Vulnerability Management project

Assignment Help Basic Computer Science
Reference no: EM133162480

As part of your Vulnerability Management project last week, you analyzed a report on a Windows system within the company network vulnerable to the MS17-010 exploit. That report was created using OpenVAS, a free vulnerability scanner designed to run on Linux operating systems. Now that you've examined a vulnerability assessment report for a Windows machine, it's time to see what the same tool produces from a Linux system. OpenVAS was used to scan a Linux machine on the network running the company's database applications. This machine is using an older version of Linux because the company's database applications are not supported with the latest Linux shared libraries. This system contains critical data and cannot be taken offline.

Your analysis of these two reports should provide you with a good understanding of the OpenVAS tool and the reports you will encounter in the workplace. The report used for this discussion limits the scope to a single host to allow you to focus on the vulnerabilities you would encounter on a Linux machine in the workplace. You will also be able to compare/contrast the vulnerabilities across the two OS platforms.

Looking ahead to Project 2's VM Scanner Background Report, you will analyze the results from a commercial VM scanner. You'll be better prepared to assess the output from the two different vulnerability scanning tools and to form the basis of your recommendation to management.

Review Report of Linux Server (OLD) and answer the following questions in your response:

1. For this Linux system, what do you recommend fixing right away? Are there dangers if the vulnerabilities and associated threats are not fixed?

2. How do you fix the problem(s) identified? Can you defer mitigation for another time? How can the problem(s) be fixed if the system cannot be taken offline?

Judy is considering asking the pen tester to rescan the company systems using the commercial tool, Nessus. The organization has an evaluation version that can be used for 30 days. After that, the company will need to purchase the tool. The cost is significant.

3. Since some machines were already scanned with OpenVAS, should you also consider scanning the same systems with Nessus? Why or why not?

4. Conduct open source research using the internet. Roughly, what is the cost to license Nessus for one year?

Attachment:- Scan Report.rar

Reference no: EM133162480

Questions Cloud

Technical Skills and Non-Technical Skills : The capability statement should contain the following sections: Technical Skills, Non-Technical Skills, Work Ethic/Motivation
Appcelerator Titanium : What are some advantages to using Appcelerator Titanium? How is Appcelerator different from other mobile application developers?
Develop cross-platform native mobile applications : Titanium lets you develop cross-platform native mobile applications and build great mobile experiences using JavaScript.
Apply scanning techniques to perform internal scan : During this LabSim modules you learned how to apply scanning techniques to perform an internal scan, external scan using Zenmap and scan with Nmap Scripts.
Vulnerability Management project : For this Linux system, what do you recommend fixing right away? Are there dangers if the vulnerabilities and associated threats are not fixed?
Cybersecurity software : During job interviews, employers often ask if you are familiar with cybersecurity software.
Contingency plan : Discuss a CIRT plan, which is often used as a contingency plan for the KION Group. Discuss the relationship between a CIRT plan and risk management.
Topologies and OS vs NOS : Explain five major networking differences between Windows Server and any of the Linux editions and releases. Describe the topology?
Using E-mail Address to Determine Network Operating System : Based on this information, write a report explaining the relevance these items have. What recommendations, if any, might you give to Alexander Rocco management?

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Identifies the cost of computer

identifies the cost of computer components to configure a computer system (including all peripheral devices where needed) for use in one of the following four situations:

  Input devices

Compare how the gestures data is generated and represented for interpretation in each of the following input devices. In your comparison, consider the data formats (radio waves, electrical signal, sound, etc.), device drivers, operating systems suppo..

  Cores on computer systems

Assignment : Cores on Computer Systems:  Differentiate between multiprocessor systems and many-core systems in terms of power efficiency, cost benefit analysis, instructions processing efficiency, and packaging form factors.

  Prepare an annual budget in an excel spreadsheet

Prepare working solutions in Excel that will manage the annual budget

  Write a research paper in relation to a software design

Research paper in relation to a Software Design related topic

  Describe the forest, domain, ou, and trust configuration

Describe the forest, domain, OU, and trust configuration for Bluesky. Include a chart or diagram of the current configuration. Currently Bluesky has a single domain and default OU structure.

  Construct a truth table for the boolean expression

Construct a truth table for the Boolean expressions ABC + A'B'C' ABC + AB'C' + A'B'C' A(BC' + B'C)

  Evaluate the cost of materials

Evaluate the cost of materials

  The marie simulator

Depending on how comfortable you are with using the MARIE simulator after reading

  What is the main advantage of using master pages

What is the main advantage of using master pages. Explain the purpose and advantage of using styles.

  Describe the three fundamental models of distributed systems

Explain the two approaches to packet delivery by the network layer in Distributed Systems. Describe the three fundamental models of Distributed Systems

  Distinguish between caching and buffering

Distinguish between caching and buffering The failure model defines the ways in which failure may occur in order to provide an understanding of the effects of failure. Give one type of failure with a brief description of the failure

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd