(→Source) |
No edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 2: | Line 2: | ||
'''Automated tools''' can be used to help find a variety of [[vulnerabilities]], such as improper [[access control]]s or [[access control configuration]]s, weak [[password]]s, lack of [[integrity]] of the [[system software]], or not using all relevant [[software]] [[update]]s and [[patch]]es. There are two types of automated tools: (1) active tools, which find [[vulnerabilities]] by trying to [[exploit]] them, and (2) passive tests, which only examine the [[system]] and infer the existence of problems from the state of the [[system]]. |
'''Automated tools''' can be used to help find a variety of [[vulnerabilities]], such as improper [[access control]]s or [[access control configuration]]s, weak [[password]]s, lack of [[integrity]] of the [[system software]], or not using all relevant [[software]] [[update]]s and [[patch]]es. There are two types of automated tools: (1) active tools, which find [[vulnerabilities]] by trying to [[exploit]] them, and (2) passive tests, which only examine the [[system]] and infer the existence of problems from the state of the [[system]]. |
||
| + | |||
| + | Several types of automated tools monitor a system for [[security]] problems. Some examples are [[virus scanner]]s, [[checksum]]ming, [[password cracker]]s, [[integrity verification]] programs, [[Intrusion detection system|intrusion detector]]s, and system performance monitoring. |
||
== Source == |
== Source == |
||
| − | * [[NIST Special Publication 800-14]]. |
+ | * [[NIST Special Publication 800-14]], at 25. |
[[Category:Computing]] |
[[Category:Computing]] |
||
[[Category:Security]] |
[[Category:Security]] |
||
Latest revision as of 03:57, 6 February 2011
Computer security[]
Automated tools can be used to help find a variety of vulnerabilities, such as improper access controls or access control configurations, weak passwords, lack of integrity of the system software, or not using all relevant software updates and patches. There are two types of automated tools: (1) active tools, which find vulnerabilities by trying to exploit them, and (2) passive tests, which only examine the system and infer the existence of problems from the state of the system.
Several types of automated tools monitor a system for security problems. Some examples are virus scanners, checksumming, password crackers, integrity verification programs, intrusion detectors, and system performance monitoring.
Source[]
- NIST Special Publication 800-14, at 25.