Module 4: Security Operations

Vulnerability Assessment

Indian Institute of Information Technology Dharwad

Ittigatti Road, Near Sattur Colony, Dharwad 580009
 Why is vulnerability assessment important?
● Vulnerability assessment is critically important for organizations seeking to
fortify their cybersecurity defenses so that risks can be mitigated before they
are exploited by malicious actors.
● Beyond risk management, vulnerability assessments also play a pivotal role in
regulatory compliance, helping organizations adhere to industry standards and
data protection regulations.
● Ultimately, vulnerability assessments are instrumental in enhancing overall
security posture, ensuring resilience against emerging cyber threats, and
maintaining trust with customers and stakeholders alike.

2
2 of 26
 Vulnerability and Vulnerability Assessment
• Vulnerability: Vulnerability is a weakness in a system that can be exploited by an attacker to deliver an
attack to potentially compromise the confidentiality, integrity, or availability of data or resources.
• Vulnerability Assessment: Vulnerability assessment is the process of identifying security weaknesses
in a system. It evaluates the severity of the vulnerabilities that the system is susceptible to and suggests
ways to mitigate them.

3
3 of 26
 Types of Vulnerability Assessments
● Network Vulnerability Assessment: Focuses on identifying vulnerabilities within network
infrastructure, such as routers, switches, firewalls, and other network devices.
● Host-Based Vulnerability Assessment: Concentrates on individual systems (hosts) within the network
and identifies vulnerabilities in operating systems, applications, etc.
● Web Application Vulnerability Assessment: Specifically targets vulnerabilities within web applications
and their underlying components.
● Database Vulnerability Assessment: Focuses on identifying vulnerabilities within databases and their
management systems (DBMS).

Network Host-Based Web App Database

VA VA VA VA
4
4 of 26
 Types of Vulnerability Assessments
● Wireless Network Vulnerability Assessment: Assesses vulnerabilities in wireless networks, including
Wi-Fi networks and Bluetooth connections.
● Cloud-Based Vulnerability Assessment: Evaluates vulnerabilities within cloud infrastructure and
services hosted on platforms like AWS, Azure, or Google Cloud.
● Physical Security Vulnerability Assessment: Assesses physical security measures such as access
controls, surveillance systems, and environmental controls and identifies vulnerabilities in physical
infrastructure.

Wireless Cloud-Based Physical

Network VA Security VA
VA 5
5 of 26
 Case Study: NASA Jet Propulsion Laboratory (JPL) Cybersecurity
Incident (2018)
• Background: NASA's Jet Propulsion Laboratory (JPL) experienced a cybersecurity
incident in 2018 that compromised sensitive information related to Mars exploration
missions.
• Cause and Vulnerability Assessment: The attack exploited weaknesses in JPL's network
defenses, possibly through phishing attacks or unauthorized access to IT systems.
Vulnerability assessments and security audits conducted post-incident identified gaps in
network segmentation, outdated software, and inadequate access controls.
• Response and Remediation: JPL responded by initiating a thorough investigation to assess
the extent of the breach and identify vulnerabilities exploited by attackers. Vulnerability
assessments were integrated into JPL's cybersecurity strategy to prioritize remediation
efforts and strengthen defenses.

6
6 of 26
 Quiz
1. What is a vulnerability assessment?
2. Which of the following is NOT a type of vulnerability assessment?
A) Network-based assessment
B) Host-based assessment
C) Database assessment
D) Marketing assessment
3. Why is vulnerability assessment important?
4. During a vulnerability assessment, which of the following vulnerabilities might be identified?
A) Unpatched software
B) Strong password policies
C) Well-configured firewalls
D) Efficient data backup processes
5. How often should vulnerability assessments be conducted?

7
7 of 26