Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Practical Network Scanning

You're reading from   Practical Network Scanning Capture network vulnerabilities using standard tools such as Nmap and Nessus

Arrow left icon
Product type Paperback
Published in May 2018
Publisher
ISBN-13 9781788839235
Length 326 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Ajay Singh Chauhan Ajay Singh Chauhan
Author Profile Icon Ajay Singh Chauhan
Ajay Singh Chauhan
Arrow right icon
View More author details
Toc

Table of Contents (15) Chapters Close

Preface 1. Fundamental Security Concepts 2. Secure Network Design FREE CHAPTER 3. Server-Level Security 4. Cloud Security Design 5. Application Security Design 6. Threat Detection and Response 7. Vulnerability Assessment 8. Remote OS Detection 9. Public Key Infrastructure-SSL 10. Firewall Placement and Detection Techniques 11. VPN and WAN Encryption 12. Summary and Scope of Security Technologies 13. Assessment 14. Other Books you may enjoy

Building blocks of information security

Your data can be easily separated into the following three categories. This is especially important to know in order to determine the value of your data before planning for security:

  • Low Business Impact (LBI): If LBI data is disclosed, limited information loss could occur. Examples of this kind of data include name, gender, and/or the country of residence.
  • Moderate Business Impact (MBI): If MBI data is disclosed, disastrous information loss could occur, which directly damages the reputation of an organization. Examples of MBI data include first and last name, email ID, mailing address, and phone number.
  • High Business Impact (HBI): If HBI data is disclosed, serious information loss could occur. Access and permission must be controlled and limited to a need-to-know basis. Examples of HBI data include government IDs, credit card information, medical health records, passwords, and real-time location.

Proper security control measures are required to ensure tight security. The following flowchart helps us to understand the security process:

  • Risk Management Process: This is particularly important when designing a secure network. Risk management analysis must be done in advance as this aids designing secure infrastructure. Steps should include risk identification, risk analysis, risk ranking, and mitigation plans. For example, an ISP link can be a public or private Wide Area Network (WAN) connection. Data transfer between two sites over public infrastructure can be secured by implementing VPNs. Data transfer between two sites over private links can be future encrypted by link device. The purpose and funding of connection must be identified, and a proper risk assessment must be carried out before installing or activating any links.
  • InfoSec Design Process: Perimeter boundaries must be defined and documented. For example, connecting to WAN internet or connecting to another location over WAN must be defined. When I say boundaries, we should always take a layered approach. There is no ideal situation to ensure 100% security, but by implementing security on every layer, you can ensure tight security. A layered security method encompasses both technological and non-technological safety measures.

    For example, perimeter security can be protected by firewalls. Infrastructure details, such as server type and services running on the system, must be identified. Software and operating system bugs should be documented. IP space and security zones should be defined. System admin access should be controlled by security groups.

  • Verification process: The purpose of the verification process for each extranet/intranet connection is to generate all audit evidence documented in the compliance procedures of the security design. This will have information about users, remote IP, and tasks performed by them. Network scanning, penetration testing, and scorecard reporting provide an in-depth view of infrastructure security.

    A periodic audit is always required in order to know if there is unexpected activity.  Firewall logs, TCP/IP headers from load balancers on IIS, and two-factor authentications are examples of a verification process.

  • Security implementation process: At this stage you should have the following items ready to be implemented:
    • Security policies—password policies and access control
    • Disaster recovery plan
    • Backup and recovery plan
    • WAN recovery plan
    • Network security zones
    • Database security
    • IIS or web security
    • Data and asset classification
    • Data encryption
    • Resource control for application users
    • Operating system security
    • Incident management and response
    • Change management and version control
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime