To protect a network and the resources accessed through the network from unauthorized access and also ensure that employees have adequate access to the network and resources to work.
A network security system typically relies on layers of protection and consists of multiple components including networking monitoring and security software in addition to hardware and appliances.
All components work together to increase the overall security of the computer network.
Who owns and has access to the system?How can the system be accessed (network, modem, wireless, etc.)? How are IDs and passwords managed and controlled?Are root and admin passwords changed and managed appropriately? Are system logging and audit functions active? What are the procedures for monitoring system logs? Does the OS configuration conform to corporate policy and requirements? What are the procedures for applying security patches, virus updates, etc?
Who owns and is responsible for the application? What application security mechanisms (access controls) are in place? What data does the application use? What information does the application create? Is this information appropriately classified and protected? How is the application integrated into other security components (such as using authorization,external access controls, and centralized logging/monitoring)?
Data Security and Classification
What data is being in corporated into the project? What is the sensitivity (classification) of the data? Are data protection mechanisms set commensurate with the sensitivity of the data?Who will have access to the data? What access controls are inplace? According to policy, what are the encryption requirements for the data (in storage, in transit, etc.)?
A Disaster Recovery Plan (DRP) is essential. These types of plans should focus on communications to employees and customers and any potential workarounds and methods to distribute additional information. You may never be able to prevent a DoS attack, but you can be ready if (or when) you are subjected to one.
Asessing External Third Parties
Increasingly, corporate projects involve external parties either through some sort of network connection, access todata in a DMZ, or simply sending data over the Internet for external processing. Security assessments for these types of projects can be much more challenging