Question

Security auditors deploy many of the tools routinely used by penetration testers of an organization’s security staff during their security assessments. The key difference is that they are performed by an independent auditor. Auditors provide an impartial and unbiased view of the state the security landscape of an organization. Using credible sources, outline the rules of engagement (best practices) that a security auditor would follow as an ethical practicing professional.

(minimum 450 words)

Answer 1

Hi, I would love to answer you with this question , hope you like an answer and have a clear idea of the answer. So not wasting much time lets head towards an answer.

We will be discussing about the best practices that must be followed by a security auditor so as to provide a unbiased and impartial pentest.

So the best practices that must be followed are as follows:

• Policy checks
• Risk Management
• Security Architecture and Design
• Physical Security
• System and Network Management
• Proper authentication and authorization

1. Policy Checks - The policies which are been implemeted inside an organization should be deeply verified so as finding a loophole which may disrupt the sercurity services and can lead to an access to an attacker resulting in the loss of an organization . So the policies must be deeply verified and changes should be suggested accordingly.

2. Risk Management - The Risk management work of the team of an organization must be checked so as to know how will they be responding in the case of a risk or an attack. This may include the inspection of the work and security services been used by the risk management team of an organization.

3. Security Architecture and Design - The overall design of an architecture of the security services been implemented must be checked so as to find out if the way is possible for any attacker to bypass through it and enter the trusted network of the organisation

4. Physical Security - This aspect in the auditing may not seem like so likely but this is the most critical aspect of the inspection during the time of auditing . Most of the social engineering attacks can be performed if the physical security is been compromised . All the data is been kept in the database inside the rooms and the servers are been handled so the physical security may prevent an unauthorized access to a data centre or the server room. Hence preventing the organisation from been compromised.

5. System and Network Management - This system and network management consists of many different aspects such as the software integrity, access control and the secure access configuration. These all may seem to be same but have some minor changes and leading a big difference. Overall means the system must be prvented from the virused and trojans and the access and the privilages must be checked as per the requirements of an employee, and more importantly applying the security patches .

6.Proper authentication and authorisation - This part of the practice is to find out the security practices been implemented to properly identify the trusted user and the proper privilages been provided to him. Rather than giving the bunch of privilages least privilage policy must be enabled.

So these are the security practices that must be followed by an indepedent security auditor so as resulting in the betterment of an organisation.

Hope you like an answer and have some idea related to the same

Please like an answer and do comment for any queries

Thanks and Happy to Help :)

HAPPY LEARNING