Build and Maintain a Secure Network and Systems

Requirement 1: Build and Maintain a Secure Network

Firewalls
– Cisco (www.cisco.com/c/en/us/products/security/firewalls/)
– Checkpoint (www.checkpoint.com/)
– Palo Alto (https://www.paloaltonetworks.com/)
– Free: PFsense (www.pfsense.org)

Firewall audit tool
– Firemon (www.firemon.com/)
– Titania (https://www.titania.com/nipperstudio/networksecuritytool)
– Solarwinds (http://www.solarwinds.com)

Anti-virus
There are a lot of anti-virus tools on the market. Personally I am a fan of F-Secure and Kaspersky. For a full list, please see the following: (http://www.thetoptens.com/best-antivirus-software/)

Unique IDs
Typically through Microsoft Active Directory where possible. Otherwise, ensure unique IDS created through other authentication systems such as RADIUS, Oracle Wallets, OpenLDAP etc.

Information Security Policy
www.sans.org/security-resources/policies

Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Vendor default lists
– https://www.cirt.net/passwords
– www.sans.edu/research/security-laboratory/article/286
– www.urtech.ca/2011/12/default-passwords/
– community.spiceworks.com/how_to/show/1769-default-password-list

Tools
– Nessus (www.tenable.com/‎)
– Qualys (www.qualys.com/‎)
– Nexpose (www.rapid7.com/products/nexpose/)

Kali Linux tools (www.kali.org/)
– Nmap
– Medusa
– Onesixtyone
– Burp
– Wireless testing – Kismet, airmon, airodump

Other
– www.visiwave.com/