2.5. Assessment and Response
It is important to periodically assess the security of the network and systems in an organization. Additionally, assessment becomes important after a security incident has been detected and a response to the attack has been put in place. In this section, we briefly consider elements of assessment and response. See Northcutt et al. [7], Whitacker and Newman [14], and McNab [15] for more details.
Assessment of a network can be done using external auditors who can perform penetration tests (act essentially like Oscar, but not damage systems), enumerate the entities in the network, discover potential vulnerabilities, and verify if the protection and prevention mechanisms (like firewalls, access control schemes, password ...
Get Information Assurance now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
