Tuesday, July 23, 2019

AN INTRODUCTION TO INFORMATION AND CYBER SECURITY Thesis

AN INTRODUCTION TO INFORMATION AND CYBER SECURITY - Thesis Example Nessus, on the other hand, is used in more than 75,000 organizations around the globe and it is considered to be one of the world’s most popular vulnerability scanner (Ferguson, n.d.). However, the third version, i.e. version 3, has now been converted to a proprietary license as the scanning engine is still free and updates are also available after a week on a release. When Nessus is incorporated in a large enterprise, most probably, a government organization such as Department of Defense (DOD) networks, it will initiate a port scan and target the defined host or a network. After opening the port, it examines all the services that are running on the system or network and tests all the detected services against vulnerabilities defined in the Nessus vulnerability database (Kim, n.d.). As this tool can develop a testing platform for network resilience, the report generation is very comprehensive that is ideal for large enterprises. As it is an easy remote based vulnerability analysis tool, it can be best suited for large enterprises that are geographically dispersed in more than one continent (Kim, n.d.). Moreover, in an ideal scenario where corporate networks for large organizations contain many client/server architectures, Nessus will detect the clients and the server automatically when connected to the specific network at a specific location (Kim, n.d.). Network security professionals of a large enterprise can customize plugins, as per their requirements, as the tool has its own scripting language for defining methods to test and identify network for vulnerabilities (Kim, n.d.). The tool will penetrate within the corporate network and start scanning anonymous File Transfer Protocol (FTP) and for the client/server architecture, secure socket Layer (SSL) will provide an additional layer of security for report results. However, for false positive detection, a validity check is required on the reports from

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.