7.1 - Vulnerability Assessment
7.1 - Vulnerability assess ment Key Terms: Active assessment – A network evaluation that is obtained by actively testing the network for weaknesses. Passive assessment – A network evaluation that is obtained by looking for weaknesses purely through observation. External assessment – A network evaluation that is obtained by testing external systems from outside the network. Internal assessment - A network evaluation that is obtained by testing and analysing processes and systems inside the network. Vulnerability Assessment A vulnerability assessment is the process of identifying weaknesses in an organisation’s infrastructure including operating systems, web applications and web servers. It is used to plan additional security measures to protect the systems from an attack. Expected Results Vulnerabilities an ethical hacker may uncover can include open ports and services, vulnerabilities in app...