Reference no: EM13853440
1. This question must be answered in your own words. However, when you use the words of others in any answers, you must use quotation marks and attribute the source right there following APA style recommendations. Also be sure to cite references right there using APA style when you paraphrase the words of others.
2. This is an open-book. You may use any resources in addition to the textbook, such as other books, articles, and the Web. The questions require research beyond the text, lecture notes, and conferences.
3. Adequate answers for the entire examination should run approximately 9 double-spaced pages (3 pages per question) with one-inch margins and 12-point font.
4 . Answers will be evaluated on the following criteria: relevance and correctness of content, clarity and logical flow, spelling, grammar, and proper citations/bibliography.
Question 1 This question is on Vulnerability Analysis as discussed in INFA670 Session 4.
The vulnerability analysis, in practical terms, is to find what software and services are running in your enterprise, whether various systems and applications in your enterprise are properly patched, and whether they are configured correctly and, as the name indicates, what vulnerabilities exist in various infrastructure components and applications and the significance of the vulnerabilities discovered.
For this exercise, assume that you are a security officer for a large networked enterprise consisting of thousands of IP addresses (hosts, servers and devices) running thousands of services and applications on those machines.
Discuss in detail one vulnerability analysis tool that is suitable for this (deployment) environment.
Justify to your CTO or CIO why the tool you have selected is appropriate for this environment from the perspectives of: . Mapping: Determining what is running where .
Ability to identify versions and patches (or lack of them) of software.
Vulnerability Analysis (both false positive and false negative aspects should be considered).
Usability.
Performance (Is it taking a whole day to run? Or is it bringing down a system?) .
Cost You may consider one of the tools discussed in the Section 4 Discussion Forum such as SAINT (Security Administrator's Integrated Network Tool), beyondtrust Retina suite of products, and Tenable Network Security Nessus (and their derivatives).
You have the liberty to consider open source or free products such as OpenVAS.
You may also consider products not discussed in the class. (You may decide you need a suite of tools. That is fine too.) State your assumptions/restrictions about the tool clearly.
For example, the tool could not be employed beyond the firewall. Another example is the type of privilege the tool needs to have in order to be successful.
|
Find function for how much capital and labor firm
: A firm has a production function represented by: q=L^(.75)K^(.25) Find a function for how much capital and labor a firm should hire to produce a given level of production in terms of the price of labor, w, and the price capital, r. Suppose w=15 and r..
|
|
Expected revenue-expected variable costs and expected costs
: Suppose the hotel in the lecture example raised its price from $30 to $30.50. With the new price, the hotel expects 96 guests to arrive 5% of the time, 97 guests 10% of the time, 98 guests 20% of the time, 99 guests 30% of the time, 100 guests 25% of..
|
|
Solve for the amount of labour and capital in each industry
: Suppose that computers use two units of capital for each worker, so that KC = 2LC, while shoes use 0.5 units of capital for each worker, so that KS = 0.5LS. There are 100 workers and 100 units of capital in the economy. Solve for the amount of labour..
|
|
How the process of noise can reduce the value of promotions
: Explain how the process of noise can reduce the value of promotions within a busy and crowded marketplace.
|
|
Discuss in detail one vulnerability analysis tool
: Discuss in detail one vulnerability analysis tool that is suitable for this (deployment) environment - You have the liberty to consider open source or free products such as OpenVAS.
|
|
Maximum acceptable value of the standard deviation
: What is the maximum acceptable value of the standard deviation (σ) for Meena to be selected? The customer's spec limits are still 300 + or - 100 hours
|
|
What is the relationship between genes and chromosomes?
: What is the relationship between genes and chromosomes?
|
|
What was percentage change in per capita real gdp
: In 2016, a nation's population was 10 million, its real GDP was $1.21 billion, and its GDP deflator had a value of 121. By 2017, its population had increased to 12 million, its real GDP had risen to $1.5 billion, and its GDP deflator had a value of 1..
|
|
What condition is behavior irrational-consumer behavior
: You went out to dinner one night and observed one of your patients drinking heavily. The next day the patient is to check into the hospital for a pre-scheduled surgery. Your colleague found out about this and stated the patient’s behavior was irratio..
|