SlideShare a Scribd company logo
1 of 25
Download to read offline
CNIT 125:
Information Security
Professional
(CISSP
Preparation)
Ch 6. Security Assessment
and Testing
Assessing Access Control
Penetration Testing
• Authorized white hat hacker breaks into
an organization
Social Engineering
• Exploiting the human mind
• Often tricks the user into clicking a link
• Zero-knowledge (black box) test
• No information provided to attacker
• Full-knowledge test
• Provides pen tester with network diagram,
policies and procedures, and sometimes
results from previous pen testers
• Partial-knowledge test
Penetration Tester Tools and
Methodology
• Metasploit (open source)
• Core Impact and Immunity Canvas
(closed source)
• Methodology
Assuring Confidentiality, Data Integrity,
and System Integrity
• Pen testers must ensure confidentiality
of data they access
• Report should be treated as confidential
Vulnerability Testing
• Also called Vulnerability Scanning
• Uses a tool like Nessus or OpenVAS
• Finds vulnerabilities
• Requires manual verification and
assessment
• Must be matched to real threats to find
true risk
Security Audit
• Tests against a public standard
• Such as PCI-DSS (Payment Card Industry
Data Security Standard)
Security Assessment
• View many controls across multiple
domains
• Policies and procedures
• Administrative controls
• Change management
• Other tests (pen tests, vuln
assessments, security audits)
Internal and Third Party Audits
• Internal audits
• Assessing adherence to policy
• External audits
• Require security professionals to play
a role
• Response and remediation to audit
findings
• Demonstrating mitigations
Log Reviews
• Easiest way to verify that access control
mechanisms are working
Centralized Logging
• A central repository allows for more
scalable security monitoring and
intrusion detection
• Syslog transmits log data in plaintext
over UDP port 514
• Log retention
• May be relevant to legal or regulatory
compliance
Software Testing Methods
Software Testing Methods
• Discovering programmer errors
• Custom apps don't have a vendor
providing security patches
• Source code review helps
• Two general approaches:
• Static and dynamic analysis
• Also manual code review
• Pair programming is employed in agile
programming shops
Static and Dynamic Testing
• Static testing: the code is not running
• Review source code for insecure
practices, unsafe functions, etc.
• Unix program lint
• Compiler warnings
• Dynamic testing: while code is executing
• White box testing: tester has source
code
• Black box: tester has no internal details
Traceability Matrix
• Maps customer requirements to software
testing plan
Synthetic Transactions
• Simulating business activities
• Often used for Web apps
Software Testing Levels
• Unit testing
• Tests components like functions,
procedures, or objects
• Installation testing
• Tests software as it is installed and first
operated
• Integration Testing
• Testing multiple software components as
they are combined into a working system
Software Testing Levels
• Regression testing
• Testing softare after updates,
modification, or patches
• Acceptance testing
• Testing to ensure the software meets
the customer's requirements
• When done by customer, called User
Acceptance Testing
Fuzzing
• A type of black box testing
• Sends random malformed data into
software programs
• To find crashes
• A type of dynamic testing
• Has found many flaws
Combinatorial Software Testing
• Seeks to identify and test all unique
combinations of software inputs
• Pairwise testing (also called all pairs
testing)
Misuse Case Testing
• Formally model an adversary misusing
the application
• A more formal and commonly recognized
way to consider negative security
outcomes is threat modeling
• Microsoft highlights it in their Security
Development Lifecycle (SDL)
Test Coverage Analysis
• Identifies the degree to which code
testing applies to the entire application
• To ensure that there are no significant
gaps
Analyze and Report Test Outputs
• Security test results are easy to produce
• Actually improving security is much
more difficult
• Data must be analyzed to determine what
action to take
6. Security Assessment and Testing

More Related Content

What's hot

8. Software Development Security
8. Software Development Security8. Software Development Security
8. Software Development SecuritySam Bowne
 
CISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU ArchitectureCISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU ArchitectureKarthikeyan Dhayalan
 
CISSP - Chapter 4 - Network Topology
CISSP - Chapter 4 - Network TopologyCISSP - Chapter 4 - Network Topology
CISSP - Chapter 4 - Network TopologyKarthikeyan Dhayalan
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practicesScott Hurrey
 
CISSP - Software Development Security
CISSP - Software Development SecurityCISSP - Software Development Security
CISSP - Software Development SecurityKarthikeyan Dhayalan
 
1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk ManagementSam Bowne
 
CISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranetsCISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranetsKarthikeyan Dhayalan
 
CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)Sam Bowne
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider ThreatPECB
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Codingbilcorry
 
CISSP - Chapter 4 - Network Fundamental
CISSP - Chapter 4 - Network FundamentalCISSP - Chapter 4 - Network Fundamental
CISSP - Chapter 4 - Network FundamentalKarthikeyan Dhayalan
 
CISSP - Chapter 3 - Physical security
CISSP - Chapter 3  - Physical securityCISSP - Chapter 3  - Physical security
CISSP - Chapter 3 - Physical securityKarthikeyan Dhayalan
 
SAST vs. DAST: What’s the Best Method For Application Security Testing?
SAST vs. DAST: What’s the Best Method For Application Security Testing?SAST vs. DAST: What’s the Best Method For Application Security Testing?
SAST vs. DAST: What’s the Best Method For Application Security Testing?Cigital
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 

What's hot (20)

8. Software Development Security
8. Software Development Security8. Software Development Security
8. Software Development Security
 
CISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU ArchitectureCISSP - Chapter 3 - CPU Architecture
CISSP - Chapter 3 - CPU Architecture
 
CISSP - Chapter 4 - Network Topology
CISSP - Chapter 4 - Network TopologyCISSP - Chapter 4 - Network Topology
CISSP - Chapter 4 - Network Topology
 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practices
 
CISSP - Software Development Security
CISSP - Software Development SecurityCISSP - Software Development Security
CISSP - Software Development Security
 
1. Security and Risk Management
1. Security and Risk Management1. Security and Risk Management
1. Security and Risk Management
 
CISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranetsCISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranets
 
CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)CISSP Prep: Ch 4. Security Engineering (Part 1)
CISSP Prep: Ch 4. Security Engineering (Part 1)
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Coding
 
Endpoint Security
Endpoint SecurityEndpoint Security
Endpoint Security
 
CISSP - Chapter 4 - Network Fundamental
CISSP - Chapter 4 - Network FundamentalCISSP - Chapter 4 - Network Fundamental
CISSP - Chapter 4 - Network Fundamental
 
Security Audit View
Security Audit ViewSecurity Audit View
Security Audit View
 
Secure Code Review 101
Secure Code Review 101Secure Code Review 101
Secure Code Review 101
 
CISSP - Chapter 3 - Physical security
CISSP - Chapter 3  - Physical securityCISSP - Chapter 3  - Physical security
CISSP - Chapter 3 - Physical security
 
CISSP Chapter 1 BCP
CISSP Chapter 1 BCPCISSP Chapter 1 BCP
CISSP Chapter 1 BCP
 
Insider threat
Insider threatInsider threat
Insider threat
 
SAST vs. DAST: What’s the Best Method For Application Security Testing?
SAST vs. DAST: What’s the Best Method For Application Security Testing?SAST vs. DAST: What’s the Best Method For Application Security Testing?
SAST vs. DAST: What’s the Best Method For Application Security Testing?
 
Domain 2 - Asset Security
Domain 2 - Asset SecurityDomain 2 - Asset Security
Domain 2 - Asset Security
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
 

Similar to 6. Security Assessment and Testing

Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Denim Group
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Manual Testing Types Used in Software Testing
Manual Testing Types Used in Software TestingManual Testing Types Used in Software Testing
Manual Testing Types Used in Software Testingseojayeshts
 
Software testing-and-analysis
Software testing-and-analysisSoftware testing-and-analysis
Software testing-and-analysisWBUTTUTORIALS
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayChris Gates
 
Software testing
Software testingSoftware testing
Software testingnidhip216
 
Software testing methods, levels and types
Software testing methods, levels and typesSoftware testing methods, levels and types
Software testing methods, levels and typesConfiz
 
SENG202-v-and-v-modeling_121810.pptx
SENG202-v-and-v-modeling_121810.pptxSENG202-v-and-v-modeling_121810.pptx
SENG202-v-and-v-modeling_121810.pptxMinsasWorld
 
What is penetration testing
What is penetration testingWhat is penetration testing
What is penetration testingsakshisoni076
 
Software Quality Assurance
Software Quality AssuranceSoftware Quality Assurance
Software Quality AssuranceSaqib Raza
 
Making security-agile matt-tesauro
Making security-agile matt-tesauroMaking security-agile matt-tesauro
Making security-agile matt-tesauroMatt Tesauro
 
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...ShudipPal
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)Sam Bowne
 
Penentration testing
Penentration testingPenentration testing
Penentration testingtahreemsaleem
 
manualtesting-170218090020 (1).pdf
manualtesting-170218090020 (1).pdfmanualtesting-170218090020 (1).pdf
manualtesting-170218090020 (1).pdfperamdevi06
 
CNIT 152: 4 Starting the Investigation & 5 Leads
CNIT 152: 4 Starting the Investigation & 5 LeadsCNIT 152: 4 Starting the Investigation & 5 Leads
CNIT 152: 4 Starting the Investigation & 5 LeadsSam Bowne
 

Similar to 6. Security Assessment and Testing (20)

Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testing
 
Manual Testing Types Used in Software Testing
Manual Testing Types Used in Software TestingManual Testing Types Used in Software Testing
Manual Testing Types Used in Software Testing
 
Software testing-and-analysis
Software testing-and-analysisSoftware testing-and-analysis
Software testing-and-analysis
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions Today
 
Software testing
Software testingSoftware testing
Software testing
 
Software Quality
Software Quality Software Quality
Software Quality
 
Software testing methods, levels and types
Software testing methods, levels and typesSoftware testing methods, levels and types
Software testing methods, levels and types
 
Security testing
Security testingSecurity testing
Security testing
 
Pm 6 testing
Pm 6 testingPm 6 testing
Pm 6 testing
 
Pm 6 testing
Pm 6 testingPm 6 testing
Pm 6 testing
 
SENG202-v-and-v-modeling_121810.pptx
SENG202-v-and-v-modeling_121810.pptxSENG202-v-and-v-modeling_121810.pptx
SENG202-v-and-v-modeling_121810.pptx
 
What is penetration testing
What is penetration testingWhat is penetration testing
What is penetration testing
 
Software Quality Assurance
Software Quality AssuranceSoftware Quality Assurance
Software Quality Assurance
 
Making security-agile matt-tesauro
Making security-agile matt-tesauroMaking security-agile matt-tesauro
Making security-agile matt-tesauro
 
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...
Software Engineering (Software Quality Assurance & Testing: Supplementary Mat...
 
CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)CNIT 160 4e Security Program Management (Part 5)
CNIT 160 4e Security Program Management (Part 5)
 
Penentration testing
Penentration testingPenentration testing
Penentration testing
 
manualtesting-170218090020 (1).pdf
manualtesting-170218090020 (1).pdfmanualtesting-170218090020 (1).pdf
manualtesting-170218090020 (1).pdf
 
CNIT 152: 4 Starting the Investigation & 5 Leads
CNIT 152: 4 Starting the Investigation & 5 LeadsCNIT 152: 4 Starting the Investigation & 5 Leads
CNIT 152: 4 Starting the Investigation & 5 Leads
 

More from Sam Bowne

3: DNS vulnerabilities
3: DNS vulnerabilities 3: DNS vulnerabilities
3: DNS vulnerabilities Sam Bowne
 
8. Software Development Security
8. Software Development Security8. Software Development Security
8. Software Development SecuritySam Bowne
 
4 Mapping the Application
4 Mapping the Application4 Mapping the Application
4 Mapping the ApplicationSam Bowne
 
3. Attacking iOS Applications (Part 2)
 3. Attacking iOS Applications (Part 2) 3. Attacking iOS Applications (Part 2)
3. Attacking iOS Applications (Part 2)Sam Bowne
 
12 Elliptic Curves
12 Elliptic Curves12 Elliptic Curves
12 Elliptic CurvesSam Bowne
 
11. Diffie-Hellman
11. Diffie-Hellman11. Diffie-Hellman
11. Diffie-HellmanSam Bowne
 
2a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 12a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 1Sam Bowne
 
9 Writing Secure Android Applications
9 Writing Secure Android Applications9 Writing Secure Android Applications
9 Writing Secure Android ApplicationsSam Bowne
 
12 Investigating Windows Systems (Part 2 of 3)
12 Investigating Windows Systems (Part 2 of 3)12 Investigating Windows Systems (Part 2 of 3)
12 Investigating Windows Systems (Part 2 of 3)Sam Bowne
 
12 Investigating Windows Systems (Part 1 of 3
12 Investigating Windows Systems (Part 1 of 312 Investigating Windows Systems (Part 1 of 3
12 Investigating Windows Systems (Part 1 of 3Sam Bowne
 
9. Hard Problems
9. Hard Problems9. Hard Problems
9. Hard ProblemsSam Bowne
 
8 Android Implementation Issues (Part 1)
8 Android Implementation Issues (Part 1)8 Android Implementation Issues (Part 1)
8 Android Implementation Issues (Part 1)Sam Bowne
 
11 Analysis Methodology
11 Analysis Methodology11 Analysis Methodology
11 Analysis MethodologySam Bowne
 
8. Authenticated Encryption
8. Authenticated Encryption8. Authenticated Encryption
8. Authenticated EncryptionSam Bowne
 
7. Attacking Android Applications (Part 2)
7. Attacking Android Applications (Part 2)7. Attacking Android Applications (Part 2)
7. Attacking Android Applications (Part 2)Sam Bowne
 
7. Attacking Android Applications (Part 1)
7. Attacking Android Applications (Part 1)7. Attacking Android Applications (Part 1)
7. Attacking Android Applications (Part 1)Sam Bowne
 
5. Stream Ciphers
5. Stream Ciphers5. Stream Ciphers
5. Stream CiphersSam Bowne
 
6 Scope & 7 Live Data Collection
6 Scope & 7 Live Data Collection6 Scope & 7 Live Data Collection
6 Scope & 7 Live Data CollectionSam Bowne
 

More from Sam Bowne (20)

Cyberwar
CyberwarCyberwar
Cyberwar
 
3: DNS vulnerabilities
3: DNS vulnerabilities 3: DNS vulnerabilities
3: DNS vulnerabilities
 
8. Software Development Security
8. Software Development Security8. Software Development Security
8. Software Development Security
 
4 Mapping the Application
4 Mapping the Application4 Mapping the Application
4 Mapping the Application
 
3. Attacking iOS Applications (Part 2)
 3. Attacking iOS Applications (Part 2) 3. Attacking iOS Applications (Part 2)
3. Attacking iOS Applications (Part 2)
 
12 Elliptic Curves
12 Elliptic Curves12 Elliptic Curves
12 Elliptic Curves
 
11. Diffie-Hellman
11. Diffie-Hellman11. Diffie-Hellman
11. Diffie-Hellman
 
2a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 12a Analyzing iOS Apps Part 1
2a Analyzing iOS Apps Part 1
 
9 Writing Secure Android Applications
9 Writing Secure Android Applications9 Writing Secure Android Applications
9 Writing Secure Android Applications
 
12 Investigating Windows Systems (Part 2 of 3)
12 Investigating Windows Systems (Part 2 of 3)12 Investigating Windows Systems (Part 2 of 3)
12 Investigating Windows Systems (Part 2 of 3)
 
10 RSA
10 RSA10 RSA
10 RSA
 
12 Investigating Windows Systems (Part 1 of 3
12 Investigating Windows Systems (Part 1 of 312 Investigating Windows Systems (Part 1 of 3
12 Investigating Windows Systems (Part 1 of 3
 
9. Hard Problems
9. Hard Problems9. Hard Problems
9. Hard Problems
 
8 Android Implementation Issues (Part 1)
8 Android Implementation Issues (Part 1)8 Android Implementation Issues (Part 1)
8 Android Implementation Issues (Part 1)
 
11 Analysis Methodology
11 Analysis Methodology11 Analysis Methodology
11 Analysis Methodology
 
8. Authenticated Encryption
8. Authenticated Encryption8. Authenticated Encryption
8. Authenticated Encryption
 
7. Attacking Android Applications (Part 2)
7. Attacking Android Applications (Part 2)7. Attacking Android Applications (Part 2)
7. Attacking Android Applications (Part 2)
 
7. Attacking Android Applications (Part 1)
7. Attacking Android Applications (Part 1)7. Attacking Android Applications (Part 1)
7. Attacking Android Applications (Part 1)
 
5. Stream Ciphers
5. Stream Ciphers5. Stream Ciphers
5. Stream Ciphers
 
6 Scope & 7 Live Data Collection
6 Scope & 7 Live Data Collection6 Scope & 7 Live Data Collection
6 Scope & 7 Live Data Collection
 

Recently uploaded

Paul Dobryden In Media Res Media Component
Paul Dobryden In Media Res Media ComponentPaul Dobryden In Media Res Media Component
Paul Dobryden In Media Res Media ComponentInMediaRes1
 
Healthy Minds, Flourishing Lives: A Philosophical Approach to Mental Health a...
Healthy Minds, Flourishing Lives: A Philosophical Approach to Mental Health a...Healthy Minds, Flourishing Lives: A Philosophical Approach to Mental Health a...
Healthy Minds, Flourishing Lives: A Philosophical Approach to Mental Health a...Osopher
 
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...DrVipulVKapoor
 
Jordan Chrietzberg In Media Res Media Component
Jordan Chrietzberg In Media Res Media ComponentJordan Chrietzberg In Media Res Media Component
Jordan Chrietzberg In Media Res Media ComponentInMediaRes1
 
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 11 (CẢ NĂM) - FRIENDS GLOBAL - NĂM HỌC...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 11 (CẢ NĂM) - FRIENDS GLOBAL - NĂM HỌC...BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 11 (CẢ NĂM) - FRIENDS GLOBAL - NĂM HỌC...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 11 (CẢ NĂM) - FRIENDS GLOBAL - NĂM HỌC...Nguyen Thanh Tu Collection
 
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...Nguyen Thanh Tu Collection
 
How to Uninstall a Module in Odoo 17 Using Command Line
How to Uninstall a Module in Odoo 17 Using Command LineHow to Uninstall a Module in Odoo 17 Using Command Line
How to Uninstall a Module in Odoo 17 Using Command LineCeline George
 
4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptxmary850239
 
Pastoral Poetry, Definition, Origin, Characteristics and Examples
Pastoral Poetry, Definition, Origin, Characteristics and ExamplesPastoral Poetry, Definition, Origin, Characteristics and Examples
Pastoral Poetry, Definition, Origin, Characteristics and ExamplesDrVipulVKapoor
 
How to create _name_search function in odoo 17
How to create _name_search function in odoo 17How to create _name_search function in odoo 17
How to create _name_search function in odoo 17Celine George
 
Unit :1 Basics of Professional Intelligence
Unit :1 Basics of Professional IntelligenceUnit :1 Basics of Professional Intelligence
Unit :1 Basics of Professional IntelligenceDr Vijay Vishwakarma
 
4.9.24 School Desegregation in Boston.pptx
4.9.24 School Desegregation in Boston.pptx4.9.24 School Desegregation in Boston.pptx
4.9.24 School Desegregation in Boston.pptxmary850239
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxkarenfajardo43
 
DBMSArchitecture_QueryProcessingandOptimization.pdf
DBMSArchitecture_QueryProcessingandOptimization.pdfDBMSArchitecture_QueryProcessingandOptimization.pdf
DBMSArchitecture_QueryProcessingandOptimization.pdfChristalin Nelson
 
Scientific Writing :Research Discourse
Scientific  Writing :Research  DiscourseScientific  Writing :Research  Discourse
Scientific Writing :Research DiscourseAnita GoswamiGiri
 
The role of Geography in climate education: science and active citizenship
The role of Geography in climate education: science and active citizenshipThe role of Geography in climate education: science and active citizenship
The role of Geography in climate education: science and active citizenshipKarl Donert
 
ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6Vanessa Camilleri
 
4.4.24 Economic Precarity and Global Economic Forces.pptx
4.4.24 Economic Precarity and Global Economic Forces.pptx4.4.24 Economic Precarity and Global Economic Forces.pptx
4.4.24 Economic Precarity and Global Economic Forces.pptxmary850239
 

Recently uploaded (20)

CARNAVAL COM MAGIA E EUFORIA _
CARNAVAL COM MAGIA E EUFORIA            _CARNAVAL COM MAGIA E EUFORIA            _
CARNAVAL COM MAGIA E EUFORIA _
 
Paul Dobryden In Media Res Media Component
Paul Dobryden In Media Res Media ComponentPaul Dobryden In Media Res Media Component
Paul Dobryden In Media Res Media Component
 
Healthy Minds, Flourishing Lives: A Philosophical Approach to Mental Health a...
Healthy Minds, Flourishing Lives: A Philosophical Approach to Mental Health a...Healthy Minds, Flourishing Lives: A Philosophical Approach to Mental Health a...
Healthy Minds, Flourishing Lives: A Philosophical Approach to Mental Health a...
 
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...
Geoffrey Chaucer Works II UGC NET JRF TGT PGT MA PHD Entrance Exam II History...
 
Jordan Chrietzberg In Media Res Media Component
Jordan Chrietzberg In Media Res Media ComponentJordan Chrietzberg In Media Res Media Component
Jordan Chrietzberg In Media Res Media Component
 
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 11 (CẢ NĂM) - FRIENDS GLOBAL - NĂM HỌC...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 11 (CẢ NĂM) - FRIENDS GLOBAL - NĂM HỌC...BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 11 (CẢ NĂM) - FRIENDS GLOBAL - NĂM HỌC...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 11 (CẢ NĂM) - FRIENDS GLOBAL - NĂM HỌC...
 
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...
BÀI TẬP BỔ TRỢ 4 KĨ NĂNG TIẾNG ANH LỚP 8 - CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC ...
 
How to Uninstall a Module in Odoo 17 Using Command Line
How to Uninstall a Module in Odoo 17 Using Command LineHow to Uninstall a Module in Odoo 17 Using Command Line
How to Uninstall a Module in Odoo 17 Using Command Line
 
4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx4.11.24 Poverty and Inequality in America.pptx
4.11.24 Poverty and Inequality in America.pptx
 
Pastoral Poetry, Definition, Origin, Characteristics and Examples
Pastoral Poetry, Definition, Origin, Characteristics and ExamplesPastoral Poetry, Definition, Origin, Characteristics and Examples
Pastoral Poetry, Definition, Origin, Characteristics and Examples
 
How to create _name_search function in odoo 17
How to create _name_search function in odoo 17How to create _name_search function in odoo 17
How to create _name_search function in odoo 17
 
Unit :1 Basics of Professional Intelligence
Unit :1 Basics of Professional IntelligenceUnit :1 Basics of Professional Intelligence
Unit :1 Basics of Professional Intelligence
 
4.9.24 School Desegregation in Boston.pptx
4.9.24 School Desegregation in Boston.pptx4.9.24 School Desegregation in Boston.pptx
4.9.24 School Desegregation in Boston.pptx
 
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptxGrade Three -ELLNA-REVIEWER-ENGLISH.pptx
Grade Three -ELLNA-REVIEWER-ENGLISH.pptx
 
DBMSArchitecture_QueryProcessingandOptimization.pdf
DBMSArchitecture_QueryProcessingandOptimization.pdfDBMSArchitecture_QueryProcessingandOptimization.pdf
DBMSArchitecture_QueryProcessingandOptimization.pdf
 
Scientific Writing :Research Discourse
Scientific  Writing :Research  DiscourseScientific  Writing :Research  Discourse
Scientific Writing :Research Discourse
 
The role of Geography in climate education: science and active citizenship
The role of Geography in climate education: science and active citizenshipThe role of Geography in climate education: science and active citizenship
The role of Geography in climate education: science and active citizenship
 
Israel Genealogy Research Assoc. April 2024 Database Release
Israel Genealogy Research Assoc. April 2024 Database ReleaseIsrael Genealogy Research Assoc. April 2024 Database Release
Israel Genealogy Research Assoc. April 2024 Database Release
 
ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6ICS 2208 Lecture Slide Notes for Topic 6
ICS 2208 Lecture Slide Notes for Topic 6
 
4.4.24 Economic Precarity and Global Economic Forces.pptx
4.4.24 Economic Precarity and Global Economic Forces.pptx4.4.24 Economic Precarity and Global Economic Forces.pptx
4.4.24 Economic Precarity and Global Economic Forces.pptx
 

6. Security Assessment and Testing

  • 3. Penetration Testing • Authorized white hat hacker breaks into an organization
  • 4. Social Engineering • Exploiting the human mind • Often tricks the user into clicking a link • Zero-knowledge (black box) test • No information provided to attacker • Full-knowledge test • Provides pen tester with network diagram, policies and procedures, and sometimes results from previous pen testers • Partial-knowledge test
  • 5. Penetration Tester Tools and Methodology • Metasploit (open source) • Core Impact and Immunity Canvas (closed source) • Methodology
  • 6. Assuring Confidentiality, Data Integrity, and System Integrity • Pen testers must ensure confidentiality of data they access • Report should be treated as confidential
  • 7. Vulnerability Testing • Also called Vulnerability Scanning • Uses a tool like Nessus or OpenVAS • Finds vulnerabilities • Requires manual verification and assessment • Must be matched to real threats to find true risk
  • 8. Security Audit • Tests against a public standard • Such as PCI-DSS (Payment Card Industry Data Security Standard)
  • 9. Security Assessment • View many controls across multiple domains • Policies and procedures • Administrative controls • Change management • Other tests (pen tests, vuln assessments, security audits)
  • 10. Internal and Third Party Audits • Internal audits • Assessing adherence to policy • External audits • Require security professionals to play a role • Response and remediation to audit findings • Demonstrating mitigations
  • 11. Log Reviews • Easiest way to verify that access control mechanisms are working
  • 12. Centralized Logging • A central repository allows for more scalable security monitoring and intrusion detection • Syslog transmits log data in plaintext over UDP port 514 • Log retention • May be relevant to legal or regulatory compliance
  • 14. Software Testing Methods • Discovering programmer errors • Custom apps don't have a vendor providing security patches • Source code review helps • Two general approaches: • Static and dynamic analysis • Also manual code review • Pair programming is employed in agile programming shops
  • 15. Static and Dynamic Testing • Static testing: the code is not running • Review source code for insecure practices, unsafe functions, etc. • Unix program lint • Compiler warnings • Dynamic testing: while code is executing • White box testing: tester has source code • Black box: tester has no internal details
  • 16. Traceability Matrix • Maps customer requirements to software testing plan
  • 17. Synthetic Transactions • Simulating business activities • Often used for Web apps
  • 18. Software Testing Levels • Unit testing • Tests components like functions, procedures, or objects • Installation testing • Tests software as it is installed and first operated • Integration Testing • Testing multiple software components as they are combined into a working system
  • 19. Software Testing Levels • Regression testing • Testing softare after updates, modification, or patches • Acceptance testing • Testing to ensure the software meets the customer's requirements • When done by customer, called User Acceptance Testing
  • 20. Fuzzing • A type of black box testing • Sends random malformed data into software programs • To find crashes • A type of dynamic testing • Has found many flaws
  • 21. Combinatorial Software Testing • Seeks to identify and test all unique combinations of software inputs • Pairwise testing (also called all pairs testing)
  • 22. Misuse Case Testing • Formally model an adversary misusing the application • A more formal and commonly recognized way to consider negative security outcomes is threat modeling • Microsoft highlights it in their Security Development Lifecycle (SDL)
  • 23. Test Coverage Analysis • Identifies the degree to which code testing applies to the entire application • To ensure that there are no significant gaps
  • 24. Analyze and Report Test Outputs • Security test results are easy to produce • Actually improving security is much more difficult • Data must be analyzed to determine what action to take