Network Security Audit: Tools & Checklist

Instructor: David Gloag

David has over 40 years of industry experience in software development and information technology and a bachelor of computer science

Networks are important tools in business today. In this lesson, we'll take a look at network security, audits, tools you might use in an audit, and a checklist for performing it.

Networks and Protection

The Internet is a large network that connects people around the world. Companies have networks that connect their employees to each other, and some people have networks in their homes that connect them to family members.

But like all things, there are threats that can affect networks; threats that could potentially cause service interruption, or harm. Because of this, it is important to protect them against those types of eventualities. One solution is to implement network security, and to perform a network security audit on a regular basis.

What is Network Security?

Network security is the collection of hardware and software tools that protect a company's network infrastructure. They are intended to address a number of possible threats that include:

  • Unauthorized Access - any user trying to gain access without the proper credentials. For example, a malicious user logging in from the outside.
  • Malicious Use - any user trying to perform something they shouldn't. For example, a user trying to delete important information.
  • Faults - any piece of software or device that fails in some way. For example, a printer that runs out of toner.
  • Tampering - any action that changes a piece of software or a device such that it behaves differently than it should. For example, changing the configuration of a secured door so that it can be opened without a key or credentials.
  • Destruction - any fault that is created in a willful fashion. For example, breaking a mouse or keyboard.
  • Disclosure - revealing important information. For example, letting intellectual property fall into a competitor's hands.

Network Security Auditing

A network security audit is a process for evaluating the effectiveness of a network's security measures against a known set of criteria. These audits typically look at a number of things that include:

  • Hardware Configuration - what are the devices involved, and what security protects them?
  • Software Configuration - what software is involved, and what security protects them?
  • The Environment - who has access, what parts of the system do they have access to, and at what times?
  • Information Handling Processes - how does information move around, who moves it, what access is required for which information?
  • User Practices - how do the users use the information, are pre-defined policies being followed, is information left unattended?

The idea is to get a clear picture of the elements involved, the protection in places, the processes and policies that govern, and the discipline used when accessing elements in the system.

Tools Used for a Network Security Audit

There are many tools available that can help with network security audits. They come in two types, utilities and suites. Utilities are single purpose applications that are designed to provide information about a single element of network security. Some examples are:

  • Nmap - a utility that provides information about the available ports (connection points) on the network.
  • Crack - a utility used to break passwords.
  • Ghba.c - a utility that allows the machine's name on a particular subnet (identified part of a network) to be determined.

Suites, on the other hand, contain sets of utilities that look at a series of elements on the network. Some examples include:

  • SARA - Security Auditor's Research Assistant, a comprehensive vulnerability scanner.
  • Retina - a product that mimics hackers using artificial intelligence.
  • FoundScan - a vulnerability assessment tool that is available via subscription.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? Study.com has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account
Support