Identification should include assessing the vulnerability with security tools, including
network mapping
vulnerability scanning
network sniffing
password analysis.