Network Enumeration

Asset management and registers are a fundamental part of an organisation's security posture;  only once you understand what assets your organisation has will you be able to effectively protect them against cyber threats. However, as part of security assessments, URM will often find that the assets it identifies on an organisation’s network do not match those present in the asset register.  When we refer to assets.

URM’s half-day training course will help you to understand the different approaches to obtaining ‘ground truth’ around network assets and services running on them, as well as practical exercises using the open source, industry standard nmap tool.  This will enable you to fully enumerate your networked assets, i.e., identify all assets on your organisation’s network including servers, desktops, laptops, routers, switches, firewalls, IoT devices, printers, scanners and VoIP phones (basically anything with an IP address).  You will then be in a position to update your asset register accordingly, thereby enhancing the effectiveness of asset management within your organisation and its security posture in general.

By Attending This Course, You Will Learn:

• The different approaches to network enumeration
• Their advantages and drawbacks
• How URM's Cyber Team approaches network enumeration
• How to use nmap to enumerate your own assets.

What are the Prerequisites for Attending?

• Connection to a network on which you can run the nmap tool
• An installed version of nmap or zenmap (nmap preferred), with administrative or root access to run it.

What is the Format of URM’s Cyber Training Course?

This is a technical training, aimed at those who want to be able to accurately and efficiently enumerate their network assets.  This will both assist with asset management, as well as allow for more efficient scoping of any security assessments.  The training will begin with an instructor-led presentation, before moving towards practical exercises which will build in complexity over the course of the training.

This is a half-day training course running from 9:30 am to 1:00 pm.

Why Train With URM?

• URM's Cyber Team enumerate assets for every organisation it assesses; as a result of this, it has developed a labour-efficient methodology for completely identifying networked assets for a given network
• We believe that the key differentiator between URM and other cyber training providers is the calibre of our trainers
• You will benefit from the fact that all URM’s trainers are practising consultants, who are highly experienced in working with organisations to strengthen their cyber security defences
• One area of particular expertise is conducting penetration testing, which, as URM is a CREST-accredited organisation, is performed using the most up-to-date techniques and strategies
• As such, our trainers are able to translate best practice theory into ‘real world’ practical applications.  URM’s trainers all adopt a facilitative approach, where the goal is to maximise knowledge and skills sharing across the group.

Who should attend this course?

• People responsible for maintaining assets registers
• Those who want to validate asset registers against network ‘ground truth’
• Anyone looking to be able to provide the best information for scoping network-based penetration tests (this will save you money!)
• Those looking to enhance their understanding of security assessment methodologies
• The curious!

‍