\"Scanning for Exploits\" Please respond to the following: Suppose you work as a
ID: 3661727 • Letter: #
Question
"Scanning for Exploits" Please respond to the following: Suppose you work as a security analyst and during a weekly meeting your supervisor asks for your opinion about the ways in which the department could best identify vulnerabilities that a hacker could potentially exploit on a network. Analyze the potential security concerns, and identify what you believe to be the greatest concerns in terms of vulnerabilities. Describe the method(s) you would use to identify the related exploit(s). Explain your desired method(s) to perform this vulnerability analysis. Suggest the tool(s) that you would use to perform all or a portion of the analysis mentioned in Part 1 of this discussion. Justify the manner in which such tools could assist with these efforts.
Explanation / Answer
Introduction:
Every kind of network systems have weaknesses known as vulnerabilities. These vulnerabilities pose threat to systems from malicious entities. Therefore, it is very much required to indentify and analyse potential vulnerabilities, take necessary steps to overcome them in order to safeguard the network. A malicious entity can be an individual or a group; a computer or network or some other device; or even a combination of these.
When vulnerabilities are exploited or attacked, systems fail. Entities exploiting vulnarebilities are referred to as attacker/adversary/intruder/eavesdropper etc.
Possible forms of attacks: Attack refers to a breach of a security property. Genenral security properties to be considered are following:
We can not ignore potential threats. A network should have a range of security goals to safe guard the network.
Security Goals for a network system:
We need a proper threat model in order to handle them. A popular model is Dolev-Yao model.
Dolev-Yao Threat Model
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.