User Account

All Pages

Describe and explain the vulnerability

Assignment Help Management Information Sys
Reference no: EM133437894

You have been recruited as a full-time security administrator/engineer. You are responsible for monitoring newly discovered vulnerabilities, and if they affect the organisation's IT systems it is also your responsibility to design and implement security measures to deal with the vulnerability if the vulnerable system/software cannot be upgraded or patched. For this project we assume a "new" vulnerability has been recently discovered for a system/software that is critical for the organisation and cannot be taken offline, upgraded, or replaced in the short-term, and no upgrade or patch will be available in the short-term.

The aim of this project is to put your skills to practical use. In this project you will identify and research a security vulnerability and then design and implement strategies for detecting the exploitation of the vulnerability and mitigating the vulnerability (while continuing to provide the affected service). You will document these in a report and implement them in a (virtual) test environment. You will demonstrate the effectiveness of your approach to other students in class. Your reports will contain details on the vulnerability, the setup and demonstration of the test environment as well as descriptions of the design and implementation of the detection and mitigation techniques developed.

The project has three phases: (1) topic proposal, (2) vulnerability description and proposed exploitation detection and mitigation techniques report and (3) vulnerability detection and mitigation demonstration and final report.

Help on phase (2); Vulnerability Detection and Mitigation Design on CVE-2021-40444
The activities that you will undertake are as follows:

1. Describe and explain the vulnerability with a reasonable high level of technical detail. A copy of a CVE report is not acceptable, and a superficial description will attract low marks. The description must include outcomes of the vulnerability, i.e. what it can be used for, what level of access it provides, and which systems are affected by the vulnerability.

2. Under the assumption that there is no short-term fix for the vulnerability, describe a method for detecting the actual exploitation of this vulnerability. This part should start with a more general explanation of the approach but must also provide a detailed technical design for it and explain how it can be implemented. Significant limitations must be discussed.

3. Under the assumption that there is no short-term fix for the vulnerability, describe a method for mitigating exploitation based on this vulnerability. This part should start with a more general explanation of the approach but must also provide a detailed technical design for it and explain how it can be implemented. Significant limitations must be discussed.

Your proposed approaches should be original solutions and not a copy of existing approaches/solutions, and originality will be used as one marking criterium. If your solution is based on any previous work, this previous work must be referenced.

Vulnerability detection and mitigation written report marking rubric:
a. Explanation of the vulnerability and how it is exploited.
b. Explanation and design of approach to detect exploitation of the vulnerability.
c. Explanation and design of approach to mitigate exploitation of the vulnerability.

Reference no: EM133437894

Questions Cloud

What do nutrition standards and food labels : What do nutrition standards and food labels mean to you? How difficult would it be for you to apply these standards in your daily life?
Identify one potential network threat to your business : Identify one potential network threat to your business and Discuss 1 significance of using OSI, TCP/IP, and SANS 20 Controls in network protection
Explain how you plan to determine the scope : Explain how you plan to determine the scope of a website project so that you can deliver a successful project to your customer. Explain your response
Discuss inherent legal challenges to these behaviors : Discuss the inherent legal challenges to these behaviors, which can essentially amount to practicing without a license.
Describe and explain the vulnerability : Describe and explain the vulnerability with a reasonable high level of technical detail. A copy of a CVE report is not acceptable, and a superficial description
Calculate the percentage of the team : Write a query that shows the players Total_bases_touched from question - calculate the percentage of the team's batting average divided by the players batting
Describe how organization builds community capacity : Describe how the organization builds community capacity. How do they build on the strengths/assets of the participants or community members?
Communicate the benefits of microservices architecture : Communicate the benefits of microservices architecture to a diverse stakeholder audience by addressing complex business needs and aligning strategies
Josh mental health formulation : How do you think the AOD Service might managed privacy and confidentiality in accessing Josh's Mental Health Formulation?

Reviews

Write a Review

Management Information Sys Questions & Answers

  Briefly introduce the company and the incident that occurred

Based on the nature of the event or disaster, did the organization have an environmental or social responsibility to its community? If not, explain.

  Identify what might be a personal or business asset

Identify what might be a personal or business asset.Identify the impact if the attack or threat was "actualized".

  Discuss the role of stakeholders in risk management

discuss the role of stakeholders in risk management

  Express your views on using this type of system

What privacy issues are involved? Express your views on using this type of system, make sure to include the potential benefits and risks.

  What strategies can you use to enhance your creativity

Evaluate yourself using the three indices of creativity. What strategies can you use to enhance your creativity?

  Discuss the advantages of creating web browser

Databases require both a physical and conceptual model. Compare these models. How do they differ?

  To demonstrate your ability to expand upon the project plan

Create a PowerPoint presentation that effectively communicates the knowledge you have gained during your research process.

  Research the topic of information systems infrastructure

Research at least two articles on the topic of Information systems infrastructure: evolution and trends.Write a brief synthesis and summary of the two articles.

  What is the smallest processing rate per hour

A business school is considering replacing its copy machine with a faster model.- What is the smallest processing rate per hour that can be considered?

  Discusses four types of perceptual distortions

Discusses four types of perceptual distortions: stereotyping, halo effects, selective perception, and projection. Define each of these types of perceptual.

  Awareness of your erp implementation plans

What are some of the effective tools you may use to reduce resistance to system change and increase awareness of your ERP implementation plans?

  Analyze the benefits of having a help desk in your proposal

Analyze the benefits of having a help desk in your proposal with the goal of getting approval to build the team. Required resources to support consumers.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd