User Account

All Pages

Perform a nessus basic network

Assignment Help Software Engineering
Reference no: EM132189270

LAB: PATCH AND SECURE INSTRUCTIONS

1. Use the lab virtual environment for this assignment where specific instructions for tasks and deliverables are located. After completing the lab, write a lab report that includes all of the required deliverables, screen shots of each operation, and any additional information you gathered.

2. You are also required to include at least one page of written content with a minimum of 2 referenced citations that discusses your findings from each of the lab operations. This can include reasons why the findings are important, actions the organization can take to solve any discovered problems, and any other pertinent information you discovered. This content can be included anywhere in your lab report as long as you meet the one page requirement.

3. Your report must also include Biblical integration that relates a Bible verse, passage, or concept to the assignment. This will count as one of your required citations.

4. APA style references must be included for each citation used.

5. Extra credit sections are not required but, if you complete them, earned points will be used to offset missed sections in the other parts of the lab.

You can use any tools available to you on the lab system as well as internet resources, but keep the focus on securing the system from future attacks.

Client: Liberty Vacation Planning Inc. (LVP)

Project: Patch and Secure

1. Project Objectives

With this Statement of Work, LVP is engaging you to conduct systems hardening and patching to address previously identified vulnerabilities that could be abused by malicious users to adversely affect the LVP network environment. The system hardening and patching should fix any critical or high vulnerabilities, and a single medium vulnerability related to SMB null sessions. Also, network file share permissions should be strengthened. Create a series of screenshots to document your progress.

The objectives of this assessment are as follows:

– Install Microsoft updates on the Windows machine at 10.100.0.2.
– Change the password for the user named tomcat with the manager-gui role on 10.100.0.2.
– Remove the Everyone group from the liberty_travel share on 10.100.0.2.
– Enable the Local Security Policy named Network access: restrict anonymous access to named pipes and shares on 10.100.0.2 to disable the SMB null sessions.
– Perform a Nessus Basic Network scan against 10.100.0.2 to confirm that the vulnerabilities addressed by the fixes applied in this SOW do not reappear.

Note: the objective of this Statement of Work is to repair (not exploit) the vulnerabilities.

2. Project scope

The scope of the patch and secure project is as follows:

– The network server with IP address 10.100.0.2.

Note: Any items not listed here are considered out of scope for this project; the addition of out of scope items to the project scope will not be made without prior approval and authorization from LVP and will be handled through change requests or as separate SOWs.

3. Project deliverables

The deliverable(s) for this project are as follows:

a. Proof of the installation of Microsoft updates

This proof will be provided in the following manner:

– A screenshot showing the installation window for each of the three Microsoft updates found on the win7machine-00001 desktop.
– A brief explanation of which flaw previously identified by the Nessus scan will be addressed by each of the three update files.

b. Proof of a unique password for the tomcat user account

This proof will be provided in the following manner:

– A screenshot showing the password for the tomcat user account with the manager-gui role has been changed in the user's file.

c. Proof of hardened network file share permissions

This proof will be provided in the following manner:

– A screenshot showing the Share Permissions tab for the liberty_travel share.

d. Proof of SMB null sessions are disabled

This proof will be provided in the following manner:

– A screenshot showing the new setting for the local security policy named Network access: restrict anonymous access to named pipes and shares

4. Access to system

You will have access to the win7machine-00001 (10.100.0.2) in order to make the changes required by this SOW.

We also have dedicated a Kali Linux machine on our internal network (Kali_Student_681) that has the Nessus vulnerability scanner installed. You may access Nessus using the Iceweasel browser and the account credentials in the following table.

Use the user account provided in the following table to access our network:

System Name

User Name

Password

CSCI_681_Student

root

student

Nessus

student

student

win7machine-00001 (10.100.0.2)

liberty

student

5. Project schedule

All services outlined under the project scope will be completed within two weeks of receiving this statement of Work.

Note: any changes to project objectives or project scope will be handles through change requests or separate SOWs.

6. Authorization

This Statement of Work will serve as written authorization for this assessment activity.

Verified Expert

In this assignment we have studied different objective for network security. In this assignment i have done nessus scan and analysis flaws for the update file.Here I have installed windows update and I have also made setting for the shared permission. Here we have also make enable setting for restricted access for pipes and share

Reference no: EM132189270

Questions Cloud

What is the likelihood of each plaintiff success against ben : Discuss the claims of each of these plaintiffs. What is the likelihood of each plaintiff’s success against Ben?
What are the benefits of data warehouses : Why are organizations moving toward implementation of data warehouses? What are the benefits of data warehouses?
Analysis of the case - Mondelez International : Create a 4-page analysis of the case. Case - Mondelez International: Has Corporate Restructuring Produced Shareholder Value?
Organizational culture inventory in business : What is Mark Cuban's organizational culture inventory in his business? Provide reference
Perform a nessus basic network : CSCI 681 - Perform a Nessus Basic Network scan against 10.100.0.2 to confirm that the vulnerabilities addressed by the fixes applied
Identify solutions to the possible pitfalls for the strategy : Identify solutions to the possible pitfalls for the strategy. Identify and evaluate the ethical dilemmas associated with GEH's expansion of its operations.
Assessing preparedness and response effectiveness : What is the major approach used by managers in assessing preparedness and response effectiveness.
Freedom in broad sense requires abolishing inheritance : Discuss and explain Haslett’s argument that the commitment to equal opportunity and freedom in the broad sense requires abolishing inheritance
Discuss who the end users of this system will be : Explain how upon collection of the data, the RFI will be written (how will you determine what criteria will be included in the RFI), include what is an RFI.

Reviews

Write a Review

Software Engineering Questions & Answers

  Compute degree centrality of an undirected graph

Compute the degree centrality- closeness centrality of nodes in the graph - write a program in your preferred programming language to compute degree centrality of an undirected graph.

  Journey beyond hells gate

This text based game was created to further our knowledge of java, sql and the software development cycle as well as to satisfy the requirements - The game functions will be controlled through a graphical user interface which will consist of a com..

  Program calculate the total resistance in a circuit

A simple program is needed to compute the total resistance in a circuit. The resistors can either be in series or in parallel but not both.

  Example of an ebusiness on the internet

Discuss some example of an eBusiness on the Internet (WWW). Give a link to that business and a one-paragraph summary as to its focus.

  Components affect requirements-design-implementation phases

Must RMO consider using purchased components within new CSS? If so, When, must it begin looking for components? How will the decision to use components affect requirements, design and implementation phases?

  Describe the symbols used in constructing e r diagrams

What is an E-R diagram?- Describe the symbols used in constructing E-R diagrams.- What is a table of entities and activities?

  What is meant by software development method

What is meant by software development method? What are models and meta models? What do you meant by static and dynamic modeling?

  Analyse a web site from the web engineering point of view

SIT725 Software Engineering Assignment - To investigate and analyse a web site from the Web engineering point of view

  How do you find and install good quality applications

how do you find and install good quality applications software? consider your own preferred approach while discussing

  Describe the 7 step sdlc

Describe the 7 Step SDLC and Describe the 4 Step SDLC

  How accessible the source code is to the general public

Some other notable differences between open source and commercial software are how accessible the source code is to the general public

  Discuss Does it still work on today's phone system

Find articles on phone phreaking and look up a device called "the blue box." What does this device do? Does it still work on today's phone system

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd