Packet core network pdf of the features on CT. The page you are trying to access has moved.
The Connecticut State Department of Education has a new website. If you have existing bookmarks you will need to navigate to them and re-bookmark those pages. Go to the New CSDE Website! Sample Chapter is provided courtesy of Cisco Press. Chapter Description There’s more to network security than just penetration testing.
This chapter discusses software tools and techniques auditors can use to test network security controls. Security testing as a process is covered, but the focus is on gathering the evidence useful for an audit. Assessing security controls involves more than simply scanning a firewall to see what ports are open and then running off to a quiet room to generate a report. It is important to note that this is not a chapter about hacking. You will not learn all of the techniques and tools available today for breaking into networks. Do a search at your favorite online bookseller for the terms hacking, hacker, or penetration testing and you will find a slew of books devoted to the topics.
Evaluating Security Controls Security controls are the safeguards that a business uses to reduce risk and protect assets. As discussed in Chapter 1, “The Principles of Auditing,” the main security control types are administrative, technical, and physical. Under each category, the specific controls that can be implemented are preventative, detective, corrective, or recovery. These control types work together, and in general, you must provide controls from each category to effectively protect an asset. When evaluating security effectiveness, you need to examine three primary facets for every control. All security incidents, from break-ins to lost customer records, can usually be traced back to a deficiency that can be attributed to people, process, or technology. Testing these areas enables you to analyze security from a big picture perspective, gives you a better understanding of how an organization performs today, and recommends improvements for tomorrow.