Transcription of Tenable Scan Strategy Guide
1 TenableScanStrategyTenableProfessionalSe rvicesLastRevised:April19,2022 TableofContentsIntroduction3 NetworkAssessment4 NetworkTopology5 ScanTargetIdentification7 CustomerRequirements9 TenableResourceAllocation10 ScanningMethodology11 ActiveScanScheduleOptions12 ScanPolicyConfiguration13 HostDiscovery14 VulnerabilityScan16 ExternalVulnerabilityScan17 ComplianceChecks18 ScanPolicySettings19 RelatedDocuments22 Copyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrade-marksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, 2022 Tenable , , ,TenableNetwork Security,Nessus.
2 SecurityCenter,SecurityCenterContinuousV iewandLogCorrelationEngineareregisteredt rademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, recommendsdependsonseveralfactors:lNetwo rkTopologylScanTargetIdentificationlCust omerRequirementslTenableResourceAllocati onCopyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, (s) ,suchasaDMZ, , , (OT)( ,ICS/SCADA,orothersensitivenetworks) , ( )/ScanZones( )ExampleScannerGroups/ScanZones:Copyrigh t 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, <Site>or<DMZ>Zone(s) 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, ,suchasIPaddresses,ranges,subnets,DNSnam es, (Windows,Linux,macOS)lOStype,quantityofe ach,anduseofcredentials, (DB,vCenter,etc) (switch,router,firewall,etc).
3 LAddadditionalscannerslPoolscannersinaSc annerGroup/ScanZoneCopyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, , ,laptopslNessusAgentsscanslIfNessusAgent sarenotanoption,scantransientdevicesubne tswhenusersaremostlikelytobeonthenetwork , 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, ,HIPAA,NERCCIP, , , ,afterbusinesshours, , 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, , , , (maxnumberofcon-currentTCPsessionspersca n).
4 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, :Scheduledscanscanbesettoautomaticallyla unchdaily,weekly, : 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, :lHostDiscoverylVulnerabilityScanninglEx ternalVulnerabilityScanlComplianceChecks Copyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, ,youcanconfigurethepolicytomeetyourscann er shardwareresourcesforspeed,accuracy,andt horoughness.
5 LAdvanced>Performance> :100lPortScanning>NetworkPortScannerslSY NlForspeed, , > :ThePortScannerspluginfamilyisnotlistedi ntheinterface; (FQDN)GeneralCopyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, (SSH)Portscanners14272 NetstatPortscanner(WMI)Portscanners34220 NessusSNMPS cannerPortscanners34277 NessusUDPS cannerPortscannersCopyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, shardwareresourcesforspeed,accuracy.
6 LAdvanced>Performance> chunks :Scandurationisincreased, > <software> 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, (internet-facing)hosts,externalfirewalls orotherboundaryprotectiondevicesmayblock thescan , >PingtheRemoteHostlDisableAdditionalnota blepolicysettingchangesinclude:lPortScan ning>Ports>Portscanrangel1-65535(orall) ,youwilldiscovermorepublic-facingservers thanbeforeandbecausetheexternalvulnerabi lityscanpolicyisreasonablyquick, >EnableAllCopyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, ,seethefollowingdocuments.
7 LNessusUserGuidelNessusComplianceChecksR eferencelNessusComplianceChecksPDFC opyright 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, ' >PerformanceNetworktimeout(inseconds) 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, >PortsPortscanrangedefaultdefault1-65535 FullPortScanpolicywillscanallportsinstea doftheSCdefaultlistof4, >Gen- > >Pro-cessingShowmissingpatchesthatenable enableenableShowsallrel-evantpatchesCopy right 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable.
8 > > : 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable, 2022 Tenable , , ,TenableNetwork Security,Nessus,SecurityCenter,SecurityC enterContinuousViewandLogCorrelationEngi neareregisteredtrademarksofTenable, , ,Lumin,Indegy,Assure,andTheCyberExposure CompanyaretrademarksofTenable.
