acquired from the system
Cyber Security Tests and Audits
In a Cyber security point of view, we can classify the cyber security tests and audits into three parts:
Security Audits: checklist of best practices.
Vulnerability Assessments: Identifying the security holes.
Penetration Tests.
Security Audits
Computer security audits is a manual or systematic measurable technical assessment and security audits that include:
Checking systems configuration for best practices.
Interviewing staff to determine the level of security awareness of the staff.
Reviewing application and operating systems access controls.
Analysis of physical access to the systems.
Security Audits should be performed with administrative privilege.
Security Audits best practice’s
Security Audits best practices can be found through the information security stranded and controls published by many organizations around the word, below a list of well-known information security organizations that published and keep updated information security best practices, controls, check lists and tools to help organizations accomplish best cyber defense.
Here is a list of some of these organization with links to their website to obtain security controls documents and tools as all these organization offer documents and tools for free except ISO which charge fee for their standard document.
Center of Internet Security CIS ( https://www.cisecurity.org/)
US National Institute of Standards and Technology (NIST) ( https://nvd.nist.gov/ncp/repository)
International Organization for Standardization (ISO/IEC 27000 Family – Information Security management systems) https://www.iso.org/isoiec-27001-information-security.html
PCI Security Standard Council which published Payment Card Industry Data Security Standards (PCI DSS) https://www.pcisecuritystandards.org/
Vulnerability Assessment
Vulnerability assessment is the process of defining, identifying and classifying security vulnerabilities in an IT system.
vulnerability types:
Authentication Vulnerability.
Authorization Vulnerability.
Input Validation Vulnerability.
The main difference between Vulnerability Assessment and Penetration testing is that in the Vulnerability Assessment no exploitation and post exploitation is done, and you don’t know whether the finding is false-positive or true-positive.
Vulnerability Assessment Steps:
Identifying assets and building asset inventory.
Categorizing assets into groups.
Scanning assets for vulnerabilities.
Ranking risks.
Patch Management.
Follow-up remediation scans
Vulnerability Assessment Tools:
Qualys
Nessus – Tenable Security (they have free community edition with limited functionality)
Nexpose – Rapid 7 (they have free community edition with limited functionality)
OpenVas (Free and Open Source)
Security Terms
Asset
Asset is people, property or information that we are trying to protect. People include employees, contractors and customers. Property include tangible and intangible items that can have value, intangible assets include reputation as well as proprietary information. Information include Databases, software code, critical company record and many other intangible items, in short, an asset is what we are trying to protect.
Threat
Threat is anything that that can exploit a vulnerability intentionally or accidently and obtain, destroy an asset, in other words threaten what we are trying to protect against.
Vulnerability
Vulnerability is a weakness or gaps in a security program that can be exploited by threats to gain unauthorized access to an asset. Vulnerability is a weakness or gap in our protection efforts.
Risk
Risk is the potential for loss, damage or destruction of an asset as a result of a threat exploiting a vulnerability. Risk is the intersection of Assets, threats and vulnerabilities.
Why it is so important to understand the distinction between these terms? because you won’t understand the full extent of the risk to the asset otherwise.
When conducting a risk assessment, the formula used is:
Asset (A) + Threat (T) + Vulnerability (V) = Risk (R).
Exploit
Exploit is a piece of software or a sequence of commands that takes advantage of a vulnerability to cause unintended or unanticipated behavior to occur on computer software or hardware. An exploit is an attack on a computer system specially when it takes advantage of a vulnerability the system has or is known for. Exploit is the act of successfully making attack.
Penetration Test Approach
What should a Penetration tester know about the system in order to perform a Pen-test? The approach that a Pen-tester should take in order to perform Penetration test should take three different stages, Black box, Gray box and white box tests.
Black Box Pen-test
Black box pen-test is that the
