In: Computer Science
1. The community college you work for would like to
get a security test performed, explain the different test types and
the advantages and disadvantages of them
.2. The community college now wants to have a security company come
in and perform security tests. Explain what they should expect
before, during, and after the testing.
Q1 Answer :-
Types of Security Testing :-
1 - Vulnerability Scanning :-
This is done through automated software to scan a system against known vulnerability signatures.
Advantages :-
Disadvantages :-
2 - Security Scanning :-
It involves identifying network and system weaknesses, and later provides solutions for reducing these risks. This scanning can be performed for both Manual and Automated scanning.
Advantages :-
Disadvantages :-
3 - Penetration testing :-
This kind of testing simulates an attack from a malicious hacker. This testing involves analysis of a particular system to check for potential vulnerabilities to an external hacking attempt.
Advantages :-
Disadvantage :-
4 - Risk Assesment :-
This testing involves analysis of security risks observed in the organization. Risks are classified as Low, Medium and High. This testing recommends controls and measures to reduce the risk.
Advantages :-
Disadvantages :-
5 - Security Auditing :-
This is an internal inspection of Applications and Operating systems for security flaws. An audit can also be done via line by line inspection of code .
Advantages :-
Disadvantages :-
6 - Posture Assessment :-
This combines Security scanning, Ethical Hacking and Risk Assessments to show an overall security posture of an organization .
7- Ethical hacking :-
It's hacking an Organization Software systems. Unlike malicious hackers, who steal for their own gains, the intent is to expose security flaws in the system.
Advantages :-
Disadvantages :-
Q 2 Answer :-