Vulnerability Classification
It is also essential to understand the shortcomings of operational and security measures. This understanding makes security design more effective. To better understand the sources of system vulnerabilities, it may be helpful to categorize them during analysis. The following general categories can be used to categorize key systems and asset vulnerabilities:
- Faults in policy
- Design flaws
- Protocol shortcomings
- Software weaknesses
- Misconfiguration
- Hostile code
- Human element
This list only includes some vulnerability categories. Multiple vulnerabilities can be identified for each of these categories.
There are a number of industry initiatives focused on classifying hazards to the public. The following well-known and freely accessible catalogs can be used as models for vulnerability analysis.
- Common Vulnerabilities and Exposures (CVE): A publicly available list of known information security vulnerabilities and exposures. Visit http://cve.mitre.org to find out. This database enables data exchange between security solutions and provides standard identifiers that serve as benchmark index points for evaluating the coverage of tools and services.
- The US government’s National Vulnerability Database (NVD) is a standard-compliant repository of vulnerability management data. This data enables automation of compliance, security measurement and vulnerability management. NVD maintains a database of product names, impact measurements, security-related software bugs, configuration errors, and security checklists.
- The standard used to rate and classify security vulnerabilities in the computer and networking industry is the Common Vulnerability Scoring System (CVSS). The standard focuses on evaluating one vulnerability against another to help administrators prioritize tasks. Major industry players such as McAfee, Qualys, Tenable and Cisco have adopted this standard. See http://www.first.org/cvss for more information, databases, and calculators. There are a number of industry initiatives focused on classifying hazards to the public. The following well-known and freely accessible catalogs can be used as models for vulnerability analysis.
Key Security Concepts
Network security is necessary to protect personal network hardware and clients from unwanted access, theft, damage, and other problems. The internet is the number one source of security threats. Control your network to protect it from these threats. The primary goal of network security is to protect Internet-connected machines from viruses and hackers. Firewalls, routers, and other devices give you control over your network’s security. Allow unauthorized access to unidentified individuals by undermining your own network security.