Page 1082 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1082
for operating systems, applications, and devices.
Extensible Configuration Checklist Description Format (XCCDF)
provides a language for specifying security checklists.
Open Vulnerability and Assessment Language (OVAL) provides a
language for describing security testing procedures.
Vulnerability Scans
Vulnerability scans automatically probe systems, applications, and
networks, looking for weaknesses that may be exploited by an attacker.
The scanning tools used in these tests provide quick, point-and-click
tests that perform otherwise tedious tasks without requiring manual
intervention. Most tools allow scheduled scanning on a recurring basis
and provide reports that show differences between scans performed
on different days, offering administrators a view into changes in their
security risk environment.
There are four main categories of vulnerability scans: network
discovery scans, network vulnerability scans, web application
vulnerability scans, and database vulnerability scans. A wide variety of
tools perform each of these types of scans.
Remember that information security professionals aren’t
the only ones with access to vulnerability testing tools. Attackers
have access to the same tools used by the “good guys” and often
run vulnerability tests against systems, applications, and networks
prior to an intrusion attempt. These scans help attackers zero in on
vulnerable systems and focus their attacks on systems where they
will have the greatest likelihood of success.
Network Discovery Scanning
Network discovery scanning uses a variety of techniques to scan a
range of IP addresses, searching for systems with open network ports.
Network discovery scanners do not actually probe systems for
vulnerabilities but provide a report showing the systems detected on a
