CISSP Ch 15: Security Assessment and Testing

Ace your homework & exams now with Quizwiz!

ISO 27002

*Security controls* based on *industry best practices*.

banner grabbing

-Port scanners, network vulnerability scanners, and web vulnerability scanners use this technique to identify the variant and version of a service running on a system -opens a connection to the service and reads the details provided on the welcome screen, or banner, to assist with version fingerprinting

Control Objectives for Information and Related Technologies (COBIT)

-common framework for conducting audits and assessments -maintained by ISACA -describes the common requirements that organizations should have in place surrounding their information systems

Network Vulnerability Scanning

-go deeper than discovery scans. They don't stop with detecting open ports but continue on to probe a targeted system or network for the presence of known vulnerabilities

nmap

-most common tool used for network discovery scanning -open source -provides status of port: open, closed, filtered

four main categories of vulnerability scans

-network discovery scans -network vulnerability scans -web application vulnerability scans -database vulnerability scans

TCP Connect Scanning

-network discovery technique -Opens a full connection to the remote system on the specified port. This scan type is used when the user running the scan does not have the necessary permissions to run a half-open scan

UDP Scanning

-network discovery technique -Performs a scan of the remote system using the UDP protocol, checking for active UDP services. This scan type does not use the three-way handshake, because UDP is a connectionless protocol

TCP ACK Scanning

-network discovery technique -Sends a packet with the ACK flag set, indicating that it is part of an open connection. This type of scan may be done in an attempt to determine the rules enforced by a firewall and the firewall methodology

Xmas Scanning

-network discovery technique -Sends a packet with the FIN, PSH, and URG flags set. A packet with so many flags set is said to be "lit up like a Christmas tree,"

TCP SYN Scanning

-network discovery technique -known as "half-open" scanning. -Sends a single packet to each scanned port with the SYN flag set

Open Vulnerability and Assessment Language (OVAL)

-part of SCAP -provides a language for describing security testing procedures.

Extensible Configuration Checklist Description Format (XCCDF)

-part of SCAP -provides a language for specifying security checklists.

Common Vulnerabilities and Exposures (CVE)

-part of SCAP -provides a naming system for describing security vulnerabilities.

Common Platform Enumeration (CPE)

-part of SCAP -provides a naming system for operating systems, applications, and devices.

Common Configuration Enumeration (CCE)

-part of SCAP -provides a naming system for system configuration issues.

Common Vulnerability Scoring System (CVSS)

-part of SCAP -provides a standardized scoring system for describing the severity of security vulnerabilities

Type II Reports

-type of SOC report -These reports go further and also provide the auditor's opinion on the operating effectiveness of the controls -covers an extended period of time: at least six months of operation -considered much more reliable than Type I reports because they include independent testing of controls

Type I Reports

-type of SOC report -provide the auditor's opinion on the description provided by management and the suitability of the design of the controls -cover only a specific point in time, rather than an extended period

Network discovery scanning

-uses a variety of techniques to scan a range of IP addresses, searching for systems with open network ports -scanners do not actually probe systems for vulnerabilities but provide a report showing the systems detected on a network -TCP SYN Scanning -TCP Connect Scanning -TCP ACK Scanning -UDP Scanning -XMAS Scanning

Security Content Automation Protocol (SCAP)

A NIST framework that outlines various accepted practices for automating vulnerability scanning. -common language for describing and evaluating vulnerabilities -CVE, CVSS, CCE, CPE, XCCDF, OVAL

SOC 2 Engagements

Assess the organization's controls that affect the security (confidentiality, integrity, and availability) and privacy of information stored in a system. -audit results are confidential and are normally only shared outside the organization under an NDA.

SOC 3 Engagements

Assess the organization's controls that affect the security (confidentiality, integrity, and availability) and privacy of information stored in a system. -audit results are intended for public disclosure.

SOC 1 Engagements

Assess the organization's controls that might impact the accuracy of financial reporting.

service organization controls (SOC) audits

SSAE 18 and ISAE 3402 engagements

ISO 27001

The ISO (International Organization for Standardization) 27001 standard is a code of practice for implementing an information security management system, against which organizations can be certified.

Vulnerability scans

automatically probe systems, applications, and networks, looking for weaknesses that may be exploited by an attacker

Third-Party Audits

conducted by, or on behalf of, another organization

Internal Audits

performed by an organization's internal audit staff and are typically intended for internal audiences. -the staff performing these audits normally have a reporting line that is completely independent of the functions they evaluate

External Audits

performed by an outside auditing firm. These audits have a high degree of external validity because the auditors performing the assessment theoretically have no conflict of interest with the organization itself

netstat

useful tool for examining the active ports on a system. This command lists all active network connections on a system as well as those ports that are open and awaiting new connections


Related study sets

EXAM 2 Consumer Behavior CH 7-10

View Set

PN PASSPOINT (Anxiety Disorders)

View Set

Prep 2: How Does Evolution Relate to Influenza?

View Set

Ethical Hacking and Network Defense Chpt 4-6

View Set

Leadership Test 1 oriented questions

View Set