Operating Systems Vulnerabilities (Windows and Linux) schoolwork
Assignment ID Number AFFGEHU83939HD Type of Document Essay Writing Format APA/MLA/Harvard Academic Level Masters/University References/Sources 4 References
Operating Systems Vulnerabilities (Windows and Linux) schoolwork
Project 2: Operating Systems Vulnerabilities (Windows and Linux)
Transcript: Congratulations, you are the newly appointed lead cybersecurity engineer with your company in the oil and natural gas sector.This is a senior
level position. You were hired two months ago based on your successful cybersecurity experience with a previous employer. Your technical knowledge of cybersecurity is soli
d. However, you have a lot to learn about this company’s culture, processes, and IT funding decisions, which are made by higher management. You have recently come across
numerous anomalies and incidents leading to security breaches. The incidents took place separately, and it has not been determined if they were caused by a single source o
r multiple related sources. First, a month ago, a set of three corporate database servers crashed suddenly. Then, a week ago, anomalies were found in the configuration of cer-tain server and router systems of your company.You immediately recognized that something with your IT resources was not right. You suspect that someone, or some group,
has been regularly accessing your user account and conducting unauthorized configuration changes. You meet with your leadership to discuss the vulnerabilities. They would
like you to provide a security assessment report, or SAR, on the state of the operating systems within the organization. You’re also tasked with creating a non
technical narrated presentation summarizing your thoughts. The organization uses multiple operating systems that are Microsoftbased and Linuxbased.
You will have to understand these technologies for vulnerability scanning using the tools that work best for the systems in the corporate network.You know that identity mana
gement will increase the security of the overall information systems infrastructure for the company. You also know that with a good identity management system, the security
and productivity benefits will outweigh costs incurred. This is the argument you must make to the stakeholders.
The operating system (OS) of an information system contains the software that executes the critical functions of the information system. The OS manages the computer’s
memory, processes, and all of its software and hardware. It allows different programs to run simultaneously and access the computer’s memory, central processing unit, and
storage. The OS coordinates all these activities and ensures that sufficient resources are applied. These are the fundamental processes of the information system and if they
are violated by a security breach or exploited vulnerability it has the potential to have the biggest impact on your organization.
Security for operating systems consists of protecting the OS components from attacks that could cause deletion, modification, or destruction of the operating system.
Threats to an OS could consist of a breach of confidential information, unauthorized modification of data, or unauthorized destruction of data. It is the job of the
cybersecurity engineer to understand the operations and vulnerabilities of the OS (whether it is a Microsoft, Linux, or another type of OS), and to provide mitigation,
remediation, and defense against threats that would expose those vulnerabilities or attack the OS.
Step 1: Defining the OS
The audience for your security assessment report (SAR) is the leadership of your organization, which is made up of technical and nontechnical staff. Some of your audience
will be unfamiliar with operating systems (OS). As such, you will begin your report with a brief explanation of operating systems fundamentals and the types of information
Click on and read the following resources that provide essential information you need to know before creating a thorough and accurate OS explanation:
operating systems fundamentals
the applications of the OS
The Embedded OS
information system architecture
After reviewing the resources, begin drafting the OS overview to incorporate the following:
Explain the user’s role in an OS.
Explain the differences between kernel applications of the OS and the applications installed by an organization or user.
Describe the embedded OS.
Describe how the systems fit in the overall information system architecture, of which cloud computing is an emerging, distributed computing network architecture.
Include a brief definition of operating systems and information systems in your SAR.
Step 2: OS Vulnerabilities
You just summarized operating systems and information systems for leadership. In your mind, you can already hear leadership saying “So what?” The organization’s leaders
are not well versed in operating systems and the threats and vulnerabilities in operating systems, so in your SAR, you decide to include an explanation of advantages and
disadvantages of the different operating systems and their known vulnerabilities.
Prepare by first reviewing the different types of vulnerabilities and intrusions explained in these resources:
Mac OS vulnerabilities
SQL PL/SQL, XML and other injections
Based on what you gathered from the resources, compose the OS vulnerability section of the SAR. Be sure to:
Explain Windows vulnerabilities and Linux vulnerabilities.
Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices.
Explain the motives and methods for intrusion of the MS and Linux operating systems;
Explain the types of security awareness technologies such as intrusion detection and intrusion prevention systems.
Describe how and why different corporate and government systems are targets.
Describe different types of intrusions such as SQL PL/SQL, XML, and other injections
You will provide leadership with a brief overview of vulnerabilities in your SAR.
Step 3: Preparing for the Vulnerability Scan
You have just finished defining the vulnerabilities an OS can have. Soon you will perform vulnerability scanning and vulnerability assessments on the security posture of the
organization’s operating systems. But first, consider your plan of action. Read these two resources to be sure you fully grasp the purpose, goals, objectives, and execution of
vulnerability assessments and security updates:
Then provide the leadership with the following:
Include a description of the methodology you proposed to assess the vulnerabilities of the operating systems. Provide an explanation and reasoning of how the methodology
you propose, will determine the existence of those vulnerabilities in the organization’s OS.
Include a description of the applicable tools to be used, and the limitations of the tools and analyses, if any. Provide an explanation and reasoning of how the applicable tools
to be used, you propose, will determine the existence of those vulnerabilities in the organization’s OS.
Include the projected findings from using these vulnerability assessment tools.
In your report, discuss the strength of passwords, any Internet Information Services’ administrative vulnerabilities, SQL server administrative vulnerabilities, and other security
updates and management of patches, as they relate to OS vulnerabilities.
Step 4: LAB (I will conduct the lab)
Step 5: The Security Assessment Report
By utilizing security vulnerability assessment tools, such as MBSA and OpenVAS, you now have a better understanding of your system’s security status. Based on the results
provided by these tools, as well as your learning from the previous steps, you will create the Security Assessment Report (SAR).
In your report to the leadership, emphasize the benefits of using a free security tool such as MBSA. Then make a recommendation for using these types of tools (i.e., MBSA
and OpenVAS), including the results you found for both.
Remember to include these analyses and conclusions in the SAR deliverable:
After you provide a description of the methodology you used to make your security assessment, you will provide the actual data from the tools, the status of security and
patch updates, security recommendations, and offer specific remediation guidance, to your senior leadership.
You will include any risk assessments associated with the security recommendations, and propose ways to address the risk either by accepting the risk, transferring the risk,
mitigating the risk, or eliminating the risk.
Include your SAR in your final deliverable to leadership.
Step 6: The Presentation
Based on what you have learned in the previous steps and your SAR, you will also develop a presentation for your company’s leadership.
Your upper-level management team is not interested in the technical report you generated from your Workspace exercise. They are more interested in the bottom line. You
must help these nontechnical leaders understand the very technical vulnerabilities you have discovered. They need to clearly see what actions they must either take or approve. The following are a few questions to consider when creating your nontechnical presentation:
How do you present your technical findings succinctly to a nontechnical audience? Your Workspace exercise report will span many pages, but you will probably not have more
than 30 minutes for your presentation and follow-up discussion.
How do you describe the most serious risks factually but without sounding too temperamental? No one likes to hear that their entire network has been hacked, data has been
stolen, and the attackers have won. You will need to describe the seriousness of your findings while also assuring upper-level management that these are not uncommon occurrences today.
How do your Workspace exercise results affect business operations? Make sure you are presenting these very technical results in business terms that upper-level
management will understand.
Be very clear on what you propose or recommend. Upper-level management will want to not only understand what you discovered; they will want to know what you propose
as a solution. They will want to know what decisions they need to make based on your findings.
Your goal for the presentation is to convince the leadership that adopting a security vulnerability assessment tool (such as MBSA) and providing an extra security layer is a
must for the company.
The deliverables for this project are as follows:
Security Assessment Report (SAR): This report should be a 7-8 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
Nontechnical presentation: This is a set of 8-10 PowerPoint slides for upper management that summarizes your thoughts regarding the findings in your SAR.
In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab.
Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work.
1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment.
2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem.
10.1: Identify potential threats to operating systems and the security features necessary to guard against them.
QUALITY OF RESPONSE NO RESPONSE POOR / UNSATISFACTORY SATISFACTORY GOOD EXCELLENT Content (worth a maximum of 50% of the total points) Zero points: Student failed to submit the final paper. 20 points out of 50: The essay illustrates poor understanding of the relevant material by failing to address or incorrectly addressing the relevant content; failing to identify or inaccurately explaining/defining key concepts/ideas; ignoring or incorrectly explaining key points/claims and the reasoning behind them; and/or incorrectly or inappropriately using terminology; and elements of the response are lacking. 30 points out of 50: The essay illustrates a rudimentary understanding of the relevant material by mentioning but not full explaining the relevant content; identifying some of the key concepts/ideas though failing to fully or accurately explain many of them; using terminology, though sometimes inaccurately or inappropriately; and/or incorporating some key claims/points but failing to explain the reasoning behind them or doing so inaccurately. Elements of the required response may also be lacking. 40 points out of 50: The essay illustrates solid understanding of the relevant material by correctly addressing most of the relevant content; identifying and explaining most of the key concepts/ideas; using correct terminology; explaining the reasoning behind most of the key points/claims; and/or where necessary or useful, substantiating some points with accurate examples. The answer is complete. 50 points: The essay illustrates exemplary understanding of the relevant material by thoroughly and correctly addressing the relevant content; identifying and explaining all of the key concepts/ideas; using correct terminology explaining the reasoning behind key points/claims and substantiating, as necessary/useful, points with several accurate and illuminating examples. No aspects of the required answer are missing. Use of Sources (worth a maximum of 20% of the total points). Zero points: Student failed to include citations and/or references. Or the student failed to submit a final paper. 5 out 20 points: Sources are seldom cited to support statements and/or format of citations are not recognizable as APA 6th Edition format. There are major errors in the formation of the references and citations. And/or there is a major reliance on highly questionable. The Student fails to provide an adequate synthesis of research collected for the paper. 10 out 20 points: References to scholarly sources are occasionally given; many statements seem unsubstantiated. Frequent errors in APA 6th Edition format, leaving the reader confused about the source of the information. There are significant errors of the formation in the references and citations. And/or there is a significant use of highly questionable sources. 15 out 20 points: Credible Scholarly sources are used effectively support claims and are, for the most part, clear and fairly represented. APA 6th Edition is used with only a few minor errors. There are minor errors in reference and/or citations. And/or there is some use of questionable sources. 20 points: Credible scholarly sources are used to give compelling evidence to support claims and are clearly and fairly represented. APA 6th Edition format is used accurately and consistently. The student uses above the maximum required references in the development of the assignment. Grammar (worth maximum of 20% of total points) Zero points: Student failed to submit the final paper. 5 points out of 20: The paper does not communicate ideas/points clearly due to inappropriate use of terminology and vague language; thoughts and sentences are disjointed or incomprehensible; organization lacking; and/or numerous grammatical, spelling/punctuation errors 10 points out 20: The paper is often unclear and difficult to follow due to some inappropriate terminology and/or vague language; ideas may be fragmented, wandering and/or repetitive; poor organization; and/or some grammatical, spelling, punctuation errors 15 points out of 20: The paper is mostly clear as a result of appropriate use of terminology and minimal vagueness; no tangents and no repetition; fairly good organization; almost perfect grammar, spelling, punctuation, and word usage. 20 points: The paper is clear, concise, and a pleasure to read as a result of appropriate and precise use of terminology; total coherence of thoughts and presentation and logical organization; and the essay is error free. Structure of the Paper (worth 10% of total points) Zero points: Student failed to submit the final paper. 3 points out of 10: Student needs to develop better formatting skills. The paper omits significant structural elements required for and APA 6th edition paper. Formatting of the paper has major flaws. The paper does not conform to APA 6th edition requirements whatsoever. 5 points out of 10: Appearance of final paper demonstrates the student’s limited ability to format the paper. There are significant errors in formatting and/or the total omission of major components of an APA 6th edition paper. They can include the omission of the cover page, abstract, and page numbers. Additionally the page has major formatting issues with spacing or paragraph formation. Font size might not conform to size requirements. The student also significantly writes too large or too short of and paper 7 points out of 10: Research paper presents an above-average use of formatting skills. The paper has slight errors within the paper. This can include small errors or omissions with the cover page, abstract, page number, and headers. There could be also slight formatting issues with the document spacing or the font Additionally the paper might slightly exceed or undershoot the specific number of required written pages for the assignment. 10 points: Student provides a high-caliber, formatted paper. This includes an APA 6th edition cover page, abstract, page number, headers and is double spaced in 12’ Times Roman Font. Additionally, the paper conforms to the specific number of required written pages and neither goes over or under the specified length of the paper.
GET THIS PROJECT NOW BY CLICKING ON THIS LINK TO PLACE THE ORDER
Do You Have Any Other Essay/Assignment/Class Project/Homework Related to this? Click Here Now [CLICK ME]and Have It Done by Our PhD Qualified Writers!!
Tired of getting an average grade in all your school assignments, projects, essays, and homework? Try us today for all your academic schoolwork needs. We are among the most trusted and recognized professional writing services in the market.
We provide unique, original and plagiarism-free high quality academic, homework, assignments and essay submissions for all our clients. At our company, we capitalize on producing A+ Grades for all our clients and also ensure that you have smooth academic progress in all your school term and semesters.
High-quality academic submissions, A 100% plagiarism-free submission, Meet even the most urgent deadlines, Provide our services to you at the most competitive rates in the market, Give you free revisions until you meet your desired grades and Provide you with 24/7 customer support service via calls or live chats.