Chapter 9 - Risk Assessment and Risk Mitigation

Abstract

This chapter focuses on the risk assessment, a tool that ensures clients and users internal needs are met in regards to security. Risk assessment and mitigation are important parts of the overall security process in an organization or enterprise. Risk assessments are typically carried out using a variety of tools such as vulnerability scanners, password crackers, and protocol analyzers. Password cracker run test the strength of user and administrator passwords in a network environment. Password crackers range from the old L0phtCrack to the open source John the Ripper to Elcomsoft's Password Auditor to rainbow tables. Protocol analyzers are a vital part of a network administrator's and security administrator's tool kit. Protocol analyzers can monitor the traffic on a network and expose data and protocols that are being passed along the wire. In addition, the results of the risk assessments should be reviewed in order to be able to identify critical risks as well as mitigation techniques that could reduce the overall exposure of the organization. Further, logging and auditing play critical roles in securing an organization's environment. System, performance, and access logs all provide key pieces of information regarding the day-to-day security of a network. Periodic auditing of logs such as these is critical to identify any flaws or the need to update standards and technical configurations.