1
00:00:00,320 --> 00:00:02,930
Assessing network security effectiveness.

2
00:00:02,960 --> 00:00:09,680
Network security Assessment addresses the broader aspects of the security functionality of a network.

3
00:00:09,980 --> 00:00:16,280
This should involve exploring the network infrastructure to identify the different components present

4
00:00:16,280 --> 00:00:18,860
in the environment and cataloging them.

5
00:00:19,370 --> 00:00:25,550
Ideally, this should be followed by assessing the technical architecture, technological configurations

6
00:00:25,550 --> 00:00:31,370
and vulnerabilities and threats that might have been identified as a part of the first step.

7
00:00:31,870 --> 00:00:38,290
Following this, we should focus on the ability to exploit these identified threats to validate their

8
00:00:38,290 --> 00:00:45,340
impact and risk factor, which may be based on a qualitative or quantitative approach.

9
00:00:45,490 --> 00:00:52,960
This helps us in deriving accurate prioritization and business context as well as the corresponding

10
00:00:52,960 --> 00:00:54,580
remediation plan.

11
00:00:54,730 --> 00:01:00,190
Some key concepts that we will be covering in this course as a part of the network security will form

12
00:01:00,190 --> 00:01:07,330
the fundamental and foundational capabilities that enable us to check the right boxes and derive an

13
00:01:07,330 --> 00:01:09,460
appropriate value for each.

14
00:01:09,520 --> 00:01:16,330
In this section, we will investigate the major domains that can help us assess the maturity of the

15
00:01:16,330 --> 00:01:17,050
network.

16
00:01:17,500 --> 00:01:19,450
Static Analysis.

17
00:01:19,870 --> 00:01:26,110
This focuses on auditing, application code, network and server configuration and providing an architectural

18
00:01:26,110 --> 00:01:27,400
review of the network.

19
00:01:27,640 --> 00:01:35,200
This is exhaustive and as work and time intensive, but derives a lot of valuable insights into the

20
00:01:35,200 --> 00:01:41,200
inner workings of the various components and configuration errors and vulnerabilities that might persist

21
00:01:41,200 --> 00:01:44,470
in the environment as they are conducted at runtime.

22
00:01:44,590 --> 00:01:52,120
Therefore, we need to break this into small, actionable steps such as design, review, configuration

23
00:01:52,120 --> 00:01:54,910
review and static code analysis.

24
00:01:55,660 --> 00:01:57,550
Dynamic Analysis.

25
00:01:57,790 --> 00:02:04,540
Dynamic analysis focuses on the threat actors perspective Who aims to exploit the services and threat

26
00:02:04,540 --> 00:02:10,120
vectors that can result in the loss of confidentiality, integrity and availability.

27
00:02:10,120 --> 00:02:15,640
And this can be inclusive of network infrastructure testing the application and services testing and

28
00:02:15,640 --> 00:02:18,040
dynamic code analysis.

29
00:02:19,320 --> 00:02:26,700
Also remember that static analysis is more focused on preventive checking, whereas the dynamic analysis

30
00:02:26,730 --> 00:02:30,900
focuses on resolving existing vulnerabilities and flaws.

31
00:02:31,020 --> 00:02:36,910
Static analysis is cost efficient and takes less time compared to dynamic analysis.

32
00:02:36,930 --> 00:02:42,720
This is because static analysis is generally done before deployment and is less expensive due to the

33
00:02:42,720 --> 00:02:44,790
efforts that's involved.

34
00:02:44,880 --> 00:02:46,560
Configuration Review.

35
00:02:46,860 --> 00:02:48,200
Configuration Review.

36
00:02:48,210 --> 00:02:55,410
This focuses on the auditing network components at a low level, such as firewalls, routers, switches,

37
00:02:55,410 --> 00:03:01,950
storage and virtualization, infrastructure server and appliance operating system configuration and

38
00:03:01,950 --> 00:03:04,860
application configurations.

39
00:03:05,040 --> 00:03:12,780
You can leverage configuration reviews to perform gap analysis and document possible flaws in the configuration

40
00:03:12,780 --> 00:03:16,200
and harden mitigate the identified ones.

41
00:03:16,470 --> 00:03:22,390
You can also prioritize the recommended actions based on their severity and impact.

42
00:03:22,480 --> 00:03:26,920
The low hanging ones should be addressed quickly.

43
00:03:27,910 --> 00:03:29,710
Design review.

44
00:03:30,640 --> 00:03:37,690
This concentrates on implementing security controls and evaluating their effectiveness and applicability.

45
00:03:38,110 --> 00:03:49,600
For example, ISO IEC 1540812208 is an industry recognized certification that accounts for general concepts

46
00:03:49,600 --> 00:03:53,260
and principles of IT security evaluation.

47
00:03:53,470 --> 00:03:56,020
It captures a variety of operations.

48
00:03:56,050 --> 00:04:10,000
The functional and assurance components are given in ISO is 154082 and ISO is 154083 and can be tailored

49
00:04:10,000 --> 00:04:15,010
for the relevant operations network infrastructure testing.

50
00:04:15,870 --> 00:04:21,810
This segregates network testing in the form of vulnerability assessment and penetration testing.

51
00:04:22,080 --> 00:04:28,380
There is a wide range of tools and platforms that can be utilized for the same that will scan the network

52
00:04:28,380 --> 00:04:34,500
and infrastructure for potential vulnerabilities and provide a base for manual or automated testing

53
00:04:34,530 --> 00:04:37,200
of the exploited vulnerabilities or flaws.

54
00:04:37,950 --> 00:04:40,170
Web Application Testing.

55
00:04:40,800 --> 00:04:47,910
Web application testing involves assessing an application from various approaches to test for weaknesses

56
00:04:47,910 --> 00:04:50,880
in the source code, application and business logic.

57
00:04:50,910 --> 00:04:58,290
Authenticated and unauthenticated application processing and configuring and implementing laws of ASP

58
00:04:58,290 --> 00:05:02,970
is a brilliant resource for digging deeper into application security practice.

59
00:05:03,120 --> 00:05:10,080
So far we have explored the various major aspects that should form the basic building blocks of a good

60
00:05:10,080 --> 00:05:11,610
network security architecture.

61
00:05:11,640 --> 00:05:15,510
Next, we will take a look at some technical management aspects.