User Account

All Pages

What are the top 5 vulnerabilities we should patch

Assignment Help Computer Engineering
Reference no: EM133626592

Project #1

As we have learned in CYBR-5000, the Nessus Vulnerability Scanner is one of the most common vulnerability scanners in the cybersecurity industry today. The free version of Nessus, called Nessus Essentials, has significant capabilities that will allow us to run vulnerability scans.

If you haven't already, students should first review the video below, register and download the tool, and then run it against a target of their choosing
Remember from previous projects to avoid sites like Google, Microsoft, etc. where many security features are in place. Instead, choose the site of a smaller local company for more interesting findings. Warning: Do not conduct these scans while on a corporate network. Many organizations (corporations, governments, universities, etc.) have intrusion detection systems that will notice these scans.
After conducting your scan, students should provide a 2-3 page executive analysis on their findings. Screen shots should be provided to document all steps/findings as an appendix that does not towards the page length.
At a minimum, students should answer the following questions:
What is your target and why? Since you are providing an executive report, who are you sending this to? Remember that executive reports should be higher level for management to digest. It is common place to have summaries/dashboards for executive reports instead of just narrative text. The language should also be advisory and not use technical jargon.
What are the top 5 vulnerabilities we should patch? Why? Include a table in the executive report that includes the CVE, Vulnerability name, and prioritize based on risk (1-5).
What should we do with the vulnerabilities that do not make it into the top 5?
Include anything else you think would be pertinent to your audience.

Project #2

To build upon the Wireshark analysis skills we've accomplished in CYBR-5000 and in Week 2 of this course, students are to apply both red side and blue side skills to this project.

For this project, students are to:

Execute a red side attack of your choosing on a vulnerable host.
From the blue team perspective, conduct a packet capture of this red side traffic.
As a blue teamer, conduct the analysis of this incident in the format below.
The target for deliverable #2 should be a non-production asset thus it would be different than what was used in deliverable #1
A typical analysis format is:
Incident # (you can make this up)
Artifact Listing (a quick listing of what you have coming into the incident review)
Actions Taken (what did you do in a narrative format)
Analysis (what you believe this to be and why)
Conclusion (what you are doing with the incident- e.g. Closing, Escalating, Reassigning, Leaving Open)
This analysis should be 3-5 pages at the technical level. Screen shots should be provided to document all steps/findings as an appendix that does not towards the page length. Students should also include a copy for their PCAP file.
As a reminder, students are to submit only one project document which includes all deliverables.

Reference no: EM133626592

Questions Cloud

What is used to provide authentication of the website : What is used to provide authentication of the website and can also be used to successfully authenticate keys used for data encryption?
What do you call the long, digital pattern sent by gps : What do you call the long, digital pattern sent by GPS satellites at a fixed interval?
Potential threat actor and tools used in this activity : Which data sources would provide the MOST relevant information for the analyst to investigate and identify the potential threat actor and tools used
Discuss whether or not organization has iso certification : From your research, discuss whether or not your organization has ISO 27001 certification. Outside of overall protection from cyber-attacks.
What are the top 5 vulnerabilities we should patch : What are the top 5 vulnerabilities we should patch? Why? Include a table in the executive report that includes the CVE, Vulnerability name, and prioritize based
Describe regulaton and elimination enema administraion : Describe Regulaton and elimination enema administraion NG tube insertion, measurements, medication administraiton stoma assessment constipation
How can you ensure these notifications do not appear : You are worried one of them might call the number and you will be exposed to ransomware. How can you ensure these notifications do not appear in the Toast
What skill is most important to address in her plan : Fiona is three years old, has a diagnosis of ASD, What skill is most important to address in her plan.
What should be the teams initial focus to enhance : What should be the teams initial focus to enhance awareness and protection against these email threats

Reviews

Write a Review

Computer Engineering Questions & Answers

  Identify the drawbacks for using cloud computing in your bcp

Identify the drawbacks for using cloud computing in your BCP. Identify an area that you initially struggled in and describe how you overcame it.

  Why internet systems developer might choose one technology

Businesses and organizations are focusing on developing Internet systems to provide value to their customers and staff. There are many software.

  What is the delay in this case

Consider a multicomputer in which the network interface is in user mode, so only three copies are needed from source RAM to destination RAM.

  Pre-defined bandwidth of product derivatives

Vehicle architecture is used to make compatible what elements of vehicle design for a pre-defined bandwidth of product derivatives

  Create a communications plan for the project

You are a member of the Human Resources Department of a medium-sized organization that is implementing a new inter-organizational system that will impact.

  Develop a linear optimization model

Develop a linear optimization model to determine how many of each type of unit the developer should build.

  What is cryptography and what is ceaser-cipher

What is Cryptography? What is Ceaser-cipher? What are the changes you have to make in according to "Algorithm 1: ceaser-cypher encryptor for lower-case"

  What are the features of the application

Continue your work with your team on the features of the application by identifying ethical challenges and specifying the type of data the feature uses.

  Find the code that needs to change and capture the current

find the code that needs to change and capture the current behavior with tests. At least one of these tests must fail, thus demonstrating that you found

  Encode the binary image

Encode the binary image shown in Figure below using the modified modified READ scheme.

  What are the purposes of the feasibility analysis

What are the purposes of the system request and the feasibility analysis? How are they used in the project selection process?

  How would you solve the massive slow insertion

After 1 year of launch, ride sharing increased a lot resulting in a lot of insertion requests to the database. Consider there is no room to further increase.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd