Project #76819 - Vulnerability Assessment and System Hardening

A security professional should understand the vulnerabilities of a CIS before selecting and implementing effective countermeasures. The vulnerability report is an important tool for identifying, interpreting, and understanding the vulnerabilities.

Consider the following scenario: You are a new security administrator in the credit card division of a multinational bank. Your division deals with personally identifiable information of the bank's cardholders. To comply with regulations on personally identifiable information, you need to perform monthly network vulnerability scans. The previous security administrator ran frequent vulnerability scans, but had a hard time getting anyone to address the findings. You plan to develop a process for monthly scanning and remediation, including how to handle exceptions when the report shows a false positive or when the business needs more time to address an issue. You have a copy of the latest vulnerability report. Refer to the “Nessus Full Network Scan, Detailed Findings” web resource from the Learning Resources. The report lists server names, vulnerabilities, and the severity of these vulnerabilities. Each vulnerability has an associated Common Vulnerabilities and Exposures (CVE) number. Refer to the Common Vulnerabilities and Exposures website  which explains the vulnerabilities in depth.

For this Assignment, write a 4- to 6-page paper that summarizes your interpretations of the Nessus report and your recommendations to address the reported vulnerabilities. Cover the following points in your paper:

·         Follow the links for the vulnerabilities categorized as high and briefly explain what is involved in remediation of each.

·         Explain, based on your readings, why sometimes vulnerabilities need to be addressed by changes to the OS configuration (OS hardening) and why not every vulnerability can be quickly remediated with a patch or upgrade.

·         Outline a process for monthly vulnerability scanning, review, and remediation. Explain the significance of each step in this workflow.

 

http://static.tenable.com/reports/Full-Network-Scan-Details.html  (here is the link that address the first bullet)  ( this is also the link for latest vulnerabilities report)

 

http://cve.mitre.org/  (this is for the vulnerabilities in depth)

Subject Computer
Due By (Pacific Time) 07/19/2015 08:00 pm
Report DMCA
TutorRating
pallavi

Chat Now!

out of 1971 reviews
More..
amosmm

Chat Now!

out of 766 reviews
More..
PhyzKyd

Chat Now!

out of 1164 reviews
More..
rajdeep77

Chat Now!

out of 721 reviews
More..
sctys

Chat Now!

out of 1600 reviews
More..
sharadgreen

Chat Now!

out of 770 reviews
More..
topnotcher

Chat Now!

out of 766 reviews
More..
XXXIAO

Chat Now!

out of 680 reviews
More..
All Rights Reserved. Copyright by AceMyHW.com - Copyright Policy