From the course: Performing a Technical Security Audit and Assessment
Required skillsets
From the course: Performing a Technical Security Audit and Assessment
Required skillsets
- Identifying and analyzing targets is the process of determining which devices and systems are available to test, and subsequently, conducting basic vulnerability analysis on them. Information gathered from the previous stage, such as asset inventories and network diagrams, will be used in this stage. The results found in this stage will be used to conduct more thorough testing in the next stage. In this chapter, I'll cover four techniques useful for identifying and analyzing targets. These techniques are conducting network discovery, identifying network ports and services, scanning for vulnerabilities, and scanning wireless networks. Here are some basic skill sets for each of these techniques. For conducting network discovery, an assessor will need to have a solid understanding of TCP/IP networks and how they work. For example, the assessor must know the purposes and functions of network devices like routers, hubs, and switches, as well as how IP addressing and subnetting works. He will also need to know how to use network scanners and other methods for finding devices on the network. Identifying network ports and services also requires know of TCP/IP networking, as well as how ports and services work on various operating systems. Recognizing common ports and services will be helpful. The assessor should also be able to use port and service scanning tools and know how to interpret the results. TCP/IP knowledge is also important when scanning for vulnerabilities. A good understanding of ports, protocols, services, system misconfigurations, other sources of vulnerabilities is necessary. The assessor should also be able to use vulnerability scanning tools, such as OpenVAS, and know how to interpret the results. For example, ranking system vulnerabilities by severity, determining which hosts have the most severe vulnerabilities and identifying which vulnerabilities can easily be remediated. Assessors scanning wireless networks need to have a good understanding of Wi-Fi technologies and protocols, such as the 802.11 family of specifications, wireless access points, and Wi-Fi protected access, or WPA. They should also be able to use wireless scanning tools and know how to interpret the results. With these skill sets, one should be able to successfully identify and analyze targets.
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
Required skillsets2m 49s
-
(Locked)
Conduct network discovery4m 31s
-
(Locked)
Network discovery tool demo3m 3s
-
(Locked)
Challenge: Install and run Nmap1m
-
(Locked)
Solution: Install and run Nmap2m 47s
-
(Locked)
Identify network ports and services3m 6s
-
(Locked)
Network ports and services discovery tool demo5m 11s
-
(Locked)
Scan for vulnerabilities5m 20s
-
(Locked)
Vulnerability scanning tool demo4m 21s
-
(Locked)
Scan wireless networks5m 32s
-
-
-
-
-
-