MEMBER LOGIN: PASSWORD:
Log-in Questions? Forgot/Change Password
 
 
The CSI View
Conferences & Events
Awareness & Training
Membership
About CSI
 
 

How to Perform a Technical Network Vulnerability Assessment

Justin Peltier

With the proliferation of connected networks in which it is common for an organization to have connected their resources to intranets, extranets and the Internet, the number of potential malicious users grows exponentially.

In order for an organization to combat the likelihood of service interruption and corruption of data, periodic vulnerability assessments are essential.

In this two-day, demonstrative workshop, we will examine how to conduct a cost-effective vulnerability assessment, beginning with time-maximization techniques up to and including all the tools of the trade.

This seminar is targeted toward the technicians who will be running the tools, interpreting the results, and proposing corrective actions.

A demonstration of the most popular tools and how to obtain them will be included.

This class includes discussion on the current security testing methodologies, including the Open Source Security Testing Methodology Manual (OSSTMM), the National Institute for Standards & Technology (NIST) standard, and the Common Criteria Security Testing standard.

Apart from the new standards we will also cover the latest legislation regarding network vulnerability assessment, including the Gramm Leach Bliley Act (GLBA), Health Insurance Portability and Accountability Act, and also ISO-17799 standards.

The class also now includes a module on social engineering testing for the network vulnerability assessment tester.

Day 1Day 2

SELECTING THE APPROPRIATE TOOLS – During this session discussion we will focus on how to select the correct tools for your organization. Tools will range from shareware to freeware and will also include commercial products that run on a variety of popular platforms and hardware architectures. We'll also spend some time looking at the use of different tools in tandem to provide a more complete picture of all the network vulnerabilities.

TECHNICAL DEMONSTRATION – During this session there will be a demonstration of common tools used in network vulnerability assessments. Focus will be on freely available tools such as Nmap, Sam Spade and Nessus. Discussion will follow covering technical advantages to running the tools on different operating systems.
You Will Learn How To:
  • Identify tools to assist in network vulnerability assessment and where to obtain them
  • Conduct a thorough network vulnerability assessment
  • Combine the output from tools to see a complete picture
  • Customize a network vulnerability assessment for the current legal and international standards
  • Perform social engineering tests
You Will Leave With:
  • An understanding of how to run vulnerability assessment tools
  • An understanding of the testing methodologies and how to use them
  • A list of common tools and their locations
  • Guidance in searching the Internet for updates and more information on vulnerability assessment
  • A default password list to over 1,000 common devices
Updated to include GLBA, HIPAA and ISO-17799 Standards


  
 
HOME   ABOUT   CONTACT US   Privacy Statement   Copyright © CMP Media LLC