In This Chapter
Determining which vulnerabilities to address first
Patching your systems
Looking at security in a new light
After you complete your tests, you want to head down the road to greater security. However, you found some security vulnerabilities. (Hopefully not too many serious ones, though!) Plugging these security holes before a hacker exploits them is going to require a little elbow grease. You need to come up with your game plan and decide which security vulnerabilities to address first. A few patches might be in order, and possibly even some system hardening. You might want to reevaluate your network design and security infrastructure as well. I touch on some of the critical areas in this chapter. You might also want to refer to the fine book Network Security For Dummies by Chey Cobb. Chey does a great job of covering each of these topics in depth.
It might seem that the security vulnerability to address first would be obvious, but it's often not black and white. When reviewing the vulnerabilities that you find, consider the following variables:
Whether the vulnerability can be fixed
How easy the vulnerability is to fix
How critical the vulnerable system is
Whether you can take the system offline to fix the problem
Time, money, and effort involved in purchasing new hardware or software or retooling business processes to plug the holes
In Chapter 16, I cover the basic issues of determining how important and how ...