Page 158 - Courses
P. 158
Logical Security: The Network Layer
• Not hardening devices before joining them to the network.
VLAN
Improper configuration of virtual local area networks (VLANs).
VLAN Control
Virtual local area networks (VLANs) are tested to ensure they are correctly configured.
Physical Control
Processes are in place to monitor location of devices on the network, including:
• Comparing current and previous versions of network snapshots and following up on differences.
• Using a Network Access Control (NAC) system (a system that logically controls access to the
network).
• Using newer versions of network tools that have software that provides alerts of new devices
attached to the network.
Suggested Audit Procedures
Suggested high-level audit procedures include:
1. Asking network personnel for the VLAN hardening checklist.
2. Asking about the process used to configure VLANs.
3. Validating that the process is followed to ensure VLANs are correctly configured.
4. Testing sample of VLAN changes to ensure compliance with change management policy.
5. Inquiring into processes used to monitor for unauthorized devices connected to the network.
TOPIC 3: PREVENTION SOFTWARE
Prevention Software
Antivirus.
SIEM.
Job Scheduler.
Antivirus Software
Antivirus Software Characteristics
Antivirus software is computer software used to prevent and detect malicious software. After
detection, antimalware software should be used to remove malicious code that exists in a device.
Important points include:
• Since desktop computers and servers are connected to the network, it is important for network
security that antivirus is maintained and up-to-date.
• In most organizations, antivirus software is centrally managed, and the endpoint console
provides alerts when antivirus is disabled or not updated.
Copyright © 2021 by The Institute of Internal Auditors, Inc. All rights reserved.
