By understanding who attacks, why they attack, how they attack, and what they do, the IT security professionals conducting the risk and vulnerability assessment can focus on combating threats and vulnerabilities commonly exploited by an attacker. This type of intelligence data can assist in the risk and vulnerability assessment by providing the IT security professional with knowledge about how attacks are conducted. This knowledge can be applied to defense-in-depth security controls and security countermeasures distributed throughout the IT infrastructure and seven areas of information security responsibility. Without this knowledge, the IT security professional cannot conduct the risk and vulnerability assessment from an attacker's point of view.
This chapter will present an overview of the following characteristics about attackers:
With knowledge in these four areas about attackers, conducting a risk and vulnerability assessment can be done with a specific strategy in mind as well as with knowledge of how attackers attack. This approach to conducting a risk and vulnerability assessment equips the IT security professional with knowledge about how to monitor, prevent, and eliminate various attacks on the IT infrastructure. This knowledge will assist the IT security professional in developing an appropriate information security strategy for its IT infrastructure that encompasses the seven areas of information security responsibility.
Introduction to Assessing Network Vulnerabilities
Foundations and Principles of Security
Why Risk Assessment
Scoping the Project
Understanding the Attacker
Performing the Assessment
Tools Used for Assessments and Evaluations
Preparing the Final Report
Appendix A. Security Assessment Resources
Appendix B. Security Assessment Forms
Appendix C. Security Assessment Sample Report
Appendix D. Dealing with Consultants and Outside Vendors
Appendix E. SIRT Team Report Format Template