Page 53 - StudyBook.pdf
P. 53

General Security Concepts: Access Control, Authentication, and Auditing • Chapter 1  37

                 methods used to detect and repair potential weaknesses.While the primary
                 emphasis is to provide security, you also have an obligation under the concepts of
                 AAA and the CIA triad discussed earlier, to provide system availability and depend-
                 ability. Use of the appropriate network and machine monitoring tools can help to
                 detect and eliminate congestion and traffic problems on the network, high pro-
                 cessor loads or other deviances in systems, and bad or failing components.This, in
                 turn, allows you to be alerted to potential problems that may accompany other
                 types of activity. In the current environment, there are a number of security scan-
                 ning options available.A list of these can be found at http://sectools.org.
                    Along with the ability to evaluate and mount attacks against systems, you must
                 also use tools that are appropriate to the NOS that you are using, clients you are
                 operating, and the devices you use to communicate on the networks.As you scan,
                 you are searching for known problems that exist in each of these areas, and
                 detailing the potential for harm to your systems. Use these tools to proactively
                 check and repair these vulnerabilities and to provide a stable and problem-free
                 environment.
                    There are many benefits to being proactive in the system and network scanning
                 area. It is much better to spot trends and track them in relation to potential attacks
                 or DoS attacks, than to be taken unaware.Vigilance, good planning, and use of the
                 tools can eliminate many of the security issues that occur. Remember that a high
                 percentage of attacks or problems in systems come from inside networks. Scan and
                 be informed.



                 EXAM WARNING

                      In the Security+ exam, removal and control of non-essential services,
                      protocols, systems, and programs is tested generally, but is also covered
                      again later in the Security+ exam objectives when discussing system, OS,
                      NOS, and application hardening. Pay attention to the descriptions pre-
                      sented here, and to the concepts and procedures presented in Chapter 8
                      when discussing hardening of these components.
















                                                                              www.syngress.com
   48   49   50   51   52   53   54   55   56   57   58