User Account

All Pages

Describe and explain the vulnerability

Assignment Help Management Information Sys
Reference no: EM133437894

You have been recruited as a full-time security administrator/engineer. You are responsible for monitoring newly discovered vulnerabilities, and if they affect the organisation's IT systems it is also your responsibility to design and implement security measures to deal with the vulnerability if the vulnerable system/software cannot be upgraded or patched. For this project we assume a "new" vulnerability has been recently discovered for a system/software that is critical for the organisation and cannot be taken offline, upgraded, or replaced in the short-term, and no upgrade or patch will be available in the short-term.

The aim of this project is to put your skills to practical use. In this project you will identify and research a security vulnerability and then design and implement strategies for detecting the exploitation of the vulnerability and mitigating the vulnerability (while continuing to provide the affected service). You will document these in a report and implement them in a (virtual) test environment. You will demonstrate the effectiveness of your approach to other students in class. Your reports will contain details on the vulnerability, the setup and demonstration of the test environment as well as descriptions of the design and implementation of the detection and mitigation techniques developed.

The project has three phases: (1) topic proposal, (2) vulnerability description and proposed exploitation detection and mitigation techniques report and (3) vulnerability detection and mitigation demonstration and final report.

Help on phase (2); Vulnerability Detection and Mitigation Design on CVE-2021-40444
The activities that you will undertake are as follows:

1. Describe and explain the vulnerability with a reasonable high level of technical detail. A copy of a CVE report is not acceptable, and a superficial description will attract low marks. The description must include outcomes of the vulnerability, i.e. what it can be used for, what level of access it provides, and which systems are affected by the vulnerability.

2. Under the assumption that there is no short-term fix for the vulnerability, describe a method for detecting the actual exploitation of this vulnerability. This part should start with a more general explanation of the approach but must also provide a detailed technical design for it and explain how it can be implemented. Significant limitations must be discussed.

3. Under the assumption that there is no short-term fix for the vulnerability, describe a method for mitigating exploitation based on this vulnerability. This part should start with a more general explanation of the approach but must also provide a detailed technical design for it and explain how it can be implemented. Significant limitations must be discussed.

Your proposed approaches should be original solutions and not a copy of existing approaches/solutions, and originality will be used as one marking criterium. If your solution is based on any previous work, this previous work must be referenced.

Vulnerability detection and mitigation written report marking rubric:
a. Explanation of the vulnerability and how it is exploited.
b. Explanation and design of approach to detect exploitation of the vulnerability.
c. Explanation and design of approach to mitigate exploitation of the vulnerability.

Reference no: EM133437894

Questions Cloud

What do nutrition standards and food labels : What do nutrition standards and food labels mean to you? How difficult would it be for you to apply these standards in your daily life?
Identify one potential network threat to your business : Identify one potential network threat to your business and Discuss 1 significance of using OSI, TCP/IP, and SANS 20 Controls in network protection
Explain how you plan to determine the scope : Explain how you plan to determine the scope of a website project so that you can deliver a successful project to your customer. Explain your response
Discuss inherent legal challenges to these behaviors : Discuss the inherent legal challenges to these behaviors, which can essentially amount to practicing without a license.
Describe and explain the vulnerability : Describe and explain the vulnerability with a reasonable high level of technical detail. A copy of a CVE report is not acceptable, and a superficial description
Calculate the percentage of the team : Write a query that shows the players Total_bases_touched from question - calculate the percentage of the team's batting average divided by the players batting
Describe how organization builds community capacity : Describe how the organization builds community capacity. How do they build on the strengths/assets of the participants or community members?
Communicate the benefits of microservices architecture : Communicate the benefits of microservices architecture to a diverse stakeholder audience by addressing complex business needs and aligning strategies
Josh mental health formulation : How do you think the AOD Service might managed privacy and confidentiality in accessing Josh's Mental Health Formulation?

Reviews

Write a Review

Management Information Sys Questions & Answers

  Information technology and the changing fabric

Illustrations of concepts from organizational structure, organizational power and politics and organizational culture.

  Case study: software-as-a-service goes mainstream

Explain the questions based on case study. case study - salesforce.com: software-as-a-service goes mainstream

  Research proposal on cloud computing

The usage and influence of outsourcing and cloud computing on Management Information Systems is the proposed topic of the research project.

  Host an e-commerce site for a small start-up company

This paper will help develop internet skills in commercial services for hosting an e-commerce site for a small start-up company.

  How are internet technologies affecting the structure

How are Internet technologies affecting the structure and work roles of modern organizations?

  Segregation of duties in the personal computing environment

Why is inadequate segregation of duties a problem in the personal computing environment?

  Social media strategy implementation and evaluation

Social media strategy implementation and evaluation

  Problems in the personal computing environment

What is the basic purpose behind segregation of duties a problem in the personal computing environment?

  Role of it/is in an organisation

Prepare a presentation on Information Systems and Organizational changes

  Perky pies

Information systems to adequately manage supply both up and down stream.

  Mark the equilibrium price and quantity

The demand schedule for computer chips.

  Visit and analyze the company-specific web-site

Visit and analyze the Company-specific web-site with respect to E-Commerce issues

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd