218 Managing Network Vulnerability Assessment
Host
Identify the critical host computer systems that are part of the assessment,
where “host” refers to mainframes, servers, and workstations.
Network Elements Connections
Vendor, Model, Quantity,
Name, and IPs
5. Exception reports: for disruptions in
either input or output.
Service/vendor name,
description, and type of
connection.
Description and diagram of
current firewall implementation.
Description and diagram of
current remote access
implementation (dial-up and VPN
architecture).
Network Elements Connections
Vendor, Model, Quantity,
Name, and IPs
1. Configuration: describe the
configuration of each host; for
workstations, provide a typical
configuration and the quantity.
Number of users and types of
users.
Management systems: describe
the systems used to manage the
network (including monitoring).
2.
System software: identify system
software (system vendor or third
party) used on the host. Of primary
interest is security-related software
(e.g., assessment and monitoring
tools).
3.
Network services: identify the
network services provided by, or
used by, each host.