K1.31 Common vulnerabilities to networks, systems and devices and the application of cyber security
controls:
• missing patches, firmware and security updates:
o application of cyber security controls:
▪ patch manager software
▪ tracking network traffic
▪ test groups/devices to test security
• password vulnerabilities (for example missing, weak or default passwords, no password lockout
allowing brute force or dictionary attacks):
o application of cyber security controls:
▪ minimum password requirements in line with up-to-date NCSC guidance (for example length,
special character)
▪ password reset policy
• insecure basic input-output system (BIOS)/unified extensible firmware interface (UEFI) configuration:
o application of cyber security controls:
▪ review BIOS/UEFI settings
▪ update BIOS
• misconfiguration of permissions and privileges:
o application of cyber security controls:
▪ testing permissions and access rights to systems
▪ scheduled auditing of permissions and privileges (for example remove access of terminated
staff)
• unsecure systems due to lack of protection software:
o application of cyber security controls:
▪ protecting against malware (for example virus, worm, trojan, ransomware)
▪ update security software
▪ monitoring security software
▪ buffer overflow
• insecure disposal of data and devices:
o application of cyber security controls:
▪ compliance with Waste Electrical and Electronic Equipment (WEEE) Directive 2013
▪ checking and wiping all data devices
• inadequate back-up management:
o application of cyber security controls:
▪ back-up frequency
▪ application of appropriate types of back-up
• dynamic host configuration protocol (DHCP) spoofing:
o application of cyber security controls:
▪ using DHCP snooping
• VLAN attacks and VLAN hopping:
o application of cyber security controls:
▪ implementation testing of the VLAN
▪ scheduled testing and monitoring of network
• misconfigured firewalls:
o application of cyber security controls:
▪ testing firewall
▪ scheduled monitoring and updates
• exposed services and ports – allows network attacks (for example a user connecting their device to
an ethernet port):
o application of cyber security controls:
▪ physical security controls
▪ monitoring network traffic
• misconfigured access control lists (ACLs):
o application of cyber security controls:
▪ monitor and review ACLs
• ineffective network topology design (for example inadequate placement of firewalls and screened
subnet):
o application of cyber security controls:
▪ review of network topology design prior to implementation
▪ implementation testing
• unprotected physical devices:
application of cyber security controls:
▪ install correct software
Links to Learning Outcomes |
Links to Assessment criteria |
|
|---|---|---|