It255

In: Computers and Technology

Submitted By TapsTaps
Words 369
Pages 2
What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them.
Advisory Number: CVE Ref:
2401593 CVE-2010-3213
2264072 CVE-2010-1886*
980088 CVE-2010-0255
975497 CVE-2009-3103
98343 CVE-2010-0817*

2. Do any vulnerabilities involve privilege elevation? Is this considered a high priority issue?
Only two from the five listed in question one are privileged elevation and identified by the asterisk alongside the CVE number. They are of importance but not considered a high priority issue as asked.

3. Identify and document at least three vulnerabilities and the solutions related to the client configurations.
Advisory Number: 977981
Solution: This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights

Advisory Number: 979352
Solution: This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Advisory Number: 954157
Solution: The update also removes the ability for this codec to be loaded when browsing the Internet with any other applications. By…...

Similar Documents

It255

...Answer the following questions a) What is the basic concept of interest? b) How is interest usually expressed? (In terms of the principal) Interested is usually expressed as a percent on the principal. c) What does the interest rate multiply on for simple interest? A 30-year loan for $100,000 with a rate of 6%. The monthly payment would be $599.56 for both the standard and simple interest mortgages. The interest due is calculated differently, however. On the standard mortgage, the 6% is divided by 12, converting it to a monthly rate of .5%. The monthly rate is multiplied by the loan balance at the end of the preceding month to obtain the interest due for the month. In the first month, it is $500. d) What does the interest rate multiply on for compound interest? It multiplies interest* total amount What is the formula for simple interest? I=P *r* t e) Example below f) What is the formula for compound interest? P is the principal (the initial amount you borrow or deposit) r is the annual rate of interest (percentage) n is the number of years the amount is deposited or borrowed for. A is the amount of money accumulated after n years, including interest. When the interest is compounded once a year: A=P(1+r)n*t Also you can use compound interest like this Annually = P × (1 + r) = (annual compounding) Quarterly = P (1 + r/4)4 = (quarterly compounding) Monthly = P (1 + r/12)12 = (monthly compounding) Given the...

Words: 367 - Pages: 2

It255 Project Part 1

...IT255 Project Part 1 4/1/12 User Domain Vulnerabilities * CD dives and usb ports Disable internal drives and usb ports and enable auto antivirus scanning for any inserted media and email attachments * User destruction of data or systems Restrict access to job essential systems/applications. Keep write permissions to a minimum. Workstation Domain Vulnerabilities * Download of photos music and videos from the internet Enable content filtering and workstation auto antivirus scans for all new files * Desktop/laptop application software vulnerabilities Establish a software vulnerability upgrade procedure and push software and security patches in a timely manner LAN Domain Vulnerabilities * Unauthorized access to LAN Implement security measures to gain access to data closets/centers. ie. Access ID cards. * Securing confidentiality of data transmissions via WLAN Use encryption for all wireless transmissions on the WLAN. LAN-to-WAN Domain Vulnerabilities * Router, firewall, and network OS software vulnerabilities Apply security fixes and software patches right away with a 0 day WoV * Unauthorized network probing Disable ping, probing, and port scanning on all external network enabled devices in the domain. WAN Domain Vulnerabilities * Easy to eavesdrop on Use VPN’s and encryption for all transmissions * DoS, DDoS attacks Enable filters to firewalls and router WAN interfaces to block TCP SYN and ping. Remote Access Domain......

Words: 290 - Pages: 2

Itt It255 Research Project Part 1

...Brian Gobrecht IT255 Project Part 1 The domains of an infrastructure are broken down into several parts. The User, Workstation, LAN, LAN-to-Wan, Remote Access, Wan, and System/Application domains. All of these are a very crucial part of a domain structure and if one fails to do its proper job most of it or all of it will come to a screeching halt. The User Domain is pretty self-explanatory yes a system can do without a user but by itself it’s more probable to breakdowns and other things to go wrong. So to help the user out in a way it’s not damaging to the infrastructure. One way is to have the computer scan for viruses in anything that plugs into the usb slot such as a portable hard drive or a memory card. As for unauthorized downloads such as music or photos I suggest enable content filtering. Workstation domains are another vital part of keeping the system healthy at most times. To protect this I suggest either at the door of the server room keycards to get in and at the workstation itself both a physical and pass worded approach to ensure the right person is getting in. And to add further measure of security the room would be camera surveyed and users will be logged. A LAN domain can be a very volatile domain with all the wiring and NIC cards and LAN switches common in most rooms. If we are to hopefully secure this part of the domain I would like to be able to restrict access to the computers and laptops that are only necessary to the work environment. So if...

Words: 474 - Pages: 2

It255

...What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them. Advisory Number: CVE Ref: 2401593 CVE-2010-3213 2264072 CVE-2010-1886* 980088 CVE-2010-0255 975497 CVE-2009-3103 98343 CVE-2010-0817* 2. Do any vulnerabilities involve privilege elevation? Is this considered a high priority issue? Only two from the five listed in question one are privileged elevation and identified by the asterisk alongside the CVE number. They are of importance but not considered a high priority issue as asked. 3. Identify and document at least three vulnerabilities and the solutions related to the client configurations. Advisory Number: 977981 Solution: This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights Advisory Number: 979352 Solution: This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The more severe vulnerabilities could allow remote...

Words: 369 - Pages: 2

It255 Unit5 Assignment

...TO: FROM: DATE: SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1) How Grade: One hundred points total. See each section for specific points. Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | | Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.) # | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage...

Words: 295 - Pages: 2

It255

...1. Data Encryption Standard (DES): A predominant algorithm for the encryption of electronic data. It was influential in the advancement of modern cryptography in the academic world. 2. Rivest, Shamir and Adleman (RSA) encryption algorithm: Internet encryption and authentication system that uses an algorithm. It is most commonly used encryption and authentication algorithm used. 3. Triple DES: A block cipher, which applies the data encryption standard cipher algorithm three times to each data block. 4. Diffie-Hellman key exchange: A specific method of exchanging cryptographic keys. It allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. 5. International Data Encryption Algorithm (IDEA): Uses a block cipher with a 128-bit key, and is generally considered to be very secure. It is known as the best public known algorithm. 6. El Gamal encryption algorithm: An asymmetric key encryption algorithm for public-key cryptography which is based on the Diffie-Hellman exchange. It is used in the free GNU Privacy Guard software, recent versions of PGP, and other cryptosystems. 7. Carlisle Adams and Stafford Taveres (CAST) algorithm: This is a substitution-permutation algorithm similar to DES. It was designed with a public criteria. 8. Elliptic curve cryptography (ECC): A public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient...

Words: 519 - Pages: 3

It255 Project Pdf

...IT255 Introduction to Information Systems Security STUDENT COPY: Project Project Security Domains and Strategies Purpose This project provides you an opportunity to apply the competencies gained in various units of this course to identify security challenges and apply strategies of countermeasures in the information systems environment. Learning Objectives and Outcomes  You will learn the purpose of a multi-layered security strategy.  You will understand the information systems security (ISS) fundamentals including the definition of terms, concepts, elements, and goals.  You will incorporate the industry standards and practices with a focus on the confidentiality, integrity, availability, and vulnerabilities of information systems.  You will fulfill the role of a security professional implementing proper security controls in a specific ® business situation based on Systems Security Certified Practitioner (SSCP ) Common Body of Knowledge domains. Required Source Information and Tools To complete the project, you will need the following: 1. Access to the Internet to perform research for the project 2. Course textbook 2 ® ® 3. (ISC) SSCP Common Body of Knowledge available in the SSCP Candidate Information Bulletin © ITT Educational Services, Inc. All Rights Reserved. -147- Change Date: 10/25/2010 IT255 Introduction to Information Systems Security STUDENT COPY: Project Project Logistics The...

Words: 1563 - Pages: 7

It255

...Internet DMZ Equipment Policy 1.0 Purpose The purpose of this policy is to define standards to be met by all equipment owned and/or operated by Richman Investments located outside Richman Investment's corporate Internet firewalls. These standards are designed to minimize the potential exposure to Richman Investment from the loss of sensitive or company confidential data, intellectual property, damage to public image etc., which may follow from unauthorized use of Richman Investment resources. Devices that are Internet facing and outside the Richman Investment firewall are considered part of the "de-militarized zone" (DMZ) and are subject to this policy. These devices (network and host) are particularly vulnerable to attack from the Internet since they reside outside the corporate firewalls. The policy defines the following standards: * Ownership responsibility * Secure configuration requirements * Operational requirements * Change control requirement 2.0 Scope All equipment or devices deployed in a DMZ owned and/or operated by Richman Investment (including hosts, routers, switches, etc.) and/or registered in any Domain Name System (DNS) domain owned by Richman Investment, must follow this policy. This policy also covers any host device outsourced or hosted at external/third-party service providers, if that equipment resides in the "RichmanInvestment.com" domain or appears to be owned by Richman Investment. All...

Words: 1219 - Pages: 5

It255

...Richman Investments To: Don, IT supervisor From: XXXX,XXXXXXXXXX, IT Intern I was tasked with drafting a report on the Richman Investments “Internal Use Only” data classification standard. This report will address which IT Infrastructure domains are affected by the standard and in addition how they are affected. There are seven layers (domains) in the IT Infrastructure that are affected by this; however I will mainly focus on three. User Domain is the first layer in the IT Infrastructure and is the weakest link in an IT Infrastructure. This is where you will encounter your Risks, Threats and Vulnerabilities. But you can also mitigate most of the common User Security risks. Here, the employees can access systems, applications and data based on their access rights. This is where one will find an Acceptable Use Policy (AUP). The AUP defines what every system user is allowed to do with company owned systems. Workstation Domain is the second layer in the IT Infrastructure. This is where most users connect to the IT Infrastructure. Keep in mind, a workstation can be either a centralized desktop computer or a laptop computer or any device utilized to connect onto the network. The users will initially access systems, application and or data. However, in order to protect the systems, workstations require additional layers of security such as; logon IDs and passwords. LAN Domain is the third layer in the IT Infrastructure. Your LAN (Local Area Network) allows for...

Words: 374 - Pages: 2

It255 Quiz 2

...IT255 Intro to Info Security June 2012 Quiz 2 Name: Date: 08/21/2012 1. Which of the following are primary categories of rules that most organizations must comply with? a. HR and employee b. Regulatory and employee c. Organizational and technological d. Regulatory and organizational 2. Which of the following is not a part of an ordinary IT security policy framework? a. Specifications b. Standards c. Procedures d. Guidelines 3. Which of the following helps you determine the appropriate access to classified data? a. Job rotation b. Need to know c. Code of ethics d. Change control management 4. Which of the following refers to the management of baseline settings for a system device? a. Baseline standards control b. Configuration control c. Change control d. Hardware asset control 5. Identify a primary step of the SDLC. a. Budget review b. Design c. Replication d. Marketing 6. Which of the following is a process to verify policy compliance? a. Penetration test b. Security audit c. Threat mitigation d. Security assessment 7. When monitoring a system for anomalies, the system is measured against __________. a. Baseline b. Logs c. Security policy d. Results of the penetration test 8. Which of the following is not a type of penetration test? a. Black box b. White box c. Gray box d. Blue box 9. Identify a drawback of log monitoring. a. Amount of information b. Specialized tools requirements c. Accuracy of...

Words: 394 - Pages: 2

It255

...2. Cryptography: Overview An overview of the main goals behind using cryptography will be discussed in this section along with the common terms used in this field. Cryptography is usually referred to as "the study of secret", while nowadays is most attached to the definition of encryption. Encryption is the process of converting plain text "unhidden" to a cryptic text "hidden" to secure it against data thieves. This process has another part where cryptic text needs to be decrypted on the other end to be understood. Fig.1 shows the simple flow of commonly used encryption algorithms. Fig.1 Encryption-Decryption Flow As defined in RFC 2828 [RFC2828], cryptographic system is "a set of cryptographic algorithms together with the key management processes that support use of the algorithms in some application context." This definition defines the whole mechanism that provides the necessary level of security comprised of network protocols and data encryption algorithms. 2.1 Cryptography Goals This section explains the five main goals behind using Cryptography. Every security system must provide a bundle of security functions that can assure the secrecy of the system. These functions are usually referred to as the goals of the security system. These goals can be listed under the following five main categories[Earle2005]: Authentication: This means that before sending and receiving data using the system, the receiver and sender identity should be...

Words: 6825 - Pages: 28

It255 Unit 3 Assignment 1

...H. Underwood IT255 4/8/13 UNIT 3: Assignment: 1 Remote Access Control Policy 1.0 Purpose The purpose of this policy is to define standards for connecting to Richman Investment’s network from any host. These standards are designed to minimize the potential exposure of Richman Investment’s to damages which may result from unauthorized use of Richman Investment’s resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to Richman Investment’s internal systems, etc. 2.0 Scope This policy applies to all of Richman Investment’s employees, contractors, vendors and agents with a Richman Investment’s owned or personally-owned computer or workstation used to connect to the Richman network. This policy applies to remote access connections used to do work on behalf of Richman Investment’s, including reading or sending email and viewing intranet web resources. Remote access implementations that are covered by this policy include, but are not limited to, dial-in modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc. 3.0 Policy 3.1 General 1. It is the responsibility of Richman Investment’s employees, contractors, vendors and agents with remote access privileges to Richman Investment’s corporate network to ensure that their remote access connection is given the same consideration as the user's on-site connection to Richman Investment’s. 2. General access to the Internet for recreational...

Words: 1214 - Pages: 5

It255 Assignment 3

...Melissa Burkhardt IT255 Unit 3 Assignment To begin designing a remote access control policy for The Richman Company, several configurations must take place. The Richman corp. uses In a Windows Server 2003-based native-mode domain, you can use the following three types of remote access policies: Explicit allow, the remote access policy is set to "Grant remote access permission" and the connection attempt matches the policy conditions,The remote access policy is set to "Deny remote access permission" and the connection attempt matches the policy conditions. Secondly, I would enforce The Explicit deny policy. The remote access policy is set to "Deny remote access permission" and the connection attempt matches the policy conditions. The connection attempt does not match any remote access policy conditions. After implementation of several security policies, I would create a SSL VPN network. This is a form of VPN that can be used with a standard Web browser. In contrast to the traditional Internet Protocol Security (IPsec) VPN, an SSL VPN does not require the installation of specialized client software on the end user's computer. It's used to give remote users with access to Web applications, client/server applications and internal network connections. Every Richman Employee must meet the Policy Conditions to the properties of the connection attempt made by the remote access client. There can be one or more Remote Access conditions applied to a single Remote Access......

Words: 299 - Pages: 2

It255

...Exam 1 1. Which edition of Windows includes DirectAccess and BranchCache? A. Windows 7 Enterprise B. Windows 7 Professional C. Windows 7 Home Basic D. Windows 7 Home Premium Answer: A Windows 7 Enterprise is targeted for managed environments, mainly large enterprises. It includes all features that Windows 7 offers, including BitLocker, BitLocker To Go, AppLocker, DirectAccess, and BranchCache. 2. How much memory does a 32-bit version of Windows 7 support? A. 1 GB B. 2 GB C. 4 GB D. 8 GB Answer: C A 32-bit version of Windows is based on a 32-bit address bus, which can use up to 4 GB of memory. 3. Which of the following does NOT include Aero? A. Windows 7 Home Premium B. Windows 7 Professional C. Windows 7 Home Basic D. Windows 7 Enterprise Answer: C Aero is not included in Windows 7 Home Basic or Windows 7 Starter. 4. What is the minimum processor that you need to install Windows 7 Home Basic, 32 bit? A. 800 MHz B. 1 GHz C. 1.2 GHz D. 2.0 GHz Answer: B...

Words: 3862 - Pages: 16

It255 Unit1.1

...MatchRisks Instructions: You are presented with a list of some risks and threats associated with the seven domains of a typical IT infrastructure. Below the list, the solutions or preventive actions to manage those risks and threats are listed. Write the letter of the correct solution or preventative action in the blank to the right of each risk or threat. Risks or threats: 1. Violation of a security policy by a user ____C___ 2. Disgruntled employee sabotage ___I____ 3. Download of non-business videos using the Internet to an employer-owned computer ____A ____ 4. Malware infection of a user’s laptop ___L____ 5. Unauthorized physical access to the LAN ___ N ____ 6. LAN server operating system vulnerabilities ____F____ 7. Download of unknown file types from unknown sources by local users ___ B _____ 8. Errors and weaknesses of network router, firewall, and network appliance configuration file ___H_____ 9. WAN eavesdropping ___M_____ 10. WAN Denial of Service or Distributed Denial of Service (DDoS) attacks ___D_____ 11. Confidential data compromised remotely ___K_____ 12. Mobile worker token stolen ___G_____ 13. Corrupt or lost data ___E_____ 14. Downtime of customer database ___J_____ Solutions or preventative actions: A. Enable content filtering and antivirus scanning at the entry and exit points of the Internet. Enable workstation auto-scans and auto-quarantine for unknown file...

Words: 452 - Pages: 2