Network Vulnerability Assessment Notes

What is a Vulnerability?
Weakness in a system that allows the system to be maliciously exploited
and used outside of the way it was designed to be used and/or open to
a threat increasing the risk of operational corruption or disaster.

What is a Threat?
A possible danger to your system: a person, a thing, or an event that might attack the system either accidentally or deliberately.

What is a Risk?
The potential of a threat to exploit a vulnerability


Vulnerability Assessment
A Vulnerability Assement consists of determining that amount of risk associated
with a given vulnerability. And the systems compliance with secuirty policies
and practices.

Vulnerabilty Assessment Tasks:
-Identify System Vulnerabilities -Evaluate and measure risk associated with vulnerabilities -Point out possible solution (if any)

Penetration Test Vs. Vulnerability Assessment
Penetration Test:
-Use hacker techniques to break into a system

Vulnerability Assessment:
-Risk evaluation
-Repeatable methods to uncover all vulnerabilities
-Analysis of security practices and implementation of security policies

6 Steps to a Solid Assessment
from Peltier's Networkwork Vulnerability Assessment trainer
Step 1: Site Survey
Step 2: Develop a Test Plan
Step 3: Build the Toolkit
Step 4: Conduct the Assessment
Step 5: Analysis
Setp 6: Documenation

Reference:
Peltech.com