Network Security Procedure, Evaluation Tools And Technologies
Network security will consist of the policies and provisions that will be adopted by the company’s network administrator so as to monitor or prevent unauthorized misuse, access, denial, or modification of the network (Kurose and Ross 23).
It is the organization hierarchy or layout of the computer network interconnected nodes
It’s a network device that will be used for controlling the company’s network security as well as access rules
Evaluating the network security controls of the company will entail an auditor looking at the company’s system from a hackers point of view with the anticipation of how thinks can be exploited to have unauthorized access. The process will include testing the three main organization elements that include process, people, and technology. If one of them is weak, the company will be vulnerable to attack (Stallings 6)
Evaluating Security Controls
Security controls will be the safeguards that will be employed by the company to protect is assets as well as reduce risks.
Auditing Security Practices
The initial step in the process of evaluating the network security technology and procedures will be examining the company policies, its government security structure, as well as its security objectives now that these are the three main areas that encompass the company practices of security
Testing Security Technology
There are several ways in which the company can text its network technology. The company may use to possible methods which include vulnerability assessment or penetration test.
Security Testing Frameworks
There is some security testing approaches that the security auditor for the company’s network technical control assessment and they include Open Source Security Methodology Manual, Information Systems Security Assessment Framework, NIST 800-115, and Open Web Application Security Project (Gary 7)
Security Auditing Tools
Security auditing tools such as NMAP and Fyodor will be used to improve the network security community significantly by the use of automation of testing techniques that are well advanced.
Service Mapping Tools
Service mapping tools will be used in identifying remote services, systems, and open ports. They will also be used in testing a firewall rule base or in case of a response given crafted IP packets or different real
This tool will be used in expanding the basic ping function through providing the capability to come up with custom IP packets for the process of testing and auditing network security controls
Vulnerability Assessment Tools
Here a vulnerability scanner will be used in mapping known vulnerabilities in the company’s products and come up with a report on possible vulnerabilities
These are applications that are hosted by servers on the network meant to offer some functionality for users of the internet as well as assist in the operation of the network itself
The company will make use of the RedSeal Security Manager is the process of threat identification and risk management applications so as to ease the burden of analyzing its network to locate vulnerabilities in its configurations.
Penetration Testing Tools
The company auditors may use high-quality penetration tools so as to make the process of auditing its security controls easier (Bertsekas and Gallager 67)
Dimitri Bertsekas, and Robert Gallager. Data Networks. New York: Prentice Hall, 1992
Kurose James F and Keith W. Ross : Computer Networking: A Top-Down Approach Featuring the Internet. New York: Pearson Education 2005.
Shelly, Gary, et al. Discovering Computers. New York: Pearson Education 2004
William Stallings. Computer Networking with Internet Protocols and Technology. New York: Pearson Education 2004