 |
|
Security
PIX
& Checkpoint
Threats
Assessment
Audits
Audit
Reports
Policies
IDS
Software
Network
Designs
Y1
Alerter
Connectivity
IP
Solutions
Computer
Systems
Available
Consultants
|
|
|
Security Assessments
Y1
Security Assessment Process
Before a
business can take the necessary steps to improve its network security, it needs
to conduct a review of its existing enterprise components.
Most businesses have complete up-to-date diagrams and information
available. If necessary Y1 will
create, or update, this information to start the assessment.
The
Assessment Process will identify targets by probing without hacking into actual
enterprise components. The external assessment includes Internet and dial-in
connections. This approach is
similar to what a hacker does prior to actually deciding which and how to
break-in an enterprise. By
providing a security snapshot and quantifying the current network enables Y1SEs
to conduct the Security Vulnerability Audits.
-
Current
Infrastructure Analysis - Network mapping
and target analysis to determine network topology with information collected
from public and business records.
-
Passive
Information Gathering - Identify targets
from on-line information sources, such as DNS and whois to gather
information on the targeted enterprise.
-
Network
Enumeration (Internal & External) Vulnerability measurement and data
collection to identify methods of entry into a business network through
exploitation of network vulnerabilities to map the network topology of the
target and identifying potential target systems.
-
Host
Enumeration (Internal & External) Host
and service discovery to determine how many hosts are on the network.
|
| |
|
