ABSTRACT
Vulnerability assessment is the methodology of evaluating the security state of a network and its topology. A vulnerability assessment helps determine existing vulnerabilities that reside on network or systems and can also help to establish a known security baseline. The ideal vulnerability assessment provides a thorough list of security vulnerabilities identified on network as well as a complete analysis of how malicious users could exploit these vulnerabilities and use them to gain unauthorized access to systems and data. Vulnerability assessments are a proactive means of identifying vulnerabilities before someone else is able to exploit them and harm to business. Performing periodic vulnerability assessments will help achieve this goal and allow to better understand the risks organization is exposed to. A vulnerability assessment can also serve as an audit of existing security infrastructure, such as intrusion-detection systems and firewalls. The vulnerability–assessment process starts with information gathering and network reconnaissance. Network scanning is the first direct online network reconnaissance will perform.
