From Wikibooks, open books for an open world
This page may need to be
reviewed for quality.
Jump to navigation
Jump to search
4.1 Conduct risk assessments and implement risk mitigation[edit | edit source]
4.2 Carry out vulnerability assessment using common tools[edit | edit source]
- Port scanners
- Vulnerability scanners
- Protocol analyzers
|
- OVAL
- Password crackers
- Network mappers
|
4.3 Explain the proper use of penetration testing versus vulnerability scanning[edit | edit source]
4.4 Use monitoring tools on systems and networks and detect security-related anomalies[edit | edit source]
- Performance monitor
- Systems monitor
- Performance baseline
- Protocol analyzers
4.5 Compare and contrast various types of monitoring methodologies[edit | edit source]
- Behavior-based
- Signature-based
- Anomaly-based
4.6 Execute proper logging procedures and evaluate the results[edit | edit source]
- Security application
- DNS
- System
- Performance
|
- Access
- Firewall
- Antivirus
|
4.7 Conduct periodic audits of system security settings[edit | edit source]
- User access and rights review
- Storage and retention policies
- Group policies