Managing A Network Vulnerability Assessment

Managing A Network Vulnerability Assessment

by Thomas R. Peltier, Justin Peltier, John A. Blackley
Released July 2017
Publisher(s): Auerbach Publications
ISBN: 9780203503041

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Offers a formal framework for finding and eliminating network security threats. This title focuses on the steps necessary to manage an assessment, including the development of a scope statement, the understanding and use of assessment methodology, the creation of an assessment team, and the production of a response report.

Table of contents

  1. Front Cover
  2. Dedication
  3. Contents
  4. Acknowledgments
  5. About the Authors
  6. Chapter 1: Introduction
    1. Information Security Life Cycle
    2. Network Vulnerability Assessment (NVA)
    3. Do I Need to Be a Technical Expert to Run an NVA?
    4. What Skill Level Is Needed?
    5. What Specific Skills Are Needed?
    6. Can One Person Perform an NVA?
    7. Introduction to Vulnerability Assessment
    8. Goals of Vulnerability Assessment
    9. How Many Trees Should Die to Generate This Type of Report?
    10. What Are Vulnerabilities?
    11. Classes of Vulnerabilities
    12. Elements of a Good Vulnerability Assessment
    13. Summary
  7. Chapter 2: Project Scoping
    1. General Scoping Practices
    2. Developing the Project Overview Statement
    3. Developing the Project Scope (1/2)
    4. Developing the Project Scope (2/2)
    5. Project Scope Document
    6. Project Scope Change
    7. Summary
  8. Chapter 3: Assessing Current Network Concerns
    1. Network Vulnerability Assessment Timeline
    2. Network Vulnerability Assessment Team (NVAT)
    3. Threats to Computer Systems
    4. Other Concerns
    5. Additional Threats
    6. Prioritizing Risks and Threats
    7. Other Considerations
    8. Checklists
    9. Summary
  9. Chapter 4: Network Vulnerability Assessment Methodology
    1. Methodology Purpose
    2. Definitions
    3. Justification
    4. Philosophy
    5. Top-Down Examination
    6. Bottom-Up Examination
    7. Network Vulnerability Assessment Methodology (1/2)
    8. Network Vulnerability Assessment Methodology (2/2)
    9. The NVA Process, Step-by-Step (1/5)
    10. The NVA Process, Step-by-Step (2/5)
    11. The NVA Process, Step-by-Step (3/5)
    12. The NVA Process, Step-by-Step (4/5)
    13. The NVA Process, Step-by-Step (5/5)
    14. Summary
  10. Chapter 5: Policy Review (Top-Down) Methodology
    1. Definitions
    2. Policy Contents
    3. Contents
    4. Review Elements
    5. Summary
  11. Chapter 6: Technical (Bottom-Up)
    1. Step 1: Site Survey
    2. Step 2: Develop a Test Plan (1/3)
    3. Step 2: Develop a Test Plan (2/3)
    4. Step 2: Develop a Test Plan (3/3)
    5. Step 3: Building the Toolkit (1/10)
    6. Step 3: Building the Toolkit (2/10)
    7. Step 3: Building the Toolkit (3/10)
    8. Step 3: Building the Toolkit (4/10)
    9. Step 3: Building the Toolkit (5/10)
    10. Step 3: Building the Toolkit (6/10)
    11. Step 3: Building the Toolkit (7/10)
    12. Step 3: Building the Toolkit (8/10)
    13. Step 3: Building the Toolkit (9/10)
    14. Step 3: Building the Toolkit (10/10)
    15. Step 4: Conduct the Assessment
    16. Step 5: Analysis
    17. Step 6: Documentation
    18. Summary
  12. Chapter 7: Network Vulnerability Assessment Sample Report
    1. Table of Contents
    2. Executive Summary
    3. Body of the NVA Report
    4. Summary (1/5)
    5. Summary (2/5)
    6. Summary (3/5)
    7. Summary (4/5)
    8. Summary (5/5)
  13. Chapter 8: Summary
  14. Appendices
    1. Appendix A-1: ISO 17799 Self-Assessment Checklist
    2. Appendix A-2: Windows NT Server 4.0 Checklist
    3. Appendix A-3: Network Vulnerability Assessment Checklist (1/2)
    4. Appendix A-3: Network Vulnerability Assessment Checklist (2/2)
    5. Appendix B: Pre-NVA Checklist (1/2)
    6. Appendix B: Pre-NVA Checklist (2/2)
    7. Appendix C: Sample NVA Report (1/9)
    8. Appendix C: Sample NVA Report (2/9)
    9. Appendix C: Sample NVA Report (3/9)
    10. Appendix C: Sample NVA Report (4/9)
    11. Appendix C: Sample NVA Report (5/9)
    12. Appendix C: Sample NVA Report (6/9)
    13. Appendix C: Sample NVA Report (7/9)
    14. Appendix C: Sample NVA Report (8/9)
    15. Appendix C: Sample NVA Report (9/9)
    16. Appendix D: NIST Special Publications
    17. Appendix E: Glossary of Terms
      1. A
      2. B
      3. C
      4. D
      5. E
      6. F
      7. G
      8. H
      9. I
      10. J
      11. L
      12. M
      13. N
      14. O
      15. P
      16. Q
      17. R
      18. S
      19. T
      20. U
      21. V
      22. W
      23. X
      24. Z
  15. Index (1/3)
  16. Index (2/3)
  17. Index (3/3)

Product information

  • Title: Managing A Network Vulnerability Assessment
  • Author(s): Thomas R. Peltier, Justin Peltier, John A. Blackley
  • Release date: July 2017
  • Publisher(s): Auerbach Publications
  • ISBN: 9780203503041