...Week 1 Laboratory How to Identify Threats & Vulnerabilities in an IT Infrastructure Learning Objectives and Outcomes Upon completing this lab, students will be able to: • Identify common risks, threats, and vulnerabilities found throughout the seven domains of a typical IT infrastructure. • Align risks, threats, and vulnerabilities to one of the seven domains of a typical IT infrastructure • Given a scenario, prioritize risks, threats, and vulnerabilities based on their risk impact to the organization • Prioritize the identified critical, major, and minor software vulnerabilities Week 1 Lab: Assessment Worksheet Part A – List of Risks, Threats, and Vulnerabilities Commonly Found in an IT Infrastructure Overview One of the most important first steps to risk management and implementing a risk mitigation strategy is to identify known risks, threats, and vulnerabilities and organize them. The purpose of the seven domains of a typical IT infrastructure is to help organize the roles, responsibilities, and accountabilities for risk management and risk mitigation. This lab requires students to identify risks, threats, and vulnerabilities and map them to the domain that these impact from a risk management perspective. Lab Assessment Questions & Answers The following risks, threats, and vulnerabilities were found in a healthcare IT infrastructure servicing patients with life-threatening situations. Given the list, select which of the seven domains...
Words: 590 - Pages: 3
...VULNERABILITY ASSESSMENT WHITEPAPER Automating Vulnerability Assessment This paper describes how enterprises can more effectively assess and manage network vulnerabilities and reduce costs related to meeting regulatory requirements. Automated Vulnerability Assessment / Vulnerability Management (VA/VM) solutions are supplementing and in some cases replacing manual penetration testing with an overall improvement in network security without increasing costs. New advances have eliminated the high management overhead and false positive rate issues that plagued open source and early market VA/VM entries. This whitepaper discusses: Speed of change in networks, equipment and applications plus the speed of exploit deployment is revealing weakness in corporate policies specifying relatively infrequent manual penetration testing. Perimeter defences (anti-virus, firewall and IPS/IDS) are vital, but can be bypassed by determined effort to reach and exploit known vulnerabilities that reside just inside the fence. The introduction of an automated network scanning mechanism and consolidated reporting to identify and track mitigation of known vulnerabilities is establishing a higher overall security level often using already existing budget and manpower. Table of Contents Introduction................................................................................................................................................... 3 The Challenges of Network Security Assessments .......
Words: 3435 - Pages: 14
...Lab #1 – Attack & Penetration Test Plan Answer Sheet Hacking and Countermeasures 6/28/2013 MR. Walker Ramon B Kreher Jared Long Part 1: Table of Contents 1. Introduction 2. Authorization 3. Preliminary 4. Scope 5. Goals & Objectives 6. Test Plan Reporting 7. Test Plan Reporting 8. Projecting Plan and Schedule Part 2: Sample Authorization Letter The Undersigned hereby testifies that they have proper authority and agrees to offer authorization to perform the work that is specified in the statement of work for the penetration test to be conducted by Security Consulting Inc. The systems to be tested shall not be compromised and any vulnerabilities that are discovered shall be kept confidential unless federal, state, or local law requires that they be disclosed or the statement of work specifies otherwise. This Document also certifies that the undersigned testifies that the Client has sufficient disaster recovery systems and insurance in the event of an incident during or after the test procedures. Part 3: Penetration Test Client Questions If black box is selected, do not fill out question 3 or following sections. 1. Black Box | White Box (please circle one) 2. Intrusive | Non-Intrusive (please circle one 3. Test Credentials: (fill in as many as needed) Username | Password | | | | | | | | | | | | | | | E-Commerce Web-based Application Server 1. Authorized to View Source? Yes | No (please...
Words: 652 - Pages: 3
...How to Secure Your Systems Networking Security Fundamentals CIS 333 July 28, 2012 How to Secure Your Systems When we think about technology we think of all the capabilities it gives us and also the headaches it brings. In today's technological world there are many vulnerabilities to the computer networks that we have. If there is a malicious attacker exposes these vulnerabilities can affect the company in many ways. We know that your business could be interrupted causing you thousands of dollars in damage. Not only could you lose business by your network going down, but you can also lose consumer confidence, and ensure the possible penalties imposed on you by the government for not properly securing your customers imperative information. This is why we will be looking at different measures that we can take to be proactive and prevent this from happening. There are several methods or should we say concepts available to the network administrators to help them in securing the networks or should we say the concept of defense-in depth, which is a concept that uses multiple defense strategies. This is a concept that all network administrators and security personnel should practice. Using this method will add several layers of security to your network. Two of those concepts or solutions are DMZ’s (Demilitarized Zones) and IDS’s (Intrusion Detection Systems). DMZ is a physical or logical sub-network that contains and exposes an organization’s external services to a larger untrusted...
Words: 1667 - Pages: 7
...secure execution environment. An example of such a threat is the Trojan circuit, an insidious attack that involves planting a vulnerability in a processor sometime between design and fabrication that manifests as an exploit after the processor has been integrated, tested, and deployed as part of a system. Vulnerability is the existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the computer system, network, application, or protocol involved. Vulnerability is a weakness which consists of three elements which include system susceptibility, attacker access to the flaw and attacker capability to exploit the flaw. A security risk may be considered as a vulnerability and there are vulnerabilities without risk when the affected asset has no value at all. A vulnerability with one or more known instances of working and fully implemented attacks is classified as an exploitable vulnerability. A vulnerability with one or more known instances of working and fully implemented attacks is classified as an exploitable vulnerability. The window of vulnerability is the time from when the security hole was introduced or manifested in deployed software to when access was removed, a security fix was deployed, or the attacker was disabled. Vulnerabilities that are not related to software include hardware, site and personnel vulnerabilities. A large source of vulnerabilities include constructs in programming languages that...
Words: 657 - Pages: 3
...Domain Risk, Threat, or Vulnerability: Lack of awareness, Apathy toward policies, Security policy violations, Personal CD’s and USB drives with photos, music and videos, Download photos, music and videos, Destruction of systems, applications, or data, Employee blackmail or extortion. Mitigation: Conduct annual security awareness training, Place employee on probation, Disable internal CD drives and USB ports, Enable content filtering. Restrict user access, Track and monitor abnormal employee behavior, Enable Intrusion detection system/Intrusion prevention system (IDS/IPS). Workstation Domain Risk, Threat, or Vulnerability: Unauthorized access to workstation, Unauthorized access to systems, applications, and data, Desktop or Laptop computer operating system software vulnerabilities, Viruses, malicious code or malware infects a workstation or laptop. Mitigation: Enable password protection, Define strict access control policies, standards, procedures and guidelines, Use workstation antivirus and malicious code policies, LAN Domain Risk, Threat, or Vulnerability: Unauthorized access to LAN, Unauthorized access to system, applications, and data, LAN server operating system/application software vulnerabilities, Rogue users on WLANs gain unauthorized access. Mitigation: Define strict access control policies, standards, procedures and guidelines, Make sure wiring closets, data centers, and computer rooms are secure. LAN to WAN Domain Risk, Threat, or Vulnerability: Unauthorized...
Words: 364 - Pages: 2
...Securing Windows applications requires hardening each application to protect it from potential vulnerabilities. Your job is to select the best control to address each of the anticipated vulnerability. You have been given the task of reviewing security policy and recommending the best security controls to respond to vulnerabilities the security team has identified for the new enterprise resource planning (ERP) software. You can select from a short list of security controls to detect or prevent each stated threat. For each vulnerability, select the best control to ensure Ken 7 Windows Limited fulfills the stated requirements to secure its application software. Select from these security controls: a. Place a firewall between the Internet and your Web server. b. Place a firewall between your Web server and your internal network. c. Remove the mail server service. d. Require encrypted connections for all remote ERP clients. e. Apply the latest security patches. f. Use a packet sniffer to view the contents of network packets. g. Require all personnel attend a lunch and learn session on updated security policies. Identified ERP software vulnerabilities: a | 1. The ERP software vendor reports that some customers have experienced denial-of-service (DoS) attacks from computers sending large volumes of packets to mail servers on the Web server computers. | | 2. | g | 3. Users that leave their workstations logged in during long durations...
Words: 297 - Pages: 2
...A. Outline the top five threats to each of the following in the given scenario: 1. The server 2. The workstations 3. The website Threats - Server Rootkits – This software, which is malicious in nature, allows hackers to gain and maintain elevated or administrative access to servers. Often times, this type of software come as an attachment shared among e-mail contacts, and is accidently initiated when saved to a local folder. The software can then hold open a gateway to allow the attacker access to the compromised server, without intervention or further initiation from the unsuspecting user. This may have been one possible highway that was used by the attackers to gain access to and delete data from the customer website. Open Ports & Services – By default, many server type operating systems leave a large quantity of ports open. This allows greater configurability and compatibility for software and server based services. However, leaving these default ports and a multitude of default services in operation, increase the attack surface and overall vulnerability of the server. These vulnerable ports allow for attacks such as ‘Denial of Service’, and this may have been factor in the latency and slowdown experienced by employees and customers alike. Missed Patches – Every day new attack vectors are discovered, and operating system and software vulnerabilities are identified. Many server type operating systems come with a robust security suite, however these security measures...
Words: 2778 - Pages: 12
...for security that is risk-based and content-aware. Here are six steps that any organization can take, using proven solutions to significantly reduce the risk of a data breach. 1 2 3 4 5 6 Stop incurSion By targeteD attackS The top four means of hacker incursion into a company’s network are through exploiting system vulnerabilities, default password violations, SQL injections, and targeted malware attacks. To prevent incursions, it is necessary to shut down each of these avenues into the organization’s information assets. Core systems protection, IT compliance controls assessment automation, and endpoint management, in addition to endpoint, Web, and messaging security solutions, should be combined to stop targeted attacks. iDentify threatS By correlating real-time alertS with gloBal intelligence To help identify and respond to the threat of a targeted attack, security information and event management systems can flag suspicious network activity for investigation. The value of such real-time alerts is much greater when the information they provide can be correlated in real time with current research and analysis of the worldwide threat environment. proactively protect information In today’s connected world, it is no longer enough to defend the perimeter. Now you must accurately identify and proactively protect your most sensitive information wherever it is stored, sent, or used. By enforcing unified data protection policies across servers, networks,...
Words: 642 - Pages: 3
...the most important first steps to risk management and implementing a security strategy is to identify all resources and hosts within the IT infrastructure. Once you identify the workstations and servers, you now must then find the threats and vulnerabilities found on these workstations and servers. Servers that support mission critical applications require security operations and management procedures to ensure C-I-A throughout. Servers that house customer privacy data or intellectual property require additional security controls to ensure the C-I-A of that data. This lab requires the students to identify threats and vulnerabilities found within the Workstation, LAN, and Systems/Applications Domains.1. What are the differences between ZeNmap GUI (Nmap) and Nessus?ZeNmap is used to map a network and Nessus is used to Test a network for vulnerabilities.2. Which scanning application is better for performing a network discovery reconnaissance probing of an IP network infrastructure? Nmaps sole purpose is just that, network probing and recon.3. Which scanning application is better for performing a software vulnerability assessment with suggested remediation steps? Nessus would be a better tool for this operation. While you can find network vulnerabilities with Nmap, it is not used as such.4. How many total scripts (i.e., test scans) does the Intense Scan using ZenMap GUI perform?Port Scanning, OS detection, Version detection, Network Distance, TCP sequence prediction, Trace route5....
Words: 310 - Pages: 2
...awareness. The second is the workstation domain. This domailn is made up of the devices that employees use to connect to the IT infrastructure. This domain requires a strong security and controls because this is where users first access the system. If you can have unauthorized user access situation; make sure you have a strong password and screen lockout policy in place. If you have any software vulnerabilities or software patch updates that are needed; make sure you have the workstation OS vulnerability window policy in place so to it can be consistently monitored and updated. And the third domain is the Local Area Network domain. The LAN Domain is a collection of computers connected to one another or to a common medium. All LAN domains include data closets, physical elements of the LAN, as well as logical elements as designated by authorized personnel and requires a strong security and access controls. This domain can access company-wide systems, applications, and data from anywhere within the LAN. The LAN support group is in charge maintaining and securing this domain. The biggest threat to the LAN domain is Un-authorized access to anything (the LAN, the systems, & the data) on the network. One thing we can do is requiring strict security protocols for this domain, such as disabling all external access ports for the...
Words: 286 - Pages: 2
...Research to invest personal for the sole purpose of constant testing of network security and vulnerability; therefore ensure AR’s safety of intellectual property. Table of Contents Executive Summary……………………………………………………………………….2 Introduction………………………………………………………………………………..2 Recommendations…………………………………………………………………………3 Budget……………………………………………………………………………………...4 References………………………………………………………………………………….4 Executive Summary Advanced Research (AR) is on its way to becoming a major player in the medical research and development industry. However, suspicion that the corporate network infiltrated from unauthorized sources more than once, indicated the lack of solid security measures. The false allegations of unethical research and development practices are proof of such accesses. Despite the security troubles and false allegations, AR has experienced a 40% increase in business and as result of the increase AR has hires more stuff. The increase traffic is another indication that AR needs a sure and effective method to securing employee’s credential and devices. AR’s innovative research and development information is paramount to its continued success as a company. AR must enhance every security measure to meet the increase in business and procurement of new tools, personal and advance software for the sole purpose of testing the vulnerabilities in our...
Words: 1213 - Pages: 5
...Security Threats Vulnerability can be defined as “a security exposure that results from a product weakness that the product developer did not intend to introduce and should fix once it is discovered” (Microsoft TechNet, 2014). There are possibility that the two databases could have vulnerabilities such as a weakness in the technology, configuration or security policies. The vulnerabilities can lead to potential risks in the personnel records systems. Security risks can be described as actions that could cause loss or damage to computer hardware, software, data or information. Potential security risks to milPDS and Remedy are computer viruses, unauthorized access of systems, personal information theft, personally identifiable information (PII) being compromised or violated, and system failure. These vulnerabilities and security risks can result in serious issue to the center. As a center that has a main purpose of managing personal records, any compromise, whether it is information stolen or a database system losing information can be disastrous for many different reasons. After threats and vulnerabilities have been identified, an assessment should be processed to figure out how the threat and vulnerability affected the system(s). This will assist in determining what measures are needed to ensure the vulnerability is handled. There are policies, Air Force Instructions and procedures in place if threats and vulnerabilities have been detected. The Commander will...
Words: 474 - Pages: 2
...For YieldMore Executives, We here in your IT department have recently audited our infrastructure for our company’s network. Upon the review we did find several threats and vulnerabilities. First off is the fact we do not have a backup system in place for any natural disaster to our headquarters. This is an exploit found in the systems and application domain that can cripple our whole company. A second system found in one of the production center could be able to be installed in case of said disaster to our corporate headquarters. Our second issue is the possibility of our sales force using their own computers to remote access into our network. There could be malware installed in their hardware at home and can be sent to our network to infiltrate our system. Good practice to this is to supply company laptop to sales and have restrictions to known websites with malware downloads to help avoid infections and malware to our system. This area is on the remote access domain and needs to be looked at on a constant basis. The third issue would be in the user domain. Any terminated or disgruntled employee can load issues to our system and need to be expelled from our system as soon as they are gone from the company. A fourth issue would be password safety. We must assume that passwords are not secure since most of our labor is found outside of our three building units. A policy to have the user change his or her password on a frequent basis will in fact...
Words: 361 - Pages: 2
...------------------------------------------------- Table D: Vulnerabilities, Threats, and Risks ------------------------------------------------- Table D: Vulnerabilities, Threats, and Risks RiskNo. | Vulnerability | Threat | Risk of Compromise of | Risk Summary | 1 | Wet-pipe sprinkler system in IIS Data Center. | Fire | Availability of IIS and data. | Fire would activate sprinkler system causing water damage & compromising the availability of IIS. | 2 | IIS user identifiers (IDs) no longer required are not removed from IIS in timely manner. | Unauthorized Use | Confidentiality & integrity of IIS data. | Unauthorized use of unneeded user IDs could compromise confidentiality & integrity of IIS data. | 3 | IIS access privileges are granted on an ad-hoc basis rather than using predefined roles. | Unauthorized Access | Confidentiality & integrity of IIS data. | Unauthorized access via ad-hoc privileges could compromise of confidentiality & integrity of IIS data. | 4 | Bogus TCP packets (> 50000 bytes) directed at port 1521 will cause IIS to stop responding. | Malicious UseComputer Crime | Availability of IIS and data. | Denial of service attack via large bogus packets sent to port 1521 could render IIS unavailable for use. | 5 | New patches to correct flaws in application security design have not been applied. | Malicious UseComputer Crime | Confidentiality & integrity of IIS data. | Exploitation of un-patched application security...
Words: 502 - Pages: 3
