Security
Port Scanning
Learning Objectives:
- Comprehend various port scanning techniques, such as TCP Connect scanning, SYN scanning, UDP scanning, and stealth scanning, and their specific methodologies.
Port scanning is a technique used to discover open ports on a target computer or device in a network. It is an essential part of both network security and network reconnaissance. Port scanning serves various purposes, including network security assessments, vulnerability assessment, and service identification. Ports are numbered endpoints for network services. They help in routing network traffic to the correct applications on a device. Ports are categorized into well-known, registered, and dynamic/private ports.
Solved Example: 9208-01
What is port scanning?
A. It is a software used to scan system for attack
B. It is a software application designed to probe a server or host for open ports
C. It is software used to scan system for introducing attacks by brute force
D. None of the mentioned
Correct Answer: B
Network Vulnerability Testing
Learning Objectives:
- Understand the significance of network vulnerability testing in cybersecurity.
- Define key terms and concepts related to network vulnerabilities, threats, and risks.
- Identify and classify different types of vulnerabilities, including software vulnerabilities, configuration errors, and human factors.
- Recognize common network threats, such as malware, phishing, denial of service (DoS) attacks, and insider threats.
- Understand the steps involved in conducting a vulnerability assessment, from initial scoping to reporting.
Network Vulnerability Testing is the process of evaluating computer networks and systems for vulnerabilities and security weaknesses. It involves systematically identifying potential weaknesses, assessing their impact, and recommending mitigations to enhance the overall security posture of the network.
Objectives:
- Identifying Vulnerabilities: The primary goal of vulnerability testing is to identify weaknesses and vulnerabilities in network infrastructure, software, and configurations. This includes potential entry points for attackers, misconfigured devices, and software flaws.
- Assessing Impact: Assessing the potential impact of identified vulnerabilities is crucial. This involves understanding how vulnerabilities could be exploited and the potential consequences for the network, data, and operations.
- Risk Evaluation: Vulnerability testing includes risk assessment to prioritize identified vulnerabilities based on their severity and potential impact. High-risk vulnerabilities are given priority for remediation.
- Ethical Hacking: Vulnerability testing often involves ethical hacking techniques, where security professionals simulate cyberattacks to understand the network's resilience and identify security gaps.
- Compliance Verification: In some cases, vulnerability testing is performed to ensure compliance with industry regulations and standards, such as HIPAA for healthcare or PCI DSS for payment card industry security.
- Documentation: The results of vulnerability testing are documented in comprehensive reports. These reports include a list of vulnerabilities, their severity, recommended mitigations, and steps taken during testing.
- Continuous Monitoring: Network vulnerability testing is an ongoing process. It includes regular assessments to account for changes in the network environment, new threats, and software updates.
Methods of Network Vulnerability Testing:
- Scanning and Enumeration: Automated tools are used to scan networks for open ports, services, and vulnerabilities. Enumeration techniques are used to gather information about the network.
- Penetration Testing: Ethical hackers attempt to exploit vulnerabilities to demonstrate their real-world impact. This helps organizations understand the potential consequences of a successful attack.
- Password Cracking: Techniques and tools are employed to test the strength of passwords used on the network, identifying weak or easily guessable passwords.
- Social Engineering Tests: These tests evaluate the susceptibility of network users to social engineering attacks, such as phishing and impersonation.
- Wireless Network Testing: Assess the security of wireless networks, including Wi-Fi networks, to identify vulnerabilities like weak encryption or unauthorized access points.
Ethical and Legal Considerations:
- Network vulnerability testing must be conducted ethically and legally. It often requires proper authorization from the network owner or administrator.
- Testers must follow ethical guidelines and adhere to legal requirements to ensure the security of systems being tested and prevent any damage or disruption.
Web Vulnerability Testing
Penetration Testing
Solved Example: 9260-01
A cyber-criminal or penetration tester uses the additional data that stores certain special instructions in the memory for activities to break the system in which of the following attack?
A. Clickjacking
B. Buffer-overflow
C. Phishing
D. MiTM
Correct Answer: B
Security Triad
Solved Example: 9261-01
Another name for the information security triad is:
A. The FBI triad.
B. The ISS triad.
C. The CIA triad.
D. The IST triad.
Correct Answer: C