The Cybersecurity Class
GENERAL PLAN
The final project is based on the following system scenario from ABC Company:
ABC Company is in manufacturing and produces specialty widgets. Many years of research and development have gone into the creation of these widgets and only ABC Company produces them. ABC has a website where they take orders for these widgets. A database for orders and customer payment information is housed on a shared server, which also runs the Intranet. Employees are occasionally allowed to work from home, as ABC Company is small and the skillset for employees is very specific. The company wants to keep their employees happy. ABC Company has one system administrator who maintains the network.
INSTRUCTIONS
Based on the ABC Company system scenario, your final project must contain a summary of all critical, high, and medium findings; a recommendation for remediation of those findings; and any suggestions for improvement to the network layout for the organization. This assignment requires a 3- to 5-page Risk Assessment Report (template provided) in APA format, along with an additional references page. See below for details.
A vulnerability scan, based on a Nessus scan, is part of this assignment (results provided). Note: Actual hostnames and IP addresses were removed from this scan for security purposes. However, in a “real” scan result, this information would be included. Analyze the results of the scan to identify the critical, high, and medium findings relevant to the scope of your assessment. Keep in mind what would be the most important assets for ABC Company.
After identifying relevant findings from the vulnerability scan in step 1, analyze the network diagram for ABC Company (below) and provide recommendations to ABC Company on how to improve their security posture.
Complete a risk assessment using the risk assessment report template to include the following:
Complete all applicable sections, as explained in the instructions portion of the template.
Identify assets and threats in Sections 1.3 and 1.4 of the template.
Identify vulnerabilities in the network design and vulnerabilities in the scan results in Section 1.5 of the template.
Complete a risk analysis in Section 1.6 of the template.
Provide recommendations in Section 2 of the template including:
Corrective actions and estimated timetables for fixes
Estimated residual risk to ABC Company
A future plan (rescan on a specific periodic basis, re-run risk assessments annually, etc.).
Submit the final project (risk assessment report) to your mentor for grading. Consult the Course Calendar for due dates.
This assignment corresponds to or addresses the following Cybersecurity Program outcomes for the bachelor of science degree:
Students assess and apply cybersecurity principles, tools, and methods to defend information systems against cyber threats. [BSCS1 1]
Students apply cybersecurity design best practices and technologies to prevent and mitigate cyberattacks and vulnerabilities. [BSCS1 2]
Students design, implement, and administer networks in a secure manner by integrating network defense technologies, monitoring tools, and measures. [BSCS1 3]
Your work on this assignment should reflect your ability to:
Describe how the fundamental concepts of cyber defense can be used to provide system security. (Concepts of cyber defense)
Describe cyber defense tools, methods, and components. (Cyber defense tools, methods, and components)
Examine the architecture of a particular system and identify significant vulnerabilities, risks, and points at which specific security technologies/methods should be employed. (System architecture)
Show usage of a network monitoring tool. (Uses of network monitoring tools)
Describe concepts of network defense. (Concepts of network defense)
Cybersecurity Class
Name
CYB 120 Introduction to Cybersecurity
Instructor
Date
1 A vulnerability scan based on Nessus scan
Nessus is used for vulnerability, configuration and compatibility assessments and this helps to protect against network attacks by identifying vulnerabilities and configuration problems that hackers use to penetrate the network. The risk of Elasticsearch application running on the remote web server is affected by information disclosure vulnerability is medium, but the risk is low for the remote host, which supports the use of anonymous SSL ciphers. There are high risks in the Windows system and Microsoft Bulletins namely: “At least one Windows service executable with insecure permissions was detected on the remote host”. “The remote Windows host is missing security update 4048961 or 4048958” and “The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 9 Update 1, 8 Update 151, 7 Update 161, or 6 Update 171”.
2: Network diagram for ABC Company
Security-specific devices such as the firewall, IDS, IPS and SIEM are important to improve security and thwart intrusions. Intrusion detection systems (IDS) are used to monitor network traffic and detect malicious activity including attacks attempts or threats that may compromise the security and performance of the network system. The IDS is used to inspect port activities on machines, firewall and system to detect vulnerabilities to break-in (Easttom, 2016). The Intrusion Prevention System (IPS) monitors a network and unusual activities, while the Security Information and Event Management (SIEM) protects the environment, provides extra security where the events and log are correlated.
Section 3 Risk assessment report template
1.3 Asset Identification
ABC Company assets consist of:
Type
(System, Data, Network)
Description
Value
Cv (High, Medium, Low)
System
Oracle Java SE Multiple Vulnerabilities (October 2017 CPU) (Unix)
The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 9 Update 1, 8 Update 151, 7 Update 161, or 6 Update 171. It is, therefore, affected by multiple vulnerabilities
High
System
Insecure Windows Service Permissions
At least one Windows service executable with insecure permissions was detected on the remote host. Services configured to use an executable with weak permissions are vulnerable to privilege escalation attacks.An unprivileged user could modify or overwrite the executable with arbitrary code, which would be executed the next time the service is started. Depending on the user that the service runs as, this could result in privilege escalation.This plugin checks if any of the following groups have permissions to modify executable files that are started by Windows services : - Everyone - Users - Domain Users - Authenticated Users
High
Oracle Java SE Multiple Vulnerabilities (October 2017 CPU)
The remote Windows host contains a programming platform that is affected by multiple vulnerabilities.
The version of Oracle (formerly Sun) Java SE or Java for Business...
π Other Visitors are Viewing These APA Essay Samples:
- How Can Digital Forensic Tools Provide A Benefit In Risk Management1 page/β275 words | 4 Sources | APA | IT & Computer Science | Essay |
- Data Encryption: Load Management as a part of Cybersecurity1 page/β275 words | 4 Sources | APA | IT & Computer Science | Essay |
- Module 3 Case IT Project Roles, Responsibilities, and Staffing4 pages/β1100 words | 5 Sources | APA | IT & Computer Science | Essay |
- ITM535 MOD4 Discussion / Evaluation of Data Mining1 page/β275 words | 2 Sources | APA | IT & Computer Science | Essay |
- 7-1 Discussion: Advantages and Drawbacks of VPNs1 page/β275 words | No Sources | APA | IT & Computer Science | Essay |
- Target Data Breach: Cybercriminals3 pages/β825 words | 1 Source | APA | IT & Computer Science | Essay |
- ITM535 MOD2: Compare Business Intelligence And Knowledge Management1 page/β275 words | 1 Source | APA | IT & Computer Science | Essay |