Cyber Security Question

Learning Goal: I’m working on a cyber security multi-part question and need an explanation and answer to help me learn.

CYB-300: Risk Management and Information Technology Security

I will provide the book link if needed.

Getting Started


One of the most important first steps to risk management and implementing a security strategy is to identify all resources and hosts within the IT infrastructure. Once you identify the workstations and servers, you must then find the threats and vulnerabilities found on these workstations and servers. Servers that support mission critical applications require security operations and management procedures to ensure C-I-A throughout. Servers that house customer privacy data or intellectual property require additional security controls to ensure the C-I-A of that data. This lab requires the students to identify threats and vulnerabilities found within the Workstation, LAN, and Systems/Applications Domains.

Upon successful completion of this assignment, you will be able to:

  • Understand how risk from threats and software vulnerabilities impacts the seven domains of a typical IT infrastructure.
  • Review a Zenmap GUI (Nmap) network discovery and Nessus vulnerability assessment scan report (hardcopy or softcopy).
  • Identify hosts, operating systems, services, applications, and open ports on devices from the Zenmap GUI (Nmap) scan report.
  • Identify critical, major, and minor software vulnerabilities from the Nessus vulnerability assessment scan report.
  • Prioritize the identified critical, major, and minor software vulnerabilities.
  • Verify the exploit potential of the identified software vulnerabilities by conducting a high-level risk impact by visiting the Common Vulnerabilities & Exposures (CVE) online listing of software vulnerabilities at


  • Textbook: Managing Risk in Information Systems (Chapters 7-11)


  1. Review the rubric to make sure you understand the criteria for earning your grade.
  2. Consider the following questions regarding NMAP and Nessus for identifying threats and vulnerabilities in an IT infrastructure:
    1. What are the differences between Zenmap GUI (Nmap) and Nessus?
    2. Which scanning application is better for performing a network discovery reconnaissance probing of an IP network infrastructure?
    3. Which scanning application is better for performing a software vulnerability assessment with suggested remediation steps?
    4. While Nessus provides suggestions for remediation steps, what else does Nessus provide that can help you assess the risk impact of the identified software vulnerability?
    5. Are open ports necessarily a risk? Why or why not?
    6. When you identify a known software vulnerability, where can you go to assess the risk impact of the software vulnerability?
    7. If Nessus provides a pointer in the vulnerability assessment scan report to look up CVE-2009-3555 when using the CVE search listing, specify what this CVE is, what the potential exploits are, and assess the severity of the vulnerability.
    8. Explain how the CVE search listing can be a tool for security practitioners and a tool for hackers.
    9. What must an IT organization do to ensure that software updates and security patches are implemented timely?
    10. What would you define in a vulnerability management policy for an organization?
  3. After reading the scenario and explanation above, submit your response in a Microsoft Word document following APA Style. Your paper should be two pages in length, excluding the APA title and Reference pages. Cite any sources utilized in-text and in the References following APA style.
Calculate your order
Pages (275 words)
Standard price: $0.00
Client Reviews
Our Guarantees
100% Confidentiality
Information about customers is confidential and never disclosed to third parties.
Original Writing
We complete all papers from scratch. You can get a plagiarism report.
Timely Delivery
No missed deadlines – 97% of assignments are completed in time.
Money Back
If you're confident that a writer didn't follow your order details, ask for a refund.

Calculate the price of your order

You will get a personal manager and a discount.
We'll send you the first draft for approval by at
Total price:
Power up Your Academic Success with the
Team of Professionals. We’ve Got Your Back.
Power up Your Study Success with Experts We’ve Got Your Back.