Assessment should use appropriate software tools and include the following:
- Configuration compliance scanner
- Backup utilities
- Honeypot
- Banner grabbing
- Password cracker
- Vulnerability scanner
- Exploitation frameworks
- Host-based Intrusion Detection System (HIDS)/Host-based intrusion prevention system (HIPS)
- Host-based firewall
- Antivirus
- File integrity check
- Application whitelisting
- Advanced malware tools
- Patch management tools
- Removable media control
Process/Skill Questions:
- What are the main differences between HIDS and HIPS?
- How can a “honeypot” be used to increase security for an organization?
- What is the purpose of backup utilities in determining the overall security health of an organization?