Is the vulnerable system internet connected

Assignment Help Computer Engineering

Reference no: EM133337686

Based on the CVE-2022-1040 and description of scenario below. Answer the following question; see BOTH diagrams below, Network diagram and (Risk Vulnerability Response Model). The Network diagram is the set up for scenario.

Question 1. a) Triage the vulnerabilities according to their potential impacts on the organization.

Question 1. b) Rank the vulnerabilities according to the relative risk they pose on the organization. Be sure to provide a detailed explanation to justify your answer. Many vulnerabilities found are high severity there are other factors to consider which have not been provided. Is the vulnerable system internet connected? what is likelihood of exploitation etc? Security Architecture is more about strategic thinking, planning and analysis and less about tactical reactive solutions. (SEE DIAGRAM #2 BELOW)

2. The Edge Router has the following vulnerability: CVE-2022-1040

a. The affected unit is a Sophos Firewall XGS 6500 running firmware version 18.5 MR1

b. The WAN interfaces are connected upstream to two different ISP's via 1Gbps Fiber Optic.

c. Downstream from the router there are a series of managed switches for each of the network segments (DMZ, Enterprise Users, Enterprise Services, and ICS).

d. There are Firewall rules allowing certain services and ports to traverse the Edge Router in either a North/South aka WAN/LAN direction or in an EAST/WEST aka LAN/LAN direction.

e. There is an IPS built into the Sophos Firewall XGS 6500. However, the Network Engineer who configured it is no longer with the organization and its status and configuration is unknown.

Reference no: EM133337686

Questions Cloud

How does our perspective on the world change : ENG 105 Grand Canyon University How does our perspective on the world change when we give to God's kingdom through time, talent, treasure, and talent?

Compare and contrast any two of the certifications : Compare and contrast any two (2) of the certifications, standards, frameworks or laws identified Be specific in your assessment by ensuring you include

Project manager is not versed in the above areas : ITM 5200 Webster University Project Manager is not versed in the above areas? Have you faced any challenges while working on a project, could you share a few

What one thing in your business or professional life : What do you need to change to have more time for Quadrant II (prevention and preparation) - What one thing in your business or professional life would bring

Is the vulnerable system internet connected : Is the vulnerable system internet connected? what is likelihood of exploitation etc? Security Architecture is more about strategic thinking, planning

Design of an ethernet network that connects : CIS 505 Strayer University Show me a screenshot a visual for your design of an Ethernet network that connects a single client PC to a single server and label

Compare potential impacts of not having any infosec : CS 305 Pacific Islands University Compare potential impacts of not having any InfoSec Policy versus having an InfoSec Policy that is not aligned

Identify and discuss the options available to ceo : MGT 111 Montgomery County Community College Identify and discuss the options available to CEO's in deploying cash. How does this support Lazonic's argument?

Discuss the importance of fostering an organization culture : Bureaucracy is an enemy of technological innovation: discuss the importance of fostering an organization culture that value's innovation.

User Account

All Pages