7.2 - Vulnerability Management Life Cycle

 7.2 - Vulnerability management life cycle 

Key Terms: 

    • Vulnerability assessment – Testing the network for vulnerabilities. 
    • Risk assessmentEvaluating the threat level of a vulnerability. 
    • Remediation – Patching, hardening, and correcting a weakness. 
    • Verification – Retesting the system to verify the patches were successful. 
    • Monitoring – The systems are continuously monitored. 

 

Baseline Creation 

This is the first stage of the vulnerability management life cycle. The current security procedures are evaluated based on their effectiveness, establish risks by evaluating how the security procedures are enforced, and what vulnerabilities may have been overlooked. In this stage, documents such as a permission to test and a scope of work should be agreed upon by management and the ethical hacker. For the safety of the hacker, the correct people in the organisation must be briefed on what you will test, when you will test it, and how you will test it. 

 

Vulnerability Assessment 

This stage is when you assess vulnerabilities in the organisation’s systems and network. This phase is where penetration testing begins. It's important to decide when the best time to test is as you don’t want to be shutting systems down during peak business times. You must also choose the best tools to use for which system. Make sure you understand the tools you use as you can accidentally damage a system by mistake. This is the most important stage of penetration testing. 

 

Risk Assessment 

The vulnerabilities found in the penetration test must be analysed and ranked based on their access and sensitivity risks. A report should be created to explain to management the areas of sensitivity and create a plan of action to control the weaknesses, protect information, and harden systems. 

 

Remediation 

The steps taken to mitigate risks such as evaluating vulnerabilities, locating entry points, and designing responses for the vulnerabilities. The plan of action created in the risk assessment phase is consulted and implemented into the organisation’s infrastructure. The high-risk vulnerabilities should be fixed first. It is nearly impossible to identify and fix every vulnerability in a network which is why it is so important that the highest risk vulnerabilities are fixed first. 

 

Verification 

In this phase, systems are retested to verify whether a patch has been successful or not. Even if you are certain that a patch you have implemented has fixed a vulnerability, verification is still ideal as you can prove to management that you have done your job and protected their systems. 

 

Monitoring 

A hacker may recommend routine penetration tests and monitoring of vulnerabilities. This proactively protects the organisation from attacks that have been missed. It is natural for a business to feel secure after a penetration test however, new vulnerabilities are always found and used against organisations. 

 

Product-Based Solution 

A product-based solution is a method of implementing fixes for vulnerabilities. This is where a product is purchased and administered inside the network, so it is inside the firewall and inaccessible from the outside. 

 

Service-Based Solution 

This is when a professional is hired to provide a service to fix vulnerabilities. This happens from outside the network. 

 

Tree-Based Assessment 

This assessment contains a preset plan for the order of testing and scanning. Usually, lots of enumeration is required for this to be effective. 

 

Inference-Based Assessment 

In this approach, the hacker will test and gather information as they go and adjust their scan accordingly. 

 

Penetration Steps for Vulnerability Scanning 

    • Live nodes must be identified. 
    • Itemise each open port and service. 
    • Test each port for vulnerabilities. 

Comments

Post a Comment

Popular posts from this blog

OSA Assignment 1 - Task 3 GUIDE

Image
  OSA Assignment 1 – Task 3 Guide     Exam parameters   Time length – 5 hours (2x 2 ½ sessions)   Marks available – 28     Task 3: Design – Communication Equipment   In this task you are required to submit :   A technical proposal covering the switches, wireless infrastructure and specifications   Justification of planned network architecture and considerations for security, resilience, performance and redundancy   Evidence print screens   Annotated floor plan/network diagram     Technical Proposal   The technical proposal in task 3 follows a similar format as task 2. It's another large document detailing the requirements and recommendations for the company. In task 3, however , it should discuss communication and other digital equipment such as switches, CCTV and APs.   You should recommend multiple hardware solutions and justify between them.   Here are some examples of tables and information ...
Read more

OSA Assignment 1 - Task 1 GUIDE

  OSA Assignment 1 – Task 1 Guide     Exam parameters   Time length – 3 hours   Marks available – 20     Task 1: Planning   In this task you are required to submit :   A project plan   Gantt chart showing th e critical path   Explanation of legal requirements   Physical and digital threat countermeasures   Annotated floor plan     Gantt Chart   The Gantt Chart is the first document you should create. This details each phase of the project alongside the timescale to complete it.   Ensure you make a note of the deadline for the project along with any pre-requisites such as cabling. This should all be implemented into your Gantt Chart.   You can follow a layout like this:   Project:   Pre considerations (Gathering project timescale, risk assessments, ...)   Planning (Devising project plan, identifying budget, ...)   Design (Research hardware, identify topology, ...)   Pre ...
Read more

OSA Summer 2023 Mock - Task 1, Assignment 1

Image
  OSA Summer 2023 Mock – Task 1           Legal requirements   The company must ensure they are compliant with the correct legislation whilst the project is undertaken.   If any person is working at height, the correct safety measures to prevent injury or death must be imposed under The Work at Height Regulations 2005. They must have an appropriate safety harness on and hazardous areas at height should be i dentified in the risk assessment.   By storing data internally on a local file server, the business is responsible for maintaining the confidentiality, availability and integrity of that data. They must comply with The Data Protection Act 2018 and General Data Protection Regulations.   Display screen equipment regulations (DSE) should be considered when installing workstations. Ergonomic and posture-friendly chairs should be installed and employees given appropriate breaks from working around screens.     Data p...
Read more