Running Head: WINDOWS AND LINUX 1
WINDOWS AND LINUX 12
Project 2: Operating Systems Vulnerabilities
Aisha Tate
UMUC
August 8, 2019
Hi Aisha
I know you submitted this report before the detailed self analysis you did last week. Please go through this checklist. First, work through the lab results, perform the necessary research and complete the SAR report. The PowerPoint presentation is the last item to be completed. Review this checklist and let me know if you have any questions before you start your work.
Thanks for your continued efforts.
Dr K
Student Name: Aisha Tate
Date:6-Sep-2019
This form provides the same classroom instructions in a checklist form to help students and professors quickly evaluate a submission
Project 2: Requires the Following THREE Pieces
Areas to Improve
1. Security Assessment Report (including relevant findings from Lab)
Revise
2. Non-Technical Presentation Slides (Narration Not Needed)
Revise
3. Lab Experience Report with Screenshots
Revise
1. Security Assessment Report
Defining the OS
Brief explanation of operating systems (OS) fundamentals and information systems architectures.
Meets expectations
1. Explain the user's role in an OS.
????
2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user.
Does not meet expectation
3. Describe the embedded OS.
More details needed
4. Describe how operating systems fit in the overall information systems architecture, of which cloud computing is an emerging, distributed computing network architecture.
More details needed
Include a brief definition of operating systems and information systems in your SAR.
Other outstanding information
Need to find better references/ more details – use tables or graphs
OS Vulnerabilities
1. Explain Windows vulnerabilities and Linux vulnerabilities.
???
2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices.
Research needed
3. Explain the motives and methods for intrusion of MS and Linux operating systems.
????
4. Explain the types of security management technologies such as intrusion detection and intrusion prevention systems.
5. Describe how and why different corporate and government systems are targets.
Does not meet requirements
6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections
Preparing for the Vulnerability Scan
1. Include a description of the methodology you proposed to assess the vulnerabilities of the operating systems.
Please review project instructionss
2. Provide an explanation and reasoning of how the methodology you propose, will determine the existence of those vulnerabilities in the organization’s OS.
3. Include a description of the applicable tools to be used, limitations, and analysis.
4. Provide an explanation and reasoning of how the applicable tools you propose will determine the existence of those vulnerabilities in the organization’s OS.
Hierarchy of management that covers different levels of management
Running Head WINDOWS AND LINUX 1WINDOWS AND LINUX12.docx
1. Running Head: WINDOWS AND LINUX 1
WINDOWS AND LINUX 12
Project 2: Operating Systems Vulnerabilities
Aisha Tate
UMUC
August 8, 2019
Hi Aisha
I know you submitted this report before the detailed self
analysis you did last week. Please go through this checklist.
First, work through the lab results, perform the necessary
research and complete the SAR report. The PowerPoint
presentation is the last item to be completed. Review this
checklist and let me know if you have any questions before you
start your work.
Thanks for your continued efforts.
Dr K
Student Name: Aisha Tate
Date:6-Sep-2019
This form provides the same classroom instructions in a
checklist form to help students and professors quickly evaluate
a submission
Project 2: Requires the Following THREE Pieces
2. Areas to Improve
1. Security Assessment Report (including relevant findings from
Lab)
Revise
2. Non-Technical Presentation Slides (Narration Not Needed)
Revise
3. Lab Experience Report with Screenshots
Revise
1. Security Assessment Report
Defining the OS
Brief explanation of operating systems (OS) fundamentals and
information systems architectures.
Meets expectations
1. Explain the user's role in an OS.
????
2. Explain the differences between kernel applications of the OS
and the applications installed by an organization or user.
Does not meet expectation
3. Describe the embedded OS.
More details needed
4. Describe how operating systems fit in the overall information
systems architecture, of which cloud computing is an emerging,
distributed computing network architecture.
More details needed
3. Include a brief definition of operating systems and information
systems in your SAR.
Other outstanding information
Need to find better references/ more details – use tables or
graphs
OS Vulnerabilities
1. Explain Windows vulnerabilities and Linux vulnerabilities.
???
2. Explain the Mac OS vulnerabilities, and vulnerabilities of
mobile devices.
Research needed
3. Explain the motives and methods for intrusion of MS and
Linux operating systems.
????
4. Explain the types of security management technologies such
as intrusion detection and intrusion prevention systems.
5. Describe how and why different corporate and government
systems are targets.
Does not meet requirements
6. Describe different types of intrusions such as SQL PL/SQL,
XML, and other injections
Preparing for the Vulnerability Scan
4. 1. Include a description of the methodology you proposed to
assess the vulnerabilities of the operating systems.
Please review project instructionss
2. Provide an explanation and reasoning of how the
methodology you propose, will determine the existence of those
vulnerabilities in the organization’s OS.
3. Include a description of the applicable tools to be used,
limitations, and analysis.
4. Provide an explanation and reasoning of how the applicable
tools you propose will determine the existence of those
vulnerabilities in the organization’s OS.
5. In your report, discuss the strength of passwords
5a. any Internet Information Services'
5b. administrative vulnerabilities,
5c. SQL server administrative vulnerabilities,
5d. Other security updates and
5e. Management of patches, as they relate to OS vulnerabilities.
5. Vulnerability Assessment Tools for OS and Applications (Lab)
Use the tools' built-in checks to complete the following for
Windows OS (e.g., using Microsoft Baseline Security Analyzer,
MBSA):
1. Determine if Windows administrative vulnerabilities are
present.
2. Determine if weak passwords are being used on Windows
accounts.
3. Report which security updates are required on each
individual system.
4. You noticed that the tool you used for Windows OS (i.e.,
MBSA) provides dynamic assessment of missing security
updates. MBSA provides dynamic assessment of missing
security updates. Scan one or more computers by domain, IP
address range, or other grouping.
5. Once complete, provide a detailed report and
recommendations on how to make your system a more secure
working environment. In this case, a tool such as MBSA will
create and store individual XML security reports for each
computer scanned and will display the reports in the graphical
user interface in HTML.
Please review and share observations in Lab report – Results
6. and recommendations in SAR
Utilize the OpenVAS tool to complete the following:
See note above
1. Determine if Linux vulnerabilities are present.
2. Determine if weak passwords are being used on Linux
systems.
3. Determine which security updates are required for the Linux
systems.
4.You noticed that the tool you used for Linux OS (i.e.,
OpenVAS) provides dynamic assessment of missing security
updates. MBSA provides dynamic assessment of missing
security updates. Scan one or more computers by domain, IP
address range, or other grouping.
5.Once complete, provide a detailed report and
recommendations on how to make your system a more secure
working environment
3. Presentation Slides
Title Slide
Use of Readable Fonts and Color
Meets requirements
7. Summarizes Findings and Recommendations at High Level
Update based on your revised SAR report
Summarizes Findings and Recommendations at High Level
Update based on your revised SAR report
Presentation Slides Feedback
4. Lab Experience Report
Summarizes the Lab Experience and Findings
Use a table to summarize key findings
Responds to the Questions
Does not meet requirements
Provides Screenshots of Key Results
Meets requirements
Lab Experience Report Feedback
Operating Systems
An operating system is a collection of software that manages
8. computer hardware resources and provides standard services for
computer programs. Operating systems are the essential
software that runs on computers. They manage the computer's
memory and processes as well as all the software and hardware
activities. It is the OS that allows communication with the
network without knowing how to speak the computer language.
An operating system must be able to manage system resources,
and these include CPU scheduling, Process management,
Memory management, Input/output device management, Storage
device management (hard disks, CD/DVD drives, etc.), File
System Management (Silberschatz, Gagne & Galvin, 2018).
Examples of operating systems include Windows OS, which is
the most widely used over 90% of the world's computer
systems. Another category of the operating system is the Mac
OS X, an operating system used for Macintosh computers such
as the Mac Book Pro laptop series. Although IBM PCs, which
are Windows and Mac Computers, are not directly compatible,
it’s possible to use virtualization t run one operating system on
an incompatible computer. UNIX is a command-line interface
OS developed for large machines and networks. Notably, Linux,
last generation of UNIX, is a free, open-source operating system
that most computers support (Silberschatz, Gagne & Galvin,
2018).
Lastly, most electronic devices use an operating system to
manage their physical components and enhance the development
of applications for use in such instruments. An embedded
(particular purpose) operating system is one that is correctly
configured for a specific operating system. Implicitly, the
operating systems are designed for specific tasks, and they
perform them efficiently. Embedded operating systems are also
called real-time operating system (RTOS). Examples of the
specific-purpose operating system include Apple iOS, Google
Android, Symbian, Blackberry, Palm, and Windows Mobile
operating systems used for personal digital assistants (PDAs)
and mobile phones.
Applications are types of software's that help a computer user to
9. perform specific tasks. Applications designed for desktops or
laptops are called desktop applications, while those designed for
mobile devices are called mobile apps (Silberschatz, Gagne &
Galvin, 2018). When a user opens an app, it runs inside the
operating system until it is closed. Often, a user runs more than
a single app, which is commonly known as multitasking.
Kernel refers to the core part in the operating system which
manages system resources. Notably, kernel acts as the bridge
between the application and hardware of the computer.
Therefore, kernel applications of the OS are applications that
relate to the management of the system resources and computer
hardware. On the other hand, user applications are applications
that the user (either organizations or individual) installs for
specific purposes (Silberschatz, Gagne & Galvin, 2018). For
instance, user applications include word processors, database
programs, web browsers, and communications platforms.
Lastly, information system refers to the software that helps
organize and analyze data. The fundamental purpose of the
information system is to convert raw data into useful
information for enhanced decision making in the organization.
The four major types of information systems are transaction
processing system (TPS), decision support system (DSS),
management information system (MIS), and executive support
system (ESS) (Silberschatz, Gagne & Galvin, 2018).
Cloud computing has changed how the MIS services providers
and their employees conduct business activities. Cloud
computing refers to the practice of using networks of remote
servers hosted on the internet to store, manage, and process data
into useful information for optimal decision making. Notably, a
cloud operating system manages the operation, execution, and
processes of virtual machines, servers, and infrastructures as
well as backend software and hardware resources. Implicitly, a
cloud operating system is used to enhance information systems
agility in an organization and eradicate the need for local
servers and personal computers.
10. Vulnerabilities and intrusions
Windows Vulnerabilities
Blue Keep is a vulnerability that exists in various versions of
Windows Operating system, including both the 32-bit and 64-bit
versions and service packs. The versions include Windows
2000, Windows Vista, Windows XP, Windows 7, Windows
Server 2003, Windows Server 2003 R2, Windows Server 2008,
and Windows Server 2008 R2 (Jajodia, 2010).
Blue Keep exists within the Remote Desktop Protocol (RDP) in
the above versions of Ms. Windows's operating systems.
Attackers can exploit BlueKeep to perform remote code
execution on any system that is not protected. This can happen
when the attacker sends specially crafted packets to one of the
Operating System that has RDP enabled within it. Some of the
activities that attacker may perform are adding accounts with
full user rights; viewing, changing, and deleting data, and
installing programs. The Cybersecurity and Infrastructure
Security Agency encourage users and administrators to review
security guidelines and install available measures as soon as
possible (Jajodia, 2010).????? Additional research/Information?
Linux Vulnerabilities
One of the most common vulnerability is CVE-2017-18017,
Linux Kernel Netfilter: xt_TCPMSS,which sits on the Linux
kernel and helps filter network communication by defining the
maximum segment size that permits TCP headers. When an
attacker exploits this vulnerability, they send communications
floods and throw the system offline in denial of service attack.
Another vulnerability is CVE-2017-18202, which lies in the
mm/oom_kill.c file. This file is useful in killing a process when
memory is low. Vulnerability versions of the file can lead to
mishandling of operations as well as opening doors for denial of
service (DoS) attacks.
(Just two vulnerabilities? Please research this topic)
Mac OS and Mobile Device Vulnerabilities
First, Denial of Service (DoS) vulnerability exists within the
11. Apple or Android operating systems. The underlying purpose of
this attack is to make software resources unavailable for the
tasks it has been designed. DoS vulnerabilities are highest in
iOS than in Android operating systems. (Jajodia, 2010)
Secondly, a bypass something vulnerability makes a given
mobile device vulnerable to a third party evading protection
layer established by the user or the administrator. Both Apple
and Android are focused on limiting the vulnerabilities that
allow hackers to bypass the security process (breach security
protocol) (Jajodia, 2010).????
Furthermore, code execution is a type of security flaw which
allows hackers to bypass authentication and run any code. It can
be triggered remotely and can be used in various scenarios.
Consequently, the attack can happen without the knowledge of
the user.
Data theft is another vulnerability of Mac OS and Mobile
devices. Recently, the security firm. F-Secure unveiled
dangerous firmware exploit that affected almost all Mac and
Windows devices. This vulnerability could lead to data theft,
and even left Macs with FileVault turned on susceptible
(Jajodia, 2010).
Lastly, memory corruption vulnerability is a programming error
in the operating system, which makes the memory of the device
susceptible to hacker's exploitation. The weakness lies in the
memory location of the invention. An attack occurs when the
code is modified, violating the safety of the information stored
in the memory (Jajodia, 2010).
Microsoft and Linus OS intrusion
Intrusion, by definition, is to comprise an operating system by
breaching the security of such system. The act of intruding or
slightly gaining unauthorized access to the OS leaves traces that
can be detected by the intrusion detection system. Intruders use
various methods to gain access to operating systems by
breaching security. One of them is physically breaking through
and robbing away the operating systems from the owner.
Physical intrusion is frequent when the OS is installed in a
12. device that can easily be stolen (Munson & Elbaum, 2004).????
Asymmetric routing is another method of intruding the
operating system. The attackers utilize more than a single route
to the target device consisting of the desired OS. The idea of
this method is to have an overall attack evade detection by
bypassing specific security codes. Any OS devices that are not
set up for asymmetric routing are impervious to this kind of
intrusion.
Additionally, buffer overflow attack is an approach which
overwrites specific sections of memory and replaces standard
data with commands which, when executed attacks the operating
system. In other words, it's "a popular class of attacks
strategically overburdens that buffer, so the data "overflows"
into other parts of the memory" (Newman, 2019). Often, the
goal for this intrusion is to initiate a denial of service (DoS)
situation. Although, averting an overflow may sound simple, the
practice itself has proven to be a daunting task to achieve,
hence the continuous appearance of the buffer overflow attacks.
This problem recurs due to there being no generic mechanism in
use across languages in use what can perfectly specify such
capacity (Piromsopa & Enbody, 2011)????
Security awareness technologies and system attack targets????
What does this graphic mean?
The intrusion detection system ranges from antivirus to
hierarchical models which checks the traffic of the network.
This can be best described as a network intrusion detection
systems and host-based detection systems. The system is critical
as it helps in the analysis of the traffic that enters the market.
The IDS is classified as signature-based and anomaly-based
detection. A section of the intrusion detection system can detect
intrusions (Wilson & Hash, 2003).
The intrusion prevention system is a network to prevention
technology that determines the traffic, detects and prevents
vulnerability issues. The exploits come in the form of uncertain
applications that are objective to attackers and use it to
13. punctuate or acquire control of a device. When the exploit has
been successful, the attacker can disable the target application
or can obtain potential access to the rights of the target
applications (Munson & Elbaum, 2004).
Corporate and government systems are the one that faces
significant threats (Baccass et al., 2011). This can be attributed
to their notable high level of information that is of interest to
several people, notably politicians, rival companies, countries,
and groups. Additionally, this information is of high value, and
when they are sold to interested parties, they can fetch high
levels of income.
Types of Intrusions
An SQL injection is an explosion where the attacker can include
the SQL code to the Webform input to acquire access to the
resources. It is linked to an attack where the end-user enters a
system and places special characters and used to corrupt data.
XML injection is an attack that is applied to control or harm the
logic XML application. The infusion can undertake alteration of
logic. It can lead to the placing of harmful content. The SMTP
injection attacks the mail server in a way that would be made
possible without the use of the internet (Munson & Elbaum,
2004).
Vulnerability Results
The following vulnerabilities were identified during the lab:
· There are several Windows administrative vulnerabilities on
the host scanned.
· The following administrative vulnerabilities were found:
· Developer tools, runtimes, and redistributables are missing
security updates
· There were multiple Linux vulnerabilities detected
· Weak encryption and ciphers
· Accounts have passwords with no expiration
· Accounts have blank or weak passwords
· Multiple administrators on a computer
Vulnerability Scanning and Security Assessment Report
Considering the organization utilizes several advanced
14. technological systems, the majority of the security processes
and strategies can't guarantee that the system is protected from
attack. However, the routers help secure the gateway to the
internet while firewalls secure the network. This is dependent
on the abilities of the staff, the ability to patch as well as
keeping vigilance on the web. Notable from the company
systems, the networks are not well protected from risks that may
arise????. This can be attributed to poor security and inadequate
data protection from the third party. The passwords used are
weak and irregular system updates. The Linux OS was not found
to comprise of any dangers when it came to the virus. However,
there is a need to consider reliable password protection against
the third party.
The Microsoft Baseline Security Analyzer can scan several
computer software. This is effective because it saves time.
Those that have a green check are stated to be secure. It is also
a useful security feature in that it makes sure that the IE and IIS
server is set in the best way. The system is easy to run and
offers stable security features. It is the best way to keep
Microsoft windows features updated. Its essential asset is the
capacity to go above the OS to ferret gaps in several
applications. The OpenVas is the mode of analysis of several
services and tools by giving information on the level of
vulnerability (Baccass et al., 2011). Similar to the MBSA, it is a
system that is easy and reliable for the users.
MBSA is the best tool for system analysis and threat detection
(Wilson & Hash, 2003). The system, though with notable
challenges, has proved to be effective. It allows frequent
security updates as well as focusing on several machines at a go
hence saving time. Notably, risks, as noted from the paper, arise
from inferior password protection methods, unlimited access to
sensitive data in the company, and failing to update system
security mechanisms. This can be resolved by keeping the
systems up to date, restricting access to sensitive data, and use
of strong passwords as well as the use of antivirus. Eventually,
it will help in managing the threats in the company.
15. Operating systems are the center and nerve system of which
businesses and applications process run off. The role that
operating systems take on is to control hardware resources
within a computer system and are vulnerable to attacks in which
there is missing improper security controls and user account
controls. Due to the popularity of the Windows operating
system, it is the most susceptible to attacks in business and
home users. The vulnerability scans are only one way of
reducing attacks on a system, and vulnerability assessments
require discovery, planning an attack, and reporting to mitigate
risk. By utilizing free tools such as Microsoft Baseline Security
Analyzer and Open VAS, such vulnerabilities can be identified
early on, and remediation can take place.
(Table of key observations, analysis and recommendations?)
References
Baccass, P. et al. (2011). OS X Exploits and Defense: Own
it...Just like Windows or Linux! New York: Syngress.
Jajodia, S., (2010). Cyber Situational Awareness Issues and
Research (pp. 139-154). Springer, Boston, MA.
Munson, J. C., & Elbaum, S. G. (2004). U.S. Patent No.
6,681,331. Washington, DC: U.S. Patent and Trademark Office.
Newman, L. H. (2019, May 14). How Hackers Broke WhatsApp
With Just a Phone Call. Retrieved from
https://www.wired.com/story/whatsapp-hack-phone-call-voip-
buffer-overflow/
Piromsopa, K., & Enbody, R. J. (2011). Survey of Protections
from Buffer-Overflow Attacks. Engineering Journal, 15(2), 31–
52. doi: 10.4186/ej.2011.15.2.31
Silberschatz, A., Gagne, G., & Galvin, P. B. (2018). Operating
system concepts. Wiley.
Wilson, M., & Hash, J. (2003). Building an information
16. technology security awareness and training program. NIST
Special publication, 800(50), 1-39.
PSYC 354
Discussion Board Forum Instructions
You are required to create a thread in response to the provided
prompt for each forum. Each thread must be at least 300 words
and demonstrate course-related knowledge. In addition to the
thread, you must reply to 2 other classmates’ threads. Each
reply must be at least 150 words.
The Post First feature has been activated in the Discussion
Board Forums for this course. You will need to post your thread
before you will be able to view and reply to other students’
threads.
Submit each thread by 11:59 p.m. (ET) on Friday of the
assigned module/week. Submit your replies by 11:59 p.m. (ET)
on Monday of the same module/week.
Criteria
Levels of Achievement
Content
70%
Advanced 90-100%
Proficient 70-89%
Developing 1-69%
Not present
Thread: Content
16 to 18 points
17. The initial thread meets or exceeds content requirements:
The thread is in the form of a professional letter, and all key
components of the Discussion Board Forum prompt are
answered in the thread.
Major points are supported by all of the following:
· Thread communicates refusal to participate in data
manipulation
· Pertinent examples (conceptual and/or personal), including
possible consequences of data manipulation;
· Thoughtful analysis (considering assumptions, analyzing
implications);
· References both APA and ASA ethical guidelines in current
APA format; and
· Integration of at least 1 Biblical scripture and its application
in context.
The thread is at least 300 words.
13 to 15 points
The initial thread meets most of the content requirements:
The thread is in the form of a professional letter, and all key
components of the Discussion Board Forum prompt are
answered in the thread.
Major points are supported by all of the following:
· Thread communicates refusal to participate in data
manipulation
· Pertinent examples (conceptual and/or personal), including
possible consequences of data manipulation;
· Thoughtful analysis (considering assumptions, analyzing
implications);
· References both APA and ASA ethical guidelines in current
APA format; and
· Integration of at least 1 Biblical scripture and its application
in context.
The thread is at least 300 words.
1 to 12 points
18. The initial thread meets some of the content requirements:
The thread is in the form of a professional letter, and all key
components of the Discussion Board Forum prompt are
answered in the thread.
Major points are supported by all of the following:
· Thread communicates refusal to participate in data
manipulation
· Pertinent examples (conceptual and/or personal), including
possible consequences of data manipulation;
· Thoughtful analysis (considering assumptions, analyzing
implications);
· References both APA and ASA ethical guidelines in current
APA format; and
· Integration of at least 1 Biblical scripture and its application
in context.
The thread is at least 300 words.
0 points
Not present
Structure 30%
Advanced 90-100%
Proficient 70-89%
Developing 1-69%
Not present
Thread: Grammar and Spelling, APA formatting
(30%)
8 points
The initial thread meets or exceeds structure requirements:
Proper spelling and grammar are used.
6 to 7 points
The initial meets most of the requirements:
Proper spelling and grammar are used.
1 to 5 points
The initial thread meets some of the structure requirements:
Proper spelling and grammar are used.
0 points
Not present
19. Criteria
Levels of Achievement
Content
70%
Advanced 90-100%
Proficient 70-89%
Developing 1-69%
Not present
Reply 1: Content
4 points
First reply meets or exceeds content requirements:
Contribution made to discussion with each reply (2) expounding
on the thread; and replies are in the form of supervisor
feedback.
Includes two or more suggestions for improvement on the
original thread (letter), AND includes two or more instances of
positive feedback related to the topic.
Reply is at least 150 words.
3 points
First reply meets most of the content requirements:
Contribution made to discussion with each reply (2) expounding
on the thread; and replies are in the form of supervisor
feedback.
Includes two or more suggestions for improvement on the
original thread (letter), AND includes two or more instances of
positive feedback related to the topic.
Reply is at least 150 words.
1 to 2 points
First reply meets some of the content requirements:
Contribution made to discussion with each reply (2) expounding
on the thread; and replies are in the form of supervisor
feedback.
20. Includes two or more suggestions for improvement on the
original thread (letter), AND includes two or more instances of
positive feedback related to the topic.
Reply is at least 150 words.
0 points
Not present
Structure 30%
Advanced 90-100%
Proficient 70-89%
Developing 1-69%
Not present
Reply 1: Grammar and Spelling, APA formatting
(30%)
3 points
First reply meets or exceeds structure requirements:
Proper spelling and grammar are used.
2 points
First reply meets most of the requirements:
Proper spelling and grammar are used.
1 point
First reply meets some of the structure requirements:
Proper spelling and grammar are used.
0 points
Not present
Criteria
Levels of Achievement
Content
70%
Advanced 90-100%
Proficient 70-89%
Developing 1-69%
Not present
Reply 2: Content
4 points
21. Second reply meets or exceeds content requirements:
Contribution made to discussion with each reply (2) expounding
on the thread; and replies are in the form of supervisor
feedback.
Includes two or more suggestions for improvement on the
original thread (letter), AND includes two or more instances of
positive feedback related to the topic.
Reply is at least 150 words.
3 points
Second reply meets most of the content requirements:
Contribution made to discussion with each reply (2) expounding
on the thread; and replies are in the form of supervisor
feedback.
Includes two or more suggestions for improvement on the
original thread (letter), AND includes two or more instances of
positive feedback related to the topic.
Reply is at least 150 words.
1 to 2 points
Second reply meets some of the content requirements:
Contribution made to discussion with each reply (2) expounding
on the thread; and replies are in the form of supervisor
feedback.
Includes two or more suggestions for improvement on the
original thread (letter), AND includes two or more instances of
positive feedback related to the topic.
Reply is at least 150 words.
0 points
Not present
Structure 30%
Advanced 90-100%
Proficient 70-89%
Developing 1-69%
Not present
Reply 2: Grammar and Spelling, APA formatting
(30%)
3 points
22. Second reply meets or exceeds structure requirements:
Proper spelling and grammar are used.
2 points
Second reply most of the requirements:
Proper spelling and grammar are used.
1 point
Second reply meets some of the structure requirements:
Proper spelling and grammar are used.
0 points
Not present
Project 2: OPERATING SYSTEM VULNERABILITY LAB
Microsoft (MS), Baseline Security Analyzer (MBSA), and the
Open Vulnerability Assessment System (OpenVAS) operating
system (OS) vulnerability (OSV) scanning tools were required
to conduct Lab 2. This Lab required the security manager (Sec
Mgr) and system administrator (Sys Admin) to use the MBSA
and OpenVAS tools to scan for OS vulnerabilities across the
company’s network for Windows (Microsoft Office) and
LINUX. Screenshots provided displays the process of using
both of these tools. While using the tools during this lab, the
Security Manager and the System Administrator noted that the
MBSA tools were more simplified to use and provided a more
detailed list of findings and remediation steps for all types of
Microsoft Office (MO) vulnerabilities. It also concluded, that
the OpenVAS tool was much more difficult to use due to it
requiring the user to have a decent knowledge or understanding
of the Linux operating system and commands. Although, the
operation was more challenging, the OpenVAS tool provided a
more comprehensive list of common vulnerabilities and
exposure findings that encompassed all vulnerabilities. This
detailed list also includes hyperlinks that explained remediation
instructions for the system administrator to use. The Microsoft
23. Baseline Security Analyzer (MBSA) scan of the network
granted the Security Manager and the System Administrator
with a list of vulnerabilities. In addition to the notation that the
Windows Firewall was disabled without proper authorization.
This led to incorrect auditing configurations, Sequel (SQL)
Server and Microsoft Server Desktop Engine (MSDE) not being
installed, the Internet Information System (IIS) not running on
the system, and none of the Microsoft Office products on the
system were supported. The OpenVAS scan of the network
allowed for the System Administrator and the Security Manager
to find numerous encryption vulnerabilities, program errors, and
other vulnerabilities. A security scan of the network also
determined that more than half of all of the system
vulnerabilities were classified as High or Medium. This would
mean that these were serious threats to be monitored. The
System Administrator and the Security Manager will need to
work harmoniously in order to correct the vulnerabilities
identified during the OpenVAS and MBSA scans. Both the
System Administrator and the Security Manager will need to
complete of all scans in order to discuss the different
vulnerabilities and discuss remediation procedures. Once this
has taken place, both will require the discussion of and provide
a list of the vulnerabilities by priority (High to Low) in regards
to threat level.