EC Council
EC-Council
Module XL
Security Patches
Penetration
e et at o Testing
est g
Information
Vulnerability
External
Gathering
Analysis
Penetration Testing
Fi
Firewall
ll
Penetration Testing
Router and
Switches
Internal
Network
Penetration Testing
Penetration Testing
Wireless
Network
Denial of
Service
Penetration Testing
Penetration Testing
IDS
Penetration Testing
Contd
Application
Penetration Testing
EC-Council
Social
Engineering
Password
Cracking
Penetration Testing
Penetration Testing
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Physical
Security
Database
Penetration testing
VoIP
Penetration Testing
War Dialing
VPN
Penetration Testing
Penetration Testing
Virus and
Vi
d
Trojan
Detection
Log
Management
Penetration Testing
File Integrity
Checking
End Here
Data Leakage
Penetration Testing
EC-Council
Security
Patches
Penetration Testing
Email Security
Penetration Testingg
Telecommunication
And Broadband
Comm nication
Communication
Penetration Testing
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Patch Management
It is a part of system management which involves acquiring,
testing, and installing of patches to an administrated
computer system.
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Responsibilities of PVG:
Conduct testing of patches and non-patch remediation
Create a database of remediation
Distribute
Di t ib t iinformation
f
ti related
l t d tto vulnerability
l
bilit and
d remediation
di ti
to the local administrators
Configure automatic update of applications
Monitor security sources for vulnerability announcements like
patch and non-patch remediation
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Check whether
the database is
maintained for
patching by
PVG.
EC-Council
Check
Ch
k the
th last
l t
date when a
patch was
i
installed.
ll d
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Before installing on the main system, check whether the patches and
configuration modifications are tested on the non-production systems.
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Check whether
there is
dependency
b
between
the
h
patches if installed
sequentially.
EC-Council
Check whether
installing new
patch
inadvertently
uninstalls or
disables another
patch.
patch
New Patches
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Summary
Patch management is a part of the system management which
involves acquiring, testing, and installing of patches to an
administrated computer system.
New types of vulnerabilities arise with the installation of latest
patches.
h
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
EC-Council
Copyright by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited