User Account

All Pages

What are the top 5 vulnerabilities we should patch

Assignment Help Computer Engineering
Reference no: EM133626592

Project #1

As we have learned in CYBR-5000, the Nessus Vulnerability Scanner is one of the most common vulnerability scanners in the cybersecurity industry today. The free version of Nessus, called Nessus Essentials, has significant capabilities that will allow us to run vulnerability scans.

If you haven't already, students should first review the video below, register and download the tool, and then run it against a target of their choosing
Remember from previous projects to avoid sites like Google, Microsoft, etc. where many security features are in place. Instead, choose the site of a smaller local company for more interesting findings. Warning: Do not conduct these scans while on a corporate network. Many organizations (corporations, governments, universities, etc.) have intrusion detection systems that will notice these scans.
After conducting your scan, students should provide a 2-3 page executive analysis on their findings. Screen shots should be provided to document all steps/findings as an appendix that does not towards the page length.
At a minimum, students should answer the following questions:
What is your target and why? Since you are providing an executive report, who are you sending this to? Remember that executive reports should be higher level for management to digest. It is common place to have summaries/dashboards for executive reports instead of just narrative text. The language should also be advisory and not use technical jargon.
What are the top 5 vulnerabilities we should patch? Why? Include a table in the executive report that includes the CVE, Vulnerability name, and prioritize based on risk (1-5).
What should we do with the vulnerabilities that do not make it into the top 5?
Include anything else you think would be pertinent to your audience.

Project #2

To build upon the Wireshark analysis skills we've accomplished in CYBR-5000 and in Week 2 of this course, students are to apply both red side and blue side skills to this project.

For this project, students are to:

Execute a red side attack of your choosing on a vulnerable host.
From the blue team perspective, conduct a packet capture of this red side traffic.
As a blue teamer, conduct the analysis of this incident in the format below.
The target for deliverable #2 should be a non-production asset thus it would be different than what was used in deliverable #1
A typical analysis format is:
Incident # (you can make this up)
Artifact Listing (a quick listing of what you have coming into the incident review)
Actions Taken (what did you do in a narrative format)
Analysis (what you believe this to be and why)
Conclusion (what you are doing with the incident- e.g. Closing, Escalating, Reassigning, Leaving Open)
This analysis should be 3-5 pages at the technical level. Screen shots should be provided to document all steps/findings as an appendix that does not towards the page length. Students should also include a copy for their PCAP file.
As a reminder, students are to submit only one project document which includes all deliverables.

Reference no: EM133626592

Questions Cloud

What is used to provide authentication of the website : What is used to provide authentication of the website and can also be used to successfully authenticate keys used for data encryption?
What do you call the long, digital pattern sent by gps : What do you call the long, digital pattern sent by GPS satellites at a fixed interval?
Potential threat actor and tools used in this activity : Which data sources would provide the MOST relevant information for the analyst to investigate and identify the potential threat actor and tools used
Discuss whether or not organization has iso certification : From your research, discuss whether or not your organization has ISO 27001 certification. Outside of overall protection from cyber-attacks.
What are the top 5 vulnerabilities we should patch : What are the top 5 vulnerabilities we should patch? Why? Include a table in the executive report that includes the CVE, Vulnerability name, and prioritize based
Describe regulaton and elimination enema administraion : Describe Regulaton and elimination enema administraion NG tube insertion, measurements, medication administraiton stoma assessment constipation
How can you ensure these notifications do not appear : You are worried one of them might call the number and you will be exposed to ransomware. How can you ensure these notifications do not appear in the Toast
What skill is most important to address in her plan : Fiona is three years old, has a diagnosis of ASD, What skill is most important to address in her plan.
What should be the teams initial focus to enhance : What should be the teams initial focus to enhance awareness and protection against these email threats

Reviews

Write a Review

Computer Engineering Questions & Answers

  Mathematics in computing

Binary search tree, and postorder and preorder traversal Determine the shortest path in Graph

  Ict governance

ICT is defined as the term of Information and communication technologies, it is diverse set of technical tools and resources used by the government agencies to communicate and produce, circulate, store, and manage all information.

  Implementation of memory management

Assignment covers the following eight topics and explore the implementation of memory management, processes and threads.

  Realize business and organizational data storage

Realize business and organizational data storage and fast access times are much more important than they have ever been. Compare and contrast magnetic tapes, magnetic disks, optical discs

  What is the protocol overhead

What are the advantages of using a compiled language over an interpreted one? Under what circumstances would you select to use an interpreted language?

  Implementation of memory management

Paper describes about memory management. How memory is used in executing programs and its critical support for applications.

  Define open and closed loop control systems

Define open and closed loop cotrol systems.Explain difference between time varying and time invariant control system wth suitable example.

  Prepare a proposal to deploy windows server

Prepare a proposal to deploy Windows Server onto an existing network based on the provided scenario.

  Security policy document project

Analyze security requirements and develop a security policy

  Write a procedure that produces independent stack objects

Write a procedure (make-stack) that produces independent stack objects, using a message-passing style, e.g.

  Define a suitable functional unit

Define a suitable functional unit for a comparative study between two different types of paint.

  Calculate yield to maturity and bond prices

Calculate yield to maturity (YTM) and bond prices

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd