Transcription of Tenable Scan Strategy Guide
1 TenableScanStrategyTenableProfessionalSe rvicesLastRevised:April19,2022 TableofContentsIntroduction3 NetworkAssessment4 NetworkTopology5 ScanTargetIdentification7 CustomerRequirements9 TenableResourceAllocation10 ScanningMethodology11 ActiveScanScheduleOptions12 ScanPolicyConfiguration13 HostDiscovery14 VulnerabilityScan16 ExternalVulnerabilityScan17 ComplianceChecks18 ScanPolicySettings19 RelatedDocuments22 Copyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrade-marksofTenable, , ,Lumin,Indegy.
2 Assure,andTheCyberExposureCompanyaretrad emarksofTenable, 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, recommendsdependsonseveralfactors:lNetwo rkTopologylScanTargetIdentificationlCust omerRequirementslTenableResourceAllocati onCopyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, (s) ,suchasaDMZ, , , (OT)( ,ICS/SCADA,orothersensitivenetworks) , ( )/ScanZones( )ExampleScannerGroups/ScanZones.
3 Copyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, <Site>or<DMZ>Zone(s) 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, ,suchasIPaddresses,ranges,subnets,DNSnam es, (Windows,Linux,macOS)lOStype,quantityofe ach,anduseofcredentials, (DB,vCenter,etc) (switch,router,firewall,etc).
4 LAddadditionalscannerslPoolscannersinaSc annerGroup/ScanZoneCopyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, , ,laptopslNessusAgentsscanslIfNessusAgent sarenotanoption,scantransientdevicesubne tswhenusersaremostlikelytobeonthenetwork , 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, ,HIPAA,NERCCIP, , , ,afterbusinesshours, , 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, , , , (maxnumberofcon-currentTCPsessionspersca n).
5 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, :Scheduledscanscanbesettoautomaticallyla unchdaily,weekly, : 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable.
6 LHostDiscoverylVulnerabilityScanninglExt ernalVulnerabilityScanlComplianceChecksC opyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, ,youcanconfigurethepolicytomeetyourscann er shardwareresourcesforspeed,accuracy,andt horoughness, :lAdvanced>Performance> :100lPortScanning>NetworkPortScannerslSY NlForspeed, , > :ThePortScannerspluginfamilyisnotlistedi ntheinterface.
7 (FQDN)GeneralCopyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, (SSH)Portscanners14272 NetstatPortscanner(WMI)Portscanners34220 NessusSNMPS cannerPortscanners34277 NessusUDPS cannerPortscannersCopyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, shardwareresourcesforspeed,accuracy, :lAdvanced>Performance> chunks.
8 Scandurationisincreased, > <software> 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, (internet-facing)hosts,externalfirewalls orotherboundaryprotectiondevicesmayblock thescan , >PingtheRemoteHostlDisableAdditionalnota blepolicysettingchangesinclude:lPortScan ning>Ports>Portscanrangel1-65535(orall) ,youwilldiscovermorepublic-facingservers thanbeforeandbecausetheexternalvulnerabi lityscanpolicyisreasonablyquick, >EnableAllCopyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, ,seethefollowingdocuments.
9 LNessusUserGuidelNessusComplianceChecksR eferencelNessusComplianceChecksPDFC opyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, ' >PerformanceNetworktimeout(inseconds) 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, >PortsPortscanrangedefaultdefault1-65535 FullPortScanpolicywillscanallportsinstea doftheSCdefaultlistof4, >Gen- > >Pro-cessingShowmissingpatchesthatenable enableenableShowsallrel-evantpatchesCopy right 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter.
10 SecurityCenterContinuousViewandLogCorrel ationEngineareregisteredtrademarksofTena ble, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, > > : 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable.
