Free Essay

Nt2580 Unit 6 Assign 1

In: Computers and Technology

Submitted By Jostarnes
Words 310
Pages 2
JO STARNES, NT2580, UNIT 2
CALCULATING THE WINDOW OF VULNERABILITY
The window of vulnerability is the amount of time the systems defense measures are compromised, minimized, or eliminated. This is when the system is most likely to be at risk, and can be affected by malicious attacks.
It is not stated as what day the server software detected the attack on the SMB server. It only states that it was detected the day before. So from day one, these are the steps we will need to take to get the SMB server back up and running properly and safely, as well as the amount of time it will take for us to solve the issue:
Day 1 - The software company will release a patch for this attack in three days.
Day 4 – We will receive the patch, and we need to install and test the patch, this will take at least five days. Day 9 – After installation and testing is completed; we will send the update to the entire company’s network devices. As soon as all the updates are sent out to all the devices, they will need to be rebooted in order for the patch to take effect. We can send out a message to all devices to insure this happens. This could take a day or two to complete.
This could all be completed as early as 10 days if there are no issues during the process, however problems may arise and it could possibly take a day or two more. I hope that this is helpful and we will start immediately on the problem.
It is of upmost importance that you have team members monitoring the server at all times during the Window of Vulnerability. Report any issues to us and we will certainly address them immediately.
Resources
Microsoft TechNet, Window of Vulnerabily,9.25.14

Similar Documents

Free Essay

Nt2580 Unit 5 Assignment 1

...It255 Unit5 Assignment TO: FROM: DATE: SUBJECT:Unit 5 Assignment 1: Testing and Monitoring Security Controls REFERENCE: Testing and Monitoring Security Controls (IT255.U5.TS1) How Grade: One hundred points total. See each section for specific points. Assignment Requirements Part 1:Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Explain why they might indicate suspicious activity.(Forty points. Twenty points for each event.) # | Security Event & Baseline Anomaly That Might Indicate Suspicious Activity | Reason Why It May Indicate Suspicious Activity | 1. | Authentication Failures | Unauthorized access attempts | 2. | Network Abuses | Employees are downloading unauthorized material. | 3. | | | 4. | | | 5. | | | 6. | | | Part 2: Given a list of end-user policy violations and security breaches, select three breaches and consider best options for monitoring and controlling each incident. Identify the methods to mitigate risk and minimize exposure to threats and vulnerabilities. (Sixty points. Twenty points for each breach.) # | Policy Violations & Security Breaches | Best Option to Monitor Incident | Security Method (i.e., Control) to Mitigate Risk | 1. | A user made unauthorized use of network resources by attacking network entities. | Monitor the logs | Fire the user | 2. | Open network drive shares allow storage privileges to outside users. |...

Words: 258 - Pages: 2

Premium Essay

Unit 6 Assignment 1

...Chapter 6: Conceptual Review Questions (All Questions worth 5 points each) Match the information below with Questions 1 through 14. |A. Compound Interest |E. IRR |I. PMT |M. ROI | |B. CUMPRINC |F. NPER |J. PPMT |N. Simple Interest | |C. FV |G. NPV |K. PV |O. SLN | |D. IPMT |H. Payback Period |L. RATE |P. Type | 1. Function to calculate the interest percentage per period of a financial transaction 2. Function to calculate the value at the beginning of a financial transaction 3. Function to calculate value of the end of a financial transaction 4. Function to calculate periodic payments in or out of a financial transaction 5. Function to calculate the number of compounding periods in a financial transaction 6. Use a “1” for this argument to indicate that interest will be paid at the beginning of each compounding period 7. This type of interest is calculated based on original principal regardless of the previous interest earned 8. This type of interest is calculated based on principal and previous interest earned 9. Function to calculate straight line depreciation based on the initial capital investment, number...

Words: 622 - Pages: 3

Premium Essay

Unit 6 Assigment 1

...Michael Wilson| MBA6004 | February 13, 2014 Michael Wilson| MBA6004 | February 13, 2014 Unit 6 Assignment 1 Strategy recommendation Unit 6 Assignment 1 Strategy recommendation Identifying a Business 2 CURRENT USE OF THE WEB _________________________________________________________2 IMPLICATIONS OF THE WEB_________________________________________________________2 ETHICS OF USING THE WEB _________________________________________________________4 CONCLUSION_______________________________________________________________________5 Identifying a Business For my pre-writing strategy recommendation business will be Wal-Mart. As a retail giant, many people use Wal-Mart for many different reasons, such reasons are: grocery shopping, appliance shopping, electronics and other goods offered at the store. With so many ways to peak consumers interest Wal-Mart has to be diversified on how it reaches it consumers. Today Wal-Mart has television commercials, ads in newspapers and on the radio, plus a website for ways they entice consumers to shop at their stores. I chose Wal-Mart because of its vast potential in its use for the internet. Current Use of the Web Wal-Mart’s easy to use website also allows customers to pay their Wal-Mart cards on-line as well as purchase items from its on-line store. Currently Wal-Mart uses the web for inventory, re-ordering items that running low in supply. According to Karpinski (2002), “Wal-Mart mandated that all its suppliers begin to move......

Words: 1331 - Pages: 6

Premium Essay

Unit 6 Assignment 1

...IS3340-WINDOWS SECURITY | Minimizing Recovery Time Strategies | Unit 6 Assignment 1 | | | 5/5/2014 | | This document outlines the required steps to follow, in-order to properly scan the necessary servers and workstations in the Ken 7 Windows Limited Domain for security vulnerabilities. 1) Acquire and install MBSA(Microsoft Baseline Security Anaylizer) •Download MBSA. Download MBSA from the MBSA home page, and then install it to the default directory. •Updates for MBSA. If both the computer you will be scanning and the computer with MBSA installed have Internet access, the latest security catalog (.cab file), authentication files, and WUA installer files will be automatically downloaded, if needed. If either the target computer or the computer with MBSA installed does not have Internet access, download the following files and place them in the C:\Documents and Settings\<username>\Local Settings\Application Data\Microsoft\MBSA\2.0\Cache\ directory on the computer that is performing the scan. 2) Scan computers Run MBSA and clear the Check for security updates check box when performing the scan. Using the Graphical Interface Tool The following procedure describes how to use the MBSA GUI tool. To use the MBSA GUI tool to scan for updates and patches 1. On the Programs menu, click Microsoft Baseline Security Analyzer. 2. Click Scan a computer. 3. Make sure that the following options are not selected, and then click Start scan. *......

Words: 487 - Pages: 2

Premium Essay

Nt Unit 6 Assignment 1

...Unit 6. Assignment 1. AD User/Group Design Scenario Dear Junior Admin, I received your E-mail and in response I recommend that you do the following. Since there is a domain for each department, such as Marketing, accessing one printer is rather easy. To start off you will need to create a group that allows access to the one printer within each department in your company. After creating each group you must then assign it to a domain local group, global group and then to a universal group. Then you will need to add it to the marketing domain local group. For HR, you will need to take all of the users within the forest and add them to a global then universal group. Proceed to take the universal group and add it to the domain local group within their domain. These users will then have access to whatever is in that universal group, therefore you must make sure that you assign the printer for them to print vacation requests to the HR department. You must take a slightly different approach for R&D. To allow access to only the server, you must first create a domain local group that has some administrative rights. Add them to a customized admins group that you have control of. You can assign these rights and permissions as you create and assign them. Remember to limit their access to their local machines only. You can do all of this through the desktop local user account settings. You may also take a different route if you choose to. This is one of the approaches you may......

Words: 288 - Pages: 2

Free Essay

Unit 6 Assignment 1

...correctly to the correct pin at each end.” The second tool is the tone generator. A tone generator is a two-piece unit that consists of a tone generator and a probe. This type of tester's primary function, amongst installers, is to identify specific locations in a punch-down block then label accordingly. According to Oliviero and Woodward (2011, p.442-443), these testers “Transmit[s] a signal, or, with an alligator clip, you connect the unit to an individual wire. The other unit is an inductive amplifier, which is a pen-like probe that emits an audible tone when touched to the other end of the conductor.” Primary functions are identify a particular cable within a bundle and to test for opens, shorts, and miswires of individual wires. Unfortunately, there is a disadvantage to using this device; time consuming. The third and final tester to be discussed are Multifunction Cable Scanners (commonly referred to as a certification tool). Alarmingly, these devices are highly expensive but are available for both copper and fiber-optic networks. Multifunction Cable Scanners (MCS) perform a series of basic tests on a cable run. These test's include wire-mapping, length, attenuation, and NEXT for copper cabling. As for fiber-optic cabling, these scanners perform optical power and signal loss tests. One great advantage to using an MCS is anyone can use it. Connect the unit to a cable, press a button and read off message after tests are completed. On the other hand, the......

Words: 399 - Pages: 2

Free Essay

Is3340 Unit 6 Assignment 1

... IS3340 Unit 6 Assignment 1 1. How much data has been modified between the last backup and the time of failure? No data should have been lost since nothing was change since the last backup and the backup would have been completed before the error occurred. 2. What images are necessary to recover the workstation? The images that are necessary would be the reimaging image along with the latest back up image available. 3. What are the steps necessary to fix the problem that cause the data loss? Verify what caused the loss by reading the logs. Determine the fix for the issue. Reimage the computer. Restore the computer to last backup state and disable the issue that caused the data loss. 4. What steps should Ken 7 take to avoid a reoccurrence of this issue in the future? Read the logs to find out what caused the issue that caused the data lose.   Right a procedure guide to prevent the issue from occurring. Alert users of the occurrence of the issue and the way to prevent the issue. (Soloman, 2001) Procedure Guide: 1. Read logs to decide what cause the issue to occur. 2. Re-Image the computer to default configuration. 3. Restore to first available backup of the system. Restore Process: 1. Right-click on your Computer desktop icon (or click Start and right-click on the Computer tab on the right pane of the menu). 2. Click on Properties. 3. Locate the System protection tab in the System Properties menu. 4. Select the hard disk that......

Words: 393 - Pages: 2

Free Essay

Unit 6 Assignment 1

...Unit 6 Assignment 1: Cable Testers In almost every application in dealing with cable installations, cable testing is a must. Some methods of testing cables include testing for attenuation, continuity testers, DC Resistance, a wire mapper and cable length. In all cable types- copper or fiber, 10BASE-T or 100BASEFX, the standards are constantly being changed and developed into a new standard for all future technologies. When testing cable, you can guarantee that the users will be satisfied when all connections prove effective for not just uninterrupted transmission but correct bandwidths to support. A wire mapper is the most common tool. It simply provides a test of a standard Cat5 cable to ensure each individual wire not only carries a strong signal through the entire length of the route, but it proves if each wire ends up in the correct pin number on the opposite end to receive the transmission. It will give the technician an idea if a cable has a short, or if it is a crossover cable. It is also very useful with telephone connections. It should be a part of each cable installation kit. Another common tool is a continuity tester. It shows if there is a direct connection between two points. If there is a closed electrical pathway for the tester to detect, then the device will make a sound. This is useful not only to test for a short, but also to determine and identify which cable is which in a closet full of many cables. This is also a very important tool in any......

Words: 437 - Pages: 2

Premium Essay

Unit 6 Assignment 1 Questions

...Unit 6 Assignment 1: Homework Learning Objectives and Outcomes Name the main events in the development of SQL statements. Run SELECT queries with wild cards, DISTINCT key word, calculations, sorting and aliasing. Run queries with the WHERE clause to filter the result sets. Use the Aggregate functions COUNT, AVG, SUM, MIN, and MAX. Assignment Requirements Answer the true-or-false questions on the next page by filling out the answer sheet. Required Resources Textbook Submission Requirements Submit your completed answer sheet to your instructor at the beginning of Unit 7. Unit 6 True/False Questions Indicate whether the following statements are true or false on the student answer sheet. 1) SQL is the programming language used to manipulate data and data objects in a relational database management system. 2) SQL is a procedural language. 3) A declarative language is a language in which you tell the computer what to do not how. 4) DML, or Data Manipulation Language, contains all the commands for selecting and modifying data. 5) DDL, or Data Definition Language, contains all the commands for selecting and modifying data. 6) The * in SELECT * clause of an SQL statement is a wildcard for returning all columns in a table. 7) The DISTINCT keyword in a SELECT statement returns only unique rows. 8) The FROM keyword is used in a SELECT clause to determine which columns are included in the query. 9) An alias in SQL is a......

Words: 363 - Pages: 2

Premium Essay

Nt2580 Unit 1

...NT2580-M1 Introduction to Information Security Unit 1: Information Systems Security Fundamentals 2015-Summer, 6/20/2015, Saturday (9:00am – 1:30pm) Student Name ___________________________________ Lesson Plan Theory (in class, Lab #2)……………………………..…………………..……...2 Reading  Kim and Solomon, Chapter 1: Information Systems Security. Objectives……………..………………….……………………………….2 Student Assignments for this Unit Unit 1 Lab Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) Lab #1: Performing Network Reconnaissance using Common Tools Overview and access vLab..............................................................................................3 Part 1: Exploring the Tools used in the Virtual Lab Environment……………16 Unit 1 Assignment Match Risks/Threats to Solutions Part 2: Connecting to a Linux Machine …………………. .........................44 Unit 1 Assignment Impact of a Data Classification Standard Part 3: Using Zenmap to Perform Basic Reconnaissance ……………………59 Appendix A. SYLLABUS………………………………………………..……..………….69 B. Forgot your password?………………………………………………..……..73 Instructor: Yingsang “Louis” HO Tel: 425-241-8080 (cell), (206) 244-3300 (school) Email: yho@itt-tech.edu NT2580_2015_Summer_M1_UNIT1.doc Page 1 of 76 Unit 1: Information Systems Security Fundamentals Learning Objective  Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts  Confidentiality, integrity, and......

Words: 3379 - Pages: 14

Free Essay

Nt2580 Unit 1 Assignment 2

...------------------------------------------------- Nt2580 - Unit 1 Assignment 2: Impact of a Data Classification Standard Richman Investments Internal Use Only Data Classification Standard Domain Effects Richman Investments has implemented an “Internal Use Only” data classification standard. This report will describe the effects of the Internal use Only Standard on our respective system domains. “Internal Use Only” sets up a restricted access security policy to our network. Any access, including from a website would require company mandated credentials to log on and enter the system. This type of policy is enforced because companies do not want to allow “free access” to their network for potential threats to their system or their security. This policy will impact three of the seven domains. These include: * User Domain * Define: This Domain defines what users have access to the information system.   * Policy Impact: The IT Team will use the User domain to define who has access to the company’s information systems. The domain will impose an acceptable use policy (AUP) that will define the permissions of what actions a user may make while inside the system. These permissions may also be defined by the data they are accessing at the time. All third party users (vendors, contractors, outside users, etc.) must also agree to the AUP. Any violation will be reported to management and/or the authorities, depending on the violation. * Workstation......

Words: 508 - Pages: 3

Free Essay

It Unit 6 Exercise 1

...1. You triangulate your research by looking for looking for information from three different and three sources are considered reliable. 2. Primary sources are actual records or artifacts while secondary sources are writings from knowledgeable people who have studied the topic. 3. Three strategies that help to narrow an internet search are using exact words, using quotations, and using plus or minus signs. 4. A few of the questions researchers should ask is if the source can be trusted, what will the author get out of this publication and do the sources clearly define fact and fiction? 5. Researchers can use documentaries, television, and radio if they are reliable sources; you use quotes and cite the sources. 6. A wiki is a more fact based source while the blog and podcast tend to be more opinion based. 7. Three of the periodical indexes available in the ITT Virtual Library are academic journals, magazines, and newspapers. 8. The information that can be found in these publications is usually more exact and current. 9. Empirical sources include observations, experiments, surveys, and interviews. Researchers use them to confirm and to challenge online and print sources. 10. One of the best benefits of conducting an interview is to gather quotes that you can use for the text of your research. 11. The strategies for conducting a follow up interview is to write down what you remember, get your quotes right, check facts, and most......

Words: 339 - Pages: 2

Free Essay

Nt2580 Unit 1 Assignment 2

...William Burns-Garcia NT 2580 Unit 1 Assignment 2 Re: Impact of a Data Classification Standard Per your request, I have included information regarding the data classification standards designed for Richman investments. This report will include information that pertains to the IT infrastructure domains and how they are affected. Though there are several, I want to concentrate on three of the most vulnerable. 1. User Domain: Of all domains, this can be the most vulnerable as it usually affects any user on the network. Most companies should have an Acceptable Use Policy (AUP) with standards that can be monitored at any time. Not only does this policy affect internal users, it should also be enforced by any outside vendors such as, off-site IT support. There should be on-going information sessions to remind users of AUP. 2. Workstation Domain: Every person with access to the network of Richman Investments must have authorized personal credentials to use a workstation assigned to them. A few exceptions can be Major IT administration and authorized upper management. A change password should be implemented no less than 45-60 days on Richman’s network. Administrative passwords should also be changed no less than 30-45 days, Since Administrative access has the most immediate vulnerability. 3. LAN Domain: The Local Area Network (LAN), which includes most things in the computer closet that helps all devices connect to the network. This domain can be vulnerable because...

Words: 364 - Pages: 2

Free Essay

Nt1310 Unit 6 Exercise 1

...NT1310 Physical Networking Unit 6 Exercise 1 Thomas Westbrook Due Date: Unit 6 Exercise 1: Connector Installation Twisted -Pair Cable * Measure the cable you want to put ends on, using a cable cutter trim off the excess * Use a cable stripper to strip about 1 ½ inches of the jacket from the end, then rotate the stripper around the cable twice to cut through the jacket * Remove the stripper and pull the trimmed jacket from the cable, so that you can see the inner conductors. Separate any visible jacket slitting cords that are present, trim it backto the edge of the jacket. * Untwist all the inner conductor pairs and spread them apart so that you can see each individual conductor * Line up the individual conductors so that the color matches the color-coding standard you are using * Trim the conductors so that the ends are even with each other, make sure that the jacketof the cable will be inside the connector. The total length of the exposed connectors after trimming should be no longer then ½ inch to 0.625 inches * Insert the conductors into the connector, make sure that all conductors line up properly with the pins as they were in the previous step. If they don’t line up, try again. Make sure to do this step carefully, it’s the last one before crimping * Carefully insert the connector and cable into the crimping tool. It has two dies that will press into the connector. Push the pins in the connector into the conductorsinside the......

Words: 421 - Pages: 2

Premium Essay

Unit 6 Research Assignment 1

...PT2520 Database Concepts Unit 6 Research Assignment 1: Explore the latest ANSI and ISO Standard True/False 23-Jul-2016 Tim Church Daigre ANSI- The American National Standards Institute (ANSI) oversees the creation, promulgation and use of thousands of norms and guidelines that directly impact businesses in nearly every sector: from acoustical devices to construction equipment, from dairy and livestock production to energy distribution, and many more. ANSI is also actively engaged in accreditation - assessing the competence of organizations determining conformance to standards. To enhance both the global competitiveness of U.S. business and the U.S. quality of life by promoting and facilitating voluntary consensus standards and conformity assessment systems, and safeguarding their integrity. ISO- International Organization for Standardization (ISO) is an independent, non-governmental international organization with a membership of 163 national standards bodies. Through its members, it brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards that support innovation and provide solutions to global challenges. Part II- The latest SQL standard was adopted in July 2003 and is often called SQL:2003. One part of the SQL standard, Part 14, SQL/XML (ISO/IEC 9075-14) was revised in 2006 and is often referenced as "SQL/XML:2006". ANSI/ISO/IEC 9075:2003, "Database Language SQL", Parts 1......

Words: 278 - Pages: 2