Assessment should use appropriate software tools and include the following:
- Protocol analyzer
- Network scanners
- Rogue system detection
- Network mapping
- Command line tools
- ping
- netstat
- tracert
- nslookup/dig
- arp
- ipconfig/ip/ifconfig
- tcpdump
- nmap
- netcat
- Wireless scanners/crackers
- Passive vs. active
- Web application firewall
Process/Skill Questions:
- What is the purpose of a protocol analyzer?
- What type of information can be obtained using tcpdump?
- What is the difference between active and passive network security scanning?