47
Chapter 4
Network Vulnerability
Assessment Methodology
The growth of distributed computing has been one of the major drivers for
network security. With the exponential growth of networks, the ease with
which information can be shared between and among computer networks
makes security more important but more difficult to implement and manage.
Computers are no longer connected to one trusted network; they are poten-
tially connected to every other network and its computers in the world, with
or without security implementations of their own.
In the old mainframe environment, security meant keeping the computer
in a locked room with limited access. As computing power and its physical
presence are distributed, it becomes increasingly difficult to control access by
physical means. With remote-access architecture, it is impossible; even if one
could sequester the network within a secure building, it would still be possible
for someone to eavesdrop remotely.
An effective network vulnerability assessment (NVA) will help an organi-
zation develop a security architecture that will provide the best protection for
the least investment in staff, hardware, software, and time. Because no orga-
nization has unlimited resources to devote to security, it will be necessary to
determine the severity of the risks that the network faces and the most effective
countermeasures to mitigate those risks.
Methodology Purpose
This book is intended to help you perform a sanctioned NVA, the key term
being “sanctioned.” It could be a “carrier limiting decision” to conduct a NVA,
even for your own company, without prior management approval. The NVA
book provides an outline and supplementary materials to assist you in providing
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.