Cyber Security Question
Learning Goal: I’m working on a cyber security multi-part question and need an explanation and answer to help me learn.
CYB-300: Risk Management and Information Technology Security
I will provide the book link if needed.
IDENTIFY THREATS & VULNERABILITIES IN AN IT INFRASTRUCTURE USING NMAP AND NESSUS
One of the most important first steps to risk management and implementing a security strategy is to identify all resources and hosts within the IT infrastructure. Once you identify the workstations and servers, you must then find the threats and vulnerabilities found on these workstations and servers. Servers that support mission critical applications require security operations and management procedures to ensure C-I-A throughout. Servers that house customer privacy data or intellectual property require additional security controls to ensure the C-I-A of that data. This lab requires the students to identify threats and vulnerabilities found within the Workstation, LAN, and Systems/Applications Domains.
Upon successful completion of this assignment, you will be able to:
- Understand how risk from threats and software vulnerabilities impacts the seven domains of a typical IT infrastructure.
- Review a Zenmap GUI (Nmap) network discovery and Nessus vulnerability assessment scan report (hardcopy or softcopy).
- Identify hosts, operating systems, services, applications, and open ports on devices from the Zenmap GUI (Nmap) scan report.
- Identify critical, major, and minor software vulnerabilities from the Nessus vulnerability assessment scan report.
- Prioritize the identified critical, major, and minor software vulnerabilities.
- Verify the exploit potential of the identified software vulnerabilities by conducting a high-level risk impact by visiting the Common Vulnerabilities & Exposures (CVE) online listing of software vulnerabilities at http://cve.mitre.org/.
- Textbook: Managing Risk in Information Systems (Chapters 7-11)
- Review the rubric to make sure you understand the criteria for earning your grade.
- Consider the following questions regarding NMAP and Nessus for identifying threats and vulnerabilities in an IT infrastructure:
- What are the differences between Zenmap GUI (Nmap) and Nessus?
- Which scanning application is better for performing a network discovery reconnaissance probing of an IP network infrastructure?
- Which scanning application is better for performing a software vulnerability assessment with suggested remediation steps?
- While Nessus provides suggestions for remediation steps, what else does Nessus provide that can help you assess the risk impact of the identified software vulnerability?
- Are open ports necessarily a risk? Why or why not?
- When you identify a known software vulnerability, where can you go to assess the risk impact of the software vulnerability?
- If Nessus provides a pointer in the vulnerability assessment scan report to look up CVE-2009-3555 when using the CVE search listing, specify what this CVE is, what the potential exploits are, and assess the severity of the vulnerability.
- Explain how the CVE search listing can be a tool for security practitioners and a tool for hackers.
- What must an IT organization do to ensure that software updates and security patches are implemented timely?
- What would you define in a vulnerability management policy for an organization?
- After reading the scenario and explanation above, submit your response in a Microsoft Word document following APA Style. Your paper should be two pages in length, excluding the APA title and Reference pages. Cite any sources utilized in-text and in the References following APA style.