Identify vulnerabilities for the assets

Assignment Help Other Subject

Reference no: EM132989866

Assessment - Practical and Written Assessment, Individual assignment (2000 words).

Purpose: The purpose of this assignment is to assess the students' understanding on identifying the risks, vulnerabilities and awareness of current industry and research trends in the field of information security. Students need to exercise operational, analytical, and critical skills to reduce the potential security risks involved in the given case study. Analyse and evaluate the organizational adoption of security controls. Design solutions for concrete security problems for distributed applications. This assessment contributes to learning outcomes a, b, c, d.

Reference sources must be cited in the text of the report and listed appropriately at the end in a reference list using Harvard Anglia referencing style. (More than 5 references)

Assessment topic: Port scanning, Security Planning

Task details: This Assignment requires you to perform a scan on the network, prepare a Risk Mitigation report and configure some of the firewall settings using Kali Linux to secure the network and the distributed applications.

The assignment requires 1 tool as listed below to complete the criteria of this assignment:

Use Nmap - a vulnerability scanning protocol in Kali Linux- Prepare a short Risk Mitigation plan to identify the threats for the assets.

Case Study for the Assignment: An educational institute suffers from very low information security in terms of maturity across many elements of infosec and information assurance, including cyber resilience and application of cybersecurity good practice. Data breaches could have the institute puts its reputation at risk, and students expect a high level of protection of their data. It is highly recommended that there is a need to impose a certain level of filtering for the network to be secure so as to sustain from threats and attacks. To add restrictions on a particular network it is necessary to identify the possible threats to the organization. For example, it is necessary to identify the important services that run on the network. In order to get this done, there is a need to perform scanning on the network to identify the services and ports of the applications. Furthermore, the firewall needs to be configured by adding rules to block and allow the services based on the requirements of the organization and the security perspectives of the network.

Part A: With respect to the given study, you need to:

- Run TCP scan will scan for TCP port like port 22, 21, 23, 445 and ensure for listening port (open) through 3-way handshake connection between the source and destination port. Analyse the ports' status.

- Run UDP Scan where it is sending a UDP packet to every destination port; it is a connectionless protocol.

Note: Use your computer or gateway IP address in Nmap commands!

Part B: The institute had no dedicated security team and therefore till now no security policy is in place. Recently, the governing body of this business forms a security team and makes following two goals that they would like to achieve in six months -

Assessing the current risk of the entire organization Treat the Risk as much as possible

Task I: Risk Identification

In achieving the above two goals, you will do the followings -

Find at least five assets Find at least two threats against each asset Identify vulnerabilities for the assets

Task II: Risk Assessment At the end of the risk identification process, you should have i) a prioritized list of assets and ii) a prioritized list of threats facing those assets and iii) Vulnerabilities of assets. At this point, create Threats Vulnerabilities-Assets (TVA) worksheet. Also, calculate the risk rating of each of the five triplets out of 25.

TASK III: Risk Treatment In terms of Risk Treatment, for each of the five identified risk, state what basic strategy you will take. Justify for each decision. Also, Advise all possible protection mechanism and corresponding place of application.

Attachment:- Assessment - cyber_secruity.rar

Reference no: EM132989866

Questions Cloud

Explain role in the performance review process : As an employee in an organization, explain your role in the performance review process and give a reason why a positive working relationship must be maintained

Develop appropriate charts for the variables : The BKB bank receives several applications for home loan and home improvement loan. The KYC document captures data that is available in the file BKB.xls

Developing a business mind set : Please add notes about how you relate in your daily life with Chapter 1 (Developing a Business Mind Set). This Journal is intended to be a reflective activity

What is the best effective way to track : What is the best effective way to track if the strategies are being effectively used and giving the desired outcome as per individual or organization plan

Identify vulnerabilities for the assets : Perform a scan on the network, prepare a Risk Mitigation report and configure some of the firewall settings using Kali Linux to secure the network

Involvement in the selection of strategies : How would a company board's increased involvement in the selection of strategies affect a firm's strategic competitiveness?

Discuss the types of international business orientations : Global company is a company that 'attempts to have a worldwide presence in its market, standardizes operations worldwide in one or more of the firm's functional

New collaboration that sprinkles magical : Apart from the conventional B2B buyer-supplier relationships, co-branded, strategic collaborations are more and more common.

Assessing accounts of personal resilience : Assessing Accounts of Personal Resilience. You are to read and critically analyse the personal published accounts of a response to an emergency situation from t

User Account

All Pages