Professional Documents
Culture Documents
© Copyright 2018 Cyberactive Security, LLC. All Rights Reserved. CISSP is a registered trademark of (ISC)2, Inc.
Module 11: Security Testing And Assessment
© Copyright 2018 Cyberactive Security, LLC. All Rights Reserved. CISSP is a registered trademark of (ISC)2, Inc.
Module 11: Security Testing And Assessment
© Copyright 2018 Cyberactive Security, LLC. All Rights Reserved. CISSP is a registered trademark of (ISC)2, Inc.
Module 11: Security Testing And Assessment
© Copyright 2018 Cyberactive Security, LLC. All Rights Reserved. CISSP is a registered trademark of (ISC)2, Inc.
Module 11: Security Testing And Assessment
o Perform simulated actions to verify audit successful and failed network connections are audited
Use automated vulnerability scanners to detect unauthorized communications or PPS
Network Interface Testing:
o Use protocol analyzers and/or network scanning tools to detect PPS on network interfaces
o Perform a misuse (abuse) testing to verify network components respond correctly
o Simulate attacks to test firewalls, IDS/IPS, and other defense component responses
Network vulnerability scans are typically run from the perspective of an external attacker
o Authenticated vulnerability scans give the scanner access to configuration information
o Vulnerability scans can return false positives (flagged, but not valid) and false negatives (missed vulnerabilities)
© Copyright 2018 Cyberactive Security, LLC. All Rights Reserved. CISSP is a registered trademark of (ISC)2, Inc.
Module 11: Security Testing And Assessment
DevOps is the process of combining system development and operations into a continuous process
o Security must be integrated into DevOps as part of system and security architecture
IoT are endpoint devices that contain software that connects to the internet
o IoT devices must be protected as an endpoint and isolated from core infrastructure
BYOD is a policy that defines how personnel are permitted to use their personally owned computing devices
o Personnel with insecure devices can introduce malware, create backdoor access, and more with poorly
configured devices
o Devices must be isolated to a specific network or guest zone of the system
ICS systems are embedded and physical components that are used for industrial industries
o ICS are used in domestic infrastructure and can be found in production factories and distribution operations
o ICS contain embedded systems that comprise a simple form of computing devices
PLCs are often found in assembly factories, power plants, and in distribution operations, and part of a DCS
DCS is the combined ICS components within the same facility, factory, or plant
o DCS that are distributed throughout multiple plants or factories are called SCADA
SCADA is designed to operate large scale infrastructure or production operations
o Comprised of RTU (endpoint), DAS (data server), and HMI (user interface)
Security Architecture Best Practices:
o Perform regular risk assessments to identify any emerging security risks against security architecture
o Employ least privilege and disable any unnecessary accounts, services, etc. to reduce the attack surface
o Patch all software with vendor or security related updates
o Segment and encrypt system communications
o Log and audit changes to critical system services, permissions, accounts, and communications
© Copyright 2018 Cyberactive Security, LLC. All Rights Reserved. CISSP is a registered trademark of (ISC)2, Inc.
Module 11: Security Testing And Assessment
© Copyright 2018 Cyberactive Security, LLC. All Rights Reserved. CISSP is a registered trademark of (ISC)2, Inc.
Module 11: Security Testing And Assessment
© Copyright 2018 Cyberactive Security, LLC. All Rights Reserved. CISSP is a registered trademark of (ISC)2, Inc.