CompTIA® Security+ Exam Notes : Explain Vulnerability Scanning Concepts

1. Threats, Attacks and Vulnerabilities

1.5 Explain vulnerability scanning concepts

There are several tools available for testing network hardening. Some of these are:

1. Nmap: Nmap stands for Network Mapper. It is used for security scanning of a single host to a large network. Nmap is an open-source software, and available free. It can be used to determine what hosts are available on the network, what services (ports) they are offering, what operating system they are running etc.

2. Security Administrator's Tool for Analyzing Networks (SATAN): It recognizes several commonly found networking-related security problems, and reports the problems without actually exploiting them.

3. Security Administrator's Integrated Network Tool (SAINT): It is an enhanced version of SATAN, and used for network security assessment.

4. Nessus: A security scanner that audits remotely a given network and determine whether hackers may break into it, or misuse it in some way.

Some other network security scanning tools include SAFEsuite, and Tiger Tools TigerSuite. There is no tool by name Trittor.

Port scanner: Port scanner is a device that is used to verify any insecure ports. Spectrum analyzer is used for analyzing the frequency spectrum and not a correct choice. Cookie and backups are not relevant choices.

OVAL (Open Vulnerability and Assessment Language): OVAL is an information security community standard to promote open and publicly available security content, and to standardize the transfer of this information across security tools and services










Previous   Contents   Next


Security+ Cram Notes Contents certexams.com ad