文章基本信息

标题：Network Security Testing Using Discovery Techniques
本地全文：下载
作者：U. Palani ; S. Vanitha ; S. Lakshminarasimman 等
期刊名称：International Journal of Computer Science and Information Technologies
电子版ISSN：0975-9646
出版年度：2014
卷号：5
期号：6
页码：7146-7153
出版社：TechScience Publications
摘要：network security assessment is the process of determining how effectively a network being assessed needs specific security objectives. In this paper we have covered the various challenges faced in providing network security, the threats to network security, the components of a network that are usually attacked and the security management. This article provides an insight into the methodology and ethos behind penetration testing. It illustrates why security testing can provide substantial value to an organization by securing its IT infrastructure from real world attacks. It describes the need for penetration testing and analyses the requirements of the same before establishing the objectives to be covered in one run of the penetration test. It also provides background information on penetration testing processes and practices. It then discusses various types of threats in today’s IT world. Today’s software penetration testing tools, practices, and (to some degree) staff have been developed and improved for an IT Security user base, primarily. However, to effectively make use of these elements in a software development environment takes careful thought and clear goals. To get around this, and to get closer look on the implementation, challenges & practices discussed here , this document provides a description of and recommendations for a penetration testing process, models and methodology that is more suited to the needs of software developers than is typically found today. Additionally, the document also provides information why penetration testing cannot be performed as a series of automation test runs by analyzing the methodology used for performing penetration testing. It also provides both a conceptual as well as a more specific survey of the practices, models and methodology available today for conducting penetration testing. This tool survey is then balanced against the need for trained, skilled, and highly motivated testing staff. Staff training is addressed and compared against mentoring or apprenticeship types of on the job training processes