Funding. • Third, Reduce the IT Security Cost and gives better in returns for IT Security Investment by identifying and resolving Vulnerabilities Weaknesses. • Fourth, Maintaining a Secure to complete the Environment in providing Organization Management with reasonable assurance that adequate Controls, that is put into place a Limit to Risks in exposure for Hackers and Attackers.
  5. 5. Discuss Tools Available and Explain their usage in the Industry Toward Migrate Security Vulnerabilities. • Network Mapper {Nmap} are one of the popular free Tool used for Security Scanning and Auditing for UNIX and Microsoft Platforms. • Nessus is one of the Vulnerability Scanner that are available for the UNIX and Microsoft Platform, has a built-in port scans to generate a Report, by displaying all results from the Scan to migrate vulnerabilities. • Analysis Tool are to help in determine vulnerabilities for endpoint Devices, in such as Network Hosts and Servers. • Knoppix STD {Knoppix Security Tool Distribution is a LinuxLive CD distribution contains numerous Valuable Security Tools. Knoppix STD have many useful features like [Encryption, Firewall, Network utilities, and Packet Sniffers]. • Microsoft Baseline Security Analyzer {MBSA} is a Software that Scans Hosts running the Windows Software [2000, XP, and Windows Server 2003] Operating Systems, in determining these potential security risks.
  6. 6. References: Moyle, E. (2007, May 21). Vulnerability and Penetration Testing: What's the Difference? Retrieved April 20, 2015, from Edmead, M. (2007, September 8). The Importance of Performing Vulnerability & Penetration Testing. Retrieved April 20, 2015, from 08/aug07_vulnerability.html Chapter 1: Vulnerabilities, Threats, and Attacks. (2006, September 7). Retrieved April 20, 2015, from 9706-1104-am-page-1-vulnerabilities-threats-5475095/