(→Source) |
(→Source) |
||
| Line 5: | Line 5: | ||
== Source == |
== Source == |
||
| − | * [[NIST Special Publication 800-14]]. |
+ | * [[NIST Special Publication 800-14]], at 25. |
[[Category:Computing]] |
[[Category:Computing]] |
||
[[Category:Security]] |
[[Category:Security]] |
||
Revision as of 03:47, 6 February 2011
Computer security
Automated tools can be used to help find a variety of vulnerabilities, such as improper access controls or access control configurations, weak passwords, lack of integrity of the system software, or not using all relevant software updates and patches. There are two types of automated tools: (1) active tools, which find vulnerabilities by trying to exploit them, and (2) passive tests, which only examine the system and infer the existence of problems from the state of the system.
Source
- NIST Special Publication 800-14, at 25.