ICT security in tax administration : Rapid7 Nexpose vulnerability analysis

• Autorzy: Muliński Tomasz

Identyfikatory

DOI

10.34739/si.2020.24.03

• Języki publikacji: EN

Abstrakty

EN

The article focuses on the subject of IT security in tax administration. This study presents the research on the security level of endpoints, servers, printing devices, network switches and other ICT devices using the Rapid Nexpose vulnerability scanner. We discuss the specifics of security research in public administration resulting from the laws in force in these institutions.

Słowa kluczowe

EN

ICT security; vulnerability scanning tool; tax administration; Rapid7 Nexpose; computer network; vulnerability tests

• Wydawca: Wydawnictwo Uniwersytetu Przyrodniczo-Humanistycznego w Siedlcach
• Czasopismo: Studia Informatica : systems and information technology
• Rocznik: 2020
• Tom: Vol. 1-2(24)
• Strony: 36--50
• Opis fizyczny: Bibliogr. 18 poz., rys., tab., wykr.

Twórcy

autor

Muliński Tomasz

• Chamber of Tax Administration in Lublin, ul. Tadeusza Szeligowskiego 24, 20-883 Lublin, Poland

Bibliografia

• 1. Act of 17 February 2005 on computerization of the activities of entities performing public tasks, Journal of Laws 2005, no. 64, item 565, with changes.
• 2. Act of 10 May 2018 on the protection of personal data, Journal of Laws 2018, item 1000, with changes.
• 3. Act of 5 July 2018 on the national cybersecurity system, Journal of Laws 2018, item 1560, with changes.
• 4. Adobe Flash Player EOL General Information Page, Adobe, https://www.adobe.com/pl/products/flashplayer/end-of-life.html, Accessed 20 Dec. 2020.
• 5. Advance Security With Us, Rapid7, https://www.rapid7.com/, Accessed 20 Dec. 2020.
• 6. Announcement of the Prime Minister of 9 November 2017 on the announcement of the consolidated text of the Regulation of the Council of Ministers on the National Interoperability Framework, minimum requirements for public registers and electronic information exchange, and minimum requirements for ICT systems, Journal of Laws 2017, Item 2247.
• 7. Baloch R., Ethical Hacking and Penetration Testing Guide. CRC Press, Boca Raton, 2015.
• 8. Barczak A., Sydoruk T, Barrier to computerization of management systems - Myths or reality?, Studia Informatica Systems and information technology, no 1-2(15) , UPH, Siedlce, 2011.
• 9. Certified Ethical Hacker, Altkom Akademia, https://www.altkomakademia.pl/szkolenia/certified-ethical-hacker-11/, Accessed 20 Dec. 2020.
• 10. Certified Ethical Hacker CEH, EC-Council, https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/. Accessed 20 Dec. 2020.
• 11. Graves K., CEH – Certified Ethical Hacker – Study Guide. Wiley Publishing Inc, Indianapolis, 2010.
• 12. Rapid7 Nexpose Product brief, Rapid7, https://www.rapid7.com/globalassets/_pdfs/product-and-service-briefs/rapid7-nexpose-product-brief.pdf, Accessed 20 Dec. 2020.
• 13. Regulation of the Prime Minister of 20 July 2011 on the basic requirements for ICT security, Journal of Laws 2011, no. 159, item 948.
• 14. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), Official Journal of the European Union L 119/1.
• 15. Suski Z., Reconnaissance passive in penetration tests, Teleinformatics Review vol. 3, 2017.
• 16. The Act of June 6, 1997, Penal Code, Journal of Laws 1997, no. 88, item 553, with changes.
• 17. Warmiński A., Aspects of functioning of public administration, Doctrina. Socio-political Studies, vol. 8, no 8 (2011), UPH, Siedlce, 2011.
• 18. Whitaker A., Newman D.P., Penetration Testing and Network Defense, Cisco Press, Indianapolis, 2006.