In this chapter, you understood network essentials such as risk management for industry standards and governance frameworks such as SOX, HIPPA, GLBA, and PCI. We then looked at various auditing process analysis platforms, including SolarWinds, Open-AudIT, and Nmap. We also briefly looked at security assessment tools such as Nessus and Nipper, as well as performance assessment tools such as Wireshark. We also went through a comprehensive audit checklist that focused on the various attributes of a well-defined network security audit. We then looked at a case study of a financial institution that had outsourced its network management activity to a third-party vendor. Finally, we discussed auditing best practices and the latest trends.
In this chapter, we learned about the requirements for initiating a network audit exercise and the various dependencies. We also took a look at different risk management strategies and industry standards that can be utilized by the auditor for guidance...