Managing a Network Vulnerability Assessment / Edition 1

Managing a Network Vulnerability Assessment / Edition 1

by Thomas R. Peltier, Justin Peltier, John A. Blackley
     
 

View All Available Formats & Editions

ISBN-10: 0849312701

ISBN-13: 9780849312700

Pub. Date: 05/28/2003

Publisher: Taylor & Francis

Provides a structured, formal framework for network vulnerability assessment Gives details on developing a scope statement Presents a summary of available tools and hacker sites, how they work, and how to use them Explains how to use the after action report to harden the network Network vulnerability assessment, sometimes called "ethical hacking," involves a

Overview

Provides a structured, formal framework for network vulnerability assessment Gives details on developing a scope statement Presents a summary of available tools and hacker sites, how they work, and how to use them Explains how to use the after action report to harden the network Network vulnerability assessment, sometimes called "ethical hacking," involves a deliberate attempt by a network's owner to break into the network using the same means employed by hackers intent on illegal, unauthorized access to a network. Managing A Network Vulnerability Assessment provides a structured, formal framework for network vulnerability assessment and ensures that nothing is overlooked. It provides details on developing a scope statement, understanding the assessment methodology, setting up a team, and what an ideal report should include. It also includes a summary of available tools and hacker sites, how they work, and how to properly use them in a network vulnerability assessment.

Product Details

ISBN-13:
9780849312700
Publisher:
Taylor & Francis
Publication date:
05/28/2003
Edition description:
New Edition
Pages:
312
Product dimensions:
7.00(w) x 10.00(h) x 0.66(d)

Table of Contents

Introduction
Information Security Lifecycle
Network Vulnerability Assessment
Do I Need to be a Technical Expert to Run an NVA?
What Level of Skill Is Needed?
Which Specific Skills Are Needed?
Can One Person Run an NVA?
Introduction to Vulnerability Assessment
Goals of Vulnerability Assessment
How Many Trees Should Die to Generate This Type of Report?
What Are Vulnerabilities?
Classes of Vulnerabilities
Elements of a Good Vulnerability Assessment

Project Scoping
General Scoping Practices
Developing the Project Overview Statement
Developing the Project Scope
Project Scope Document
Project Scope Change
Summary

Assessing Current Network Concerns
Network Vulnerability Assessment Timeline
Network Vulnerability Assessment Team (NVAT)
Threats to Computer Systems
Other Concerns
Additional Threats
Prioritizing Risks and Threats
Other Considerations
Checklists
Summary

Network Vulnerability Assessment Methodology
Methodology Purpose
Definitions
Justification
Philosophy
Top-Down Examination
Bottom-Up Examination
Network Vulnerability Assessment Methodology
The NVA Process (Step-by-Step)
Summary

Policy Review (Top-Down) Methodology
Definitions
Policy

Review Elements
Summary

Technical (Bottom-Up)
Step 1: Site Survey
Step 2: Develop a Test Plan
Step 3: Building the Toolkit
Step 4: Conduct the Assessment
Step 5: Analysis
Step 6: Documentation
Summary

Network Vulnerability Assessment Sample Report
Table of
Executive Summary
Body of the NVA Report
Summary

Summary

Appendixes
ISO17799 Self-Assessment Checklist
Window NT Server 4.0 Checklist
Network Vulnerability Assessment Checklist
Pre-NVA Checklist
Sample NVA Report
NIST Special Publications
Glossary of Terms

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >