Network Security v1.0 - Module 22

This module discusses techniques and tools for network security testing. It describes how operations security begins with network planning and implementation. Various testing techniques are explained, including penetration testing, network scanning, vulnerability scanning, and log review. Popular network security tools are also covered, such as Nmap and Zenmap for port scanning, SuperScan, SIEM for security information and event management, and Nessus for vulnerability assessment. The results of network testing can be used to identify vulnerabilities, benchmark security progress, and guide mitigation activities.

Uploaded by

Hussein Kipkoech

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

275 views

Network Security v1.0 - Module 22

Uploaded by

Hussein Kipkoech

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 16

Module 22: Network

Security Testing

Networking Security v1.0

(NETSEC)
Module Objectives
Module Title: Network Security Testing

Module Objective: Describe the various techniques and tools for network security.

Topic Title Topic Objective

Network Security Testing Describe the techniques used in network security testing.
Network Security Testing Tools Describe the tools used in network security testing.

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Network Security Testing Techniques
Operations Security
Operations security starts with the planning and implementation process of a network. During
these phases, the operations team analyzes designs, identifies risks and vulnerabilities, and
makes the necessary adaptations. The actual operational tasks begin after the network is set up
and include the continual maintenance of the environment.

Some security testing techniques are predominantly manual, and others are highly automated.
Regardless of the type of testing, the staff that sets up and conducts the security testing should
have significant security and networking knowledge in these areas:
• Device hardening
• Firewalls
• IPSs
• Operating systems
• Basic programming
• Networking protocols, such as TCP/IP
• Network vulnerabilities and risk mitigation
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Network Security Testing Techniques
Testing and Evaluating Network Security

During the implementation stage, security testing is conducted on specific parts of the network.
After a network is fully integrated and operational, a Security Test and Evaluation (ST&E) is
performed. An ST&E is an examination of the protective measures that are placed on an
operational network.

Objectives of ST&E include the following:

• Uncover design, implementation, and operational flaws that could lead to the violation
of the security policy.
• Determine the adequacy of security mechanisms, assurances, and device properties to
enforce the security policy.
• Assess the degree of consistency between the system documentation and its
implementation.

Tests should be repeated periodically and whenever a change is made to the system.

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Network Security Testing Techniques
Types of Network Tests
After a network is operational, ascertain its security status. Many security tests can be conducted to assess
the operational status of the network:

• Penetration testing - Simulate attacks to determine the feasibility of an attack and possible
consequences if one were to occur.

• Network scanning - Includes software that can ping computers, scan for listening TCP ports and
display which types of resources are available on the network.

• Vulnerability scanning - Detects potential weaknesses in the tested systems.

• Password cracking - Tests and detects weak passwords that should be changed.
•
• Log review - Filter and review security logs to detect abnormal activity.

• Integrity checkers - Detects and reports changes in the system.

• Virus detection - Detects and removes computer viruses and other malware.
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Network Security Testing Techniques
Applying Network Test Results

Network security testing results can be used in several ways:

• To define mitigation activities to address identified vulnerabilities

• As a benchmark to trace the progress of an organization in meeting security
requirements
• To assess the implementation status of system security requirements
• To conduct cost and benefit analysis for improvements to network security
• To enhance other activities, such as risk assessments, certification and authorization
(C&A), and performance improvement efforts
• As a reference point for corrective action

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Network Security Testing Tools
Network Testing Tools
There are many tools available to test the security of systems and networks. Some of these tools are open
source while others are commercial tools that require licensing. Various software tools can be used to perform
network testing including:

• Nmap/Zenmap - This discovers computers and services on a computer network, thus creating a map
of the network.
• SuperScan - Designed to detect open TCP and UDP ports, determine what services are running on
those ports, and to run queries, such as whois, ping, traceroute, and hostname lookups.
• SIEM (Security Information Event Management) - Used in enterprise organizations to provide real
time reporting and long-term analysis of security events.
• GFI LANguard - This is a network and security scanner which detects vulnerabilities.
• Tripwire - Assesses and validates IT configurations.
• Nessus - Vulnerability scanning software, focusing on remote access, misconfigurations, and DoS
against the TCP/IP stack.
• L0phtCrack - Password auditing and recovery application.
• Metasploit - Provides information about vulnerabilities and aids in penetration testing and IDS
signature development.

Nmap is a commonly used, low-level scanner that is available to the public. It has an array of
excellent features which can be used for network mapping and reconnaissance.

The basic functionality of Nmap allows the user to accomplish several tasks, as follows:

• Classic TCP and UDP port scanning -This searches for different services on one host.
• Classic TCP and UDP port sweeping - This searches for the same service on multiple
hosts.
• Stealth TCP and UDP port scans and sweeps - This is similar to classic scans and
sweeps, but harder to detect by the target host or IPS.
• Remote operating system identification - This is also known as OS fingerprinting.

Advanced features of Nmap include protocol scanning, known as Layer 3 port scanning.

© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Network Security Testing Tools
SuperScan
SuperScan is a Microsoft Windows port scanning tool. It runs on most versions of Windows and
requires administrator privileges. SuperScan version 4 has a number of useful features:

• Adjustable scanning speed

• Support for unlimited IP ranges
• Improved host detection using multiple ICMP methods
• TCP SYN scanning
• UDP scanning (two methods)
• Simple HTML report generation
• Source port scanning
• Fast hostname resolution
• Extensive banner grabbing capabilities
• Massive built-in port list description database
• IP and port scan order randomization
• A selection of useful tools, such as ping, traceroute, and whois
• Extensive Windows host enumeration capability
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Network Security Testing Tools
SIEM
Security Information Event Management (SIEM) is a technology used in enterprise organizations to provide real
time reporting and long-term analysis of security events.

SIEM combines the essential functions of SIM and SEM to provide:

• Forensic analysis - The ability to search logs and event records from sources throughout the
organization provides more complete information for forensic analysis.
• Correlation - Examines logs and events from disparate systems or applications, speeding detection of
and reaction to security threats.
• Aggregation - Aggregation reduces the volume of event data by consolidating duplicate event records.
• Retention - Reporting presents the correlated and aggregated event data in real-time monitoring and
long-term summaries.

SIEM provides details on the source of suspicious activity, including:

• User information (name, authentication status, location, authorization group, quarantine status)
• Device information (manufacturer, model, OS version, MAC address, network connection method,
location)
• Posture information (device compliance with corporate security policy, antivirus version, OS patches,
compliance with mobile device management policy) © 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
22.3 Network Security Testing
Summary

• Operations security starts with the planning and implementation process of a network.
• The staff that sets up and conducts the security testing should have significant security and networking
knowledge in these areas: device hardening, firewalls, IPSs, operating systems, basic programming,
networking protocols, such as TCP/IP, and network vulnerabilities and risk mitigation.
• Many security tests can be conducted to assess the operational status of the network and include:
penetration testing, network scanning, vulnerability scanning, password cracking, log review, integrity
checkers, and virus detection.
• There are many tools available to test the security of systems and networks including: Nmap/Zenmap,
SuperScan, SIEM, GFI LANguard, Tripwire, Nessus, L0phtCrack, and Metasploit.
• Nmap and Zenmap (its graphical frontend) are commonly used and free low-level scanners. SuperScan is
also a free Microsoft Windows port scanning tool.
• Security Information Event Management (SIEM) is a technology used in enterprise organizations to provide
real time reporting and long-term analysis of security events. SIEMs provide correlation, aggregation,
forensic analysis, and retention.
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Network Security Testing Summary
New Terms and Commands
• Security Test and Evaluation (ST&E)
• Penetration testing
• Network scanning
• Log review
• Integrity checkers
• Virus detection
• Nmap/Zenmap
• SuperScan
• SIEM (Security Information Event Management)
• GFI LANguard
• Tripwire
• Nessus
• L0phtCrack
• Metasploit
• Forensic analysis

Hourglass Workout Program by Luisagiuliet 2
76% (21)
Hourglass Workout Program by Luisagiuliet 2
51 pages
12 Week Program: Summer Body Starts Now
89% (45)
12 Week Program: Summer Body Starts Now
70 pages
Read People Like A Book by Patrick King-Edited
59% (76)
Read People Like A Book by Patrick King-Edited
12 pages
Livingood, Blake - Livingood Daily Your 21-Day Guide To Experience Real Health
77% (13)
Livingood, Blake - Livingood Daily Your 21-Day Guide To Experience Real Health
260 pages
Cheat Code To The Universe
94% (78)
Cheat Code To The Universe
34 pages
Facial Gains Guide (001 081)
91% (45)
Facial Gains Guide (001 081)
81 pages
Curse of Strahd
95% (467)
Curse of Strahd
258 pages
The Psychiatric Interview - Daniel Carlat
91% (34)
The Psychiatric Interview - Daniel Carlat
473 pages
The Borax Conspiracy
91% (57)
The Borax Conspiracy
14 pages
The Secret Language of Attraction
86% (107)
The Secret Language of Attraction
278 pages
How To Develop and Write A Grant Proposal
83% (542)
How To Develop and Write A Grant Proposal
17 pages
Workbook For The Body Keeps The Score
88% (52)
Workbook For The Body Keeps The Score
111 pages
Donald Trump & Jeffrey Epstein Rape Lawsuit and Affidavits
83% (1016)
Donald Trump & Jeffrey Epstein Rape Lawsuit and Affidavits
13 pages
KamaSutra Positions
78% (69)
KamaSutra Positions
55 pages
7 Hermetic Principles
93% (30)
7 Hermetic Principles
3 pages
27 Feedback Mechanisms Pogil Key
77% (13)
27 Feedback Mechanisms Pogil Key
6 pages
Phone Codes
78% (27)
Phone Codes
5 pages
36 Questions That Lead To Love
91% (35)
36 Questions That Lead To Love
3 pages
Sample Mental Health Progress Note
96% (47)
Sample Mental Health Progress Note
3 pages
2025 MandateForLeadership FULL
70% (10)
2025 MandateForLeadership FULL
920 pages
How To Kiss A Woman's Breast
60% (114)
How To Kiss A Woman's Breast
14 pages
The 36 Questions That Lead To Love - The New York Times
94% (34)
The 36 Questions That Lead To Love - The New York Times
3 pages
100 Questions To Ask Your Partner
80% (35)
100 Questions To Ask Your Partner
2 pages
Satanic Calendar
25% (56)
Satanic Calendar
4 pages
The 36 Questions That Lead To Love - The New York Times
95% (21)
The 36 Questions That Lead To Love - The New York Times
3 pages
14 Easiest & Hardest Muscles To Build (Ranked With Solutions)
100% (7)
14 Easiest & Hardest Muscles To Build (Ranked With Solutions)
27 pages
Jeffrey Epstein39s Little Black Book Unredacted PDF
75% (12)
Jeffrey Epstein39s Little Black Book Unredacted PDF
95 pages
1001 Songs
70% (71)
1001 Songs
1,798 pages
The 4 Hour Workweek, Expanded and Updated by Timothy Ferriss - Excerpt
23% (954)
The 4 Hour Workweek, Expanded and Updated by Timothy Ferriss - Excerpt
38 pages
Zodiac Sign & Their Most Common Addictions
63% (30)
Zodiac Sign & Their Most Common Addictions
9 pages
25 Best Kali Linux Tools
No ratings yet
25 Best Kali Linux Tools
19 pages
3.2.2.7 Lab - Compromise IoT Device Firmware
No ratings yet
3.2.2.7 Lab - Compromise IoT Device Firmware
5 pages
Module 15: Mobile Forensics: Lab Scenario
0% (1)
Module 15: Mobile Forensics: Lab Scenario
28 pages
FTK Imager
No ratings yet
FTK Imager
110 pages
Full Final Lab Mannual Cyber PDF
No ratings yet
Full Final Lab Mannual Cyber PDF
105 pages
Mastering Kali Linux: Practical Security and Penetration Testing Techniques
From Everand
Mastering Kali Linux: Practical Security and Penetration Testing Techniques
Robert Johnson
No ratings yet
Penetration Testing Fundamentals-2: Penetration Testing Study Guide To Breaking Into Systems
From Everand
Penetration Testing Fundamentals-2: Penetration Testing Study Guide To Breaking Into Systems
Devi Prasad
No ratings yet
Configuring IPCop Firewalls: Closing Borders with Open Source
From Everand
Configuring IPCop Firewalls: Closing Borders with Open Source
Barrie Dempster
No ratings yet
Hack into your Friends Computer
From Everand
Hack into your Friends Computer
Magelan Cyber Security
No ratings yet
Malware Analysis
No ratings yet
Malware Analysis
9 pages
Open Source IDS Tools
No ratings yet
Open Source IDS Tools
9 pages
IT Data Security: Assignment-1
No ratings yet
IT Data Security: Assignment-1
12 pages
Cyber Sec and Digital Forensics-Lec4
No ratings yet
Cyber Sec and Digital Forensics-Lec4
34 pages
FTKManual
100% (1)
FTKManual
348 pages
Lecture - 02a - Basic Static Analysis
No ratings yet
Lecture - 02a - Basic Static Analysis
22 pages
Cyber Forensics
100% (1)
Cyber Forensics
16 pages
Seminar On: Honeypots: Vidyabharti Trust College of Bca, Umrakh
No ratings yet
Seminar On: Honeypots: Vidyabharti Trust College of Bca, Umrakh
22 pages
Android Malware
No ratings yet
Android Malware
21 pages
LAB - Footprinting and Recon
No ratings yet
LAB - Footprinting and Recon
6 pages
1.3-Basic Packet Analysis Wireshark
100% (1)
1.3-Basic Packet Analysis Wireshark
43 pages
Code Injection
No ratings yet
Code Injection
11 pages
With Emphasis On Web Applications Security Related Issues
0% (1)
With Emphasis On Web Applications Security Related Issues
28 pages
Static Malware Analysis Techniques
100% (1)
Static Malware Analysis Techniques
15 pages
Malware Analysis
No ratings yet
Malware Analysis
16 pages
Kali Linux Tools To Learn: Learning How To Hack
No ratings yet
Kali Linux Tools To Learn: Learning How To Hack
10 pages
Digital Forensics: Computer Forensics Tools, Encase and Windows Os
100% (1)
Digital Forensics: Computer Forensics Tools, Encase and Windows Os
110 pages
Network Vulnerability Scanning: By:-Prachee Ratnaparkhi Msc-Ii, Roll - No. 17
No ratings yet
Network Vulnerability Scanning: By:-Prachee Ratnaparkhi Msc-Ii, Roll - No. 17
14 pages
Network Security v1.0 - Module 10
No ratings yet
Network Security v1.0 - Module 10
37 pages
Blockchain Pentesting
No ratings yet
Blockchain Pentesting
3 pages
IS4560 Lab 1 Assessment Worksheet
No ratings yet
IS4560 Lab 1 Assessment Worksheet
4 pages
A Study On Malware and Malware Detection Techniques
No ratings yet
A Study On Malware and Malware Detection Techniques
11 pages
PracticalCyberIntelligence ColorImages PDF
No ratings yet
PracticalCyberIntelligence ColorImages PDF
122 pages
HackingTechniques WebApplicationSecurity
No ratings yet
HackingTechniques WebApplicationSecurity
21 pages
Information and Network Security 10cs835 Question Bank and Solution
No ratings yet
Information and Network Security 10cs835 Question Bank and Solution
49 pages
Ddos-Attacks Preparationdetectionmitigation Apricot 1361720605 PDF
No ratings yet
Ddos-Attacks Preparationdetectionmitigation Apricot 1361720605 PDF
41 pages
Enbedded Devices Security Firmware Reverse Engineering
No ratings yet
Enbedded Devices Security Firmware Reverse Engineering
104 pages
GitHub Fabacab Awesome Cybersecurity Blueteam ? A Curated Collection
100% (1)
GitHub Fabacab Awesome Cybersecurity Blueteam ? A Curated Collection
19 pages
Module-3: Information Security Management
No ratings yet
Module-3: Information Security Management
17 pages
Attacks and Vulnerabilities: Ilya Chalyt Nicholas Egebo
No ratings yet
Attacks and Vulnerabilities: Ilya Chalyt Nicholas Egebo
46 pages
Network and Security: Assignment
No ratings yet
Network and Security: Assignment
9 pages
Cyber Wardog Lab - Basic Malware Analysis Lab Setup
100% (2)
Cyber Wardog Lab - Basic Malware Analysis Lab Setup
16 pages
Nessus-Nmap Lab: IST 451 - Network Security
No ratings yet
Nessus-Nmap Lab: IST 451 - Network Security
6 pages
Network Forensics With Bro: Matthias Vallentin
No ratings yet
Network Forensics With Bro: Matthias Vallentin
23 pages
Computer Hacking Forensic Investigator Course Content: Module 01: Computer Forensics in Today's World
100% (1)
Computer Hacking Forensic Investigator Course Content: Module 01: Computer Forensics in Today's World
96 pages
Cyber Security - Five Challenge 2022
No ratings yet
Cyber Security - Five Challenge 2022
7 pages
SEC450 W7 ILab SEC450 W7 Network Vulnerability Case Study Instructions
0% (1)
SEC450 W7 ILab SEC450 W7 Network Vulnerability Case Study Instructions
2 pages
Mobile Security Testing
No ratings yet
Mobile Security Testing
6 pages
Ch6 - Operating System Forensics
No ratings yet
Ch6 - Operating System Forensics
49 pages
Computer Basic 1201
No ratings yet
Computer Basic 1201
6 pages
Firewalls For Network Sec
No ratings yet
Firewalls For Network Sec
48 pages
Pwntools
100% (1)
Pwntools
156 pages
Intrusion Detection Techniques in Mobile Networks
No ratings yet
Intrusion Detection Techniques in Mobile Networks
8 pages
CSC 411: Computer Network Security: Intrusion Detection Systems
No ratings yet
CSC 411: Computer Network Security: Intrusion Detection Systems
3 pages
Cyber Security-Ethical Hacking: Letshack Foundation in Collaboration With 3girps Presents
No ratings yet
Cyber Security-Ethical Hacking: Letshack Foundation in Collaboration With 3girps Presents
4 pages
Ethical Hacking and Network Security PDF
No ratings yet
Ethical Hacking and Network Security PDF
2 pages
Kinara's Resume
No ratings yet
Kinara's Resume
1 page
Malware Analysis
100% (1)
Malware Analysis
4 pages
Check List - Mobile Application Testing II
0% (1)
Check List - Mobile Application Testing II
24 pages
CSCI369 Lab 3
No ratings yet
CSCI369 Lab 3
4 pages
CS - Practical Report
No ratings yet
CS - Practical Report
44 pages
TechHacker Bundle Syllabus
100% (1)
TechHacker Bundle Syllabus
21 pages
Principles of Network Security
No ratings yet
Principles of Network Security
38 pages
Network Security v1.0 - Module 22
No ratings yet
Network Security v1.0 - Module 22
16 pages
Drop Certified Security Course PDF
No ratings yet
Drop Certified Security Course PDF
67 pages
Briskinfosec Pentest Toolkit
No ratings yet
Briskinfosec Pentest Toolkit
17 pages
Pen Testing Tools Cheat Sheet
No ratings yet
Pen Testing Tools Cheat Sheet
51 pages
CTF - Kioptrix Level 3 - Walkthrough Step by Step - Yeah Hub
No ratings yet
CTF - Kioptrix Level 3 - Walkthrough Step by Step - Yeah Hub
26 pages
Lab 2
No ratings yet
Lab 2
3 pages
Analysing Networks With NMAP: OWASP Ruhrpott Meetup March 2019
No ratings yet
Analysing Networks With NMAP: OWASP Ruhrpott Meetup March 2019
35 pages
NMT Practical Mannual 2020
100% (1)
NMT Practical Mannual 2020
30 pages
5 Active-Recon
No ratings yet
5 Active-Recon
7 pages
Hack Back Fisher
No ratings yet
Hack Back Fisher
24 pages
Module 03 Scanning Networks
No ratings yet
Module 03 Scanning Networks
316 pages
Some Tools For Computer Security Incident Response Team (Csirt)
No ratings yet
Some Tools For Computer Security Incident Response Team (Csirt)
26 pages
HTB Ouija
No ratings yet
HTB Ouija
43 pages
Pit
No ratings yet
Pit
15 pages
Answer Dumps Exam
No ratings yet
Answer Dumps Exam
106 pages
Nmap Command Examples in Linux
No ratings yet
Nmap Command Examples in Linux
13 pages
Midterm Exam - Security of Network Information
No ratings yet
Midterm Exam - Security of Network Information
10 pages
Basic Pentesting 2 Walkthrough
No ratings yet
Basic Pentesting 2 Walkthrough
9 pages
Cyber Security - Lecture 11
100% (4)
Cyber Security - Lecture 11
52 pages
cybersecurity lab
No ratings yet
cybersecurity lab
17 pages
Hacking - The Beginners Guide To Master The Art of Hacking in No Time - Become A Hacking GENIUS (2016)
100% (2)
Hacking - The Beginners Guide To Master The Art of Hacking in No Time - Become A Hacking GENIUS (2016)
33 pages
Penetration Testing and Vulnerability Assessment I
No ratings yet
Penetration Testing and Vulnerability Assessment I
7 pages
Ethical Hacking Course - Practice 2 - How To Recognize A Goal
No ratings yet
Ethical Hacking Course - Practice 2 - How To Recognize A Goal
27 pages
Nmap Commands Cheat Sheet
100% (1)
Nmap Commands Cheat Sheet
1 page
Qualitative Assessment of Digital Forens
No ratings yet
Qualitative Assessment of Digital Forens
8 pages
INetsim Setup
No ratings yet
INetsim Setup
13 pages
Install Talos Linux
No ratings yet
Install Talos Linux
5 pages
Exp 5
No ratings yet
Exp 5
7 pages