Homework answers / question archive /   Project 1: Requires the Following 2 Pieces 1

  Project 1: Requires the Following 2 Pieces 1

Computer Science

Share With

Student Name: Date: Project 1: Requires the Following THREE Pieces 1. Security Assessment Report (including relevant findings from Lab) 2. Non-Technical Presentation Slides 3. Lab Experience Report with Screenshots Grade Project 1 - Evaluation Criteria 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. 5.4: Identify potential threats to operating systems and the security features necessary to guard against them Areas to Improve 1. Security Assessment Report Discuss all topics below. Consider using the topic headers as subheaders to organize your report. Purpose and Scope Based on your scenario (i.e. hypothetical or real), briefly explain why is there a need for a security assessment in your organization (purpose) and explain which components will be assessed (scope) OS Overview In your SAR, provide the leadership of your organization a brief explanation of operating systems (OS) fundamentals and information systems architectures. Include the following: 1. Explain the user's role in an OS. 2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user. 3. Describe the embedded OS. 4. Describe how operating systems fit in the overall information systems architecture, of which cloud computing is an emerging, distributed computing network architecture. OSorganization Vulnerabilities Provide the leadership of your with an overview of OS vulnerabilities to include the following: 1. Explain Windows vulnerabilities and Linux vulnerabilities. 2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices. 3. Explain the motives and methods for intrusion of MS and Linux operating systems. 4. Explain the types of security management technologies such as intrusion detection and intrusion prevention systems. 5. Describe how and why different corporate and government systems are targets. 6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections Preparing for the Vulnerability Scan Provide the leadership organization with the following: 1. Include a descriptionofofyour the methodology you proposed to assess the vulnerabilities of the operating systems. 2. Provide an explanation and reasoning of how the methodology you propose, will determine the existence of those vulnerabilities in the organization’s OS. 3. Include a description of the applicable tools to be used, limitations, and analysis. 4. Provide an explanation and reasoning of how the applicable tools you propose will determine the existence of those vulnerabilities in the organization’s OS. 5. In your report, also discuss: the strength of passwords any Internet Information Sevices' administrative vulnerabilities SQL server administrative vulnerabilities, security updates and management of patches as they relate to OS vulnerabilities Vulnerability Assessment Tools for OS and Applications (Lab) Use the vulnerability scanning tool to complete/determine the following for Window OS: 1. Determine if Windows administrative vulnerabilities are present. 2. Determine if weak passwords are being used on Windows accounts. 3. Report which security updates are required on each individual system. 4.The tool provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, a tool such as OpenVAS will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. For the Linux OS: 1. Determine if Linux vulnerabilities are present. 2. Determine if weak passwords are being used on Linux systems. 3. Determine security updates are Linux required theOpenVAS) Linux systems. 4.You noticedwhich that the tool you used for OSfor (i.e., provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5.Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment ** Findings and Recommendations 1.Include a section where the findings (i.e. your lab findings) and your recommendations are enumerated. This is an important section of your report, since your feedback/report will help the leadership of your organization allocate the necessary resources to ensure the risks you identified will be mitigated. Each finding should have a corresponding recommendation. E.g. Finding 1. It was found that …. Recommendation 1. It is recommended that …. Finding 2.... Recommendation 2...... 2. Include a brief risk assessment associated with the security recommendations to propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it. Explain your answer. Security Assessment Report Feedback 2. Presentation Slides (narration not required) Design a presentation directed to the leadership of your organization (technical and non-technical audience) that includes: 1. Title Slide 2. Use of Readable Fonts and Color 3. Summarized SAR 4. Summary of Findings and Recommendations at High Level Presentation Slides Feedback 3. Lab Experience Report Your lab report should include: 1. Summary of lab experience 2. Vulnerabilities identified and explained for both Windows and Linux systems 3. Provide screenshots of key results for both systems 4. Ensure a summary of your results is included in your SAR Lab Experience Report Feedback The "X" denotes topics that are still missing or not sufficiently addressed Student Name: Date: Project 1: Requires the Following THREE Pieces 1. Security Assessment Report (including relevant findings from Lab) 2. Non-Technical Presentation Slides 3. Lab Experience Report with Screenshots Grade Project 1 - Evaluation Criteria 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. 5.4: Identify potential threats to operating systems and the security features necessary to guard against them Areas to Improve 1. Security Assessment Report Discuss all topics below. Consider using the topic headers as subheaders to organize your report. Purpose and Scope Based on your scenario (i.e. hypothetical or real), briefly explain why is there a need for a security assessment in your organization (purpose) and explain which components will be assessed (scope) OS Overview In your SAR, provide the leadership of your organization a brief explanation of operating systems (OS) fundamentals and information systems architectures. Include the following: 1. Explain the user's role in an OS. 2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user. 3. Describe the embedded OS. 4. Describe how operating systems fit in the overall information systems architecture, of which cloud computing is an emerging, distributed computing network architecture. OSorganization Vulnerabilities Provide the leadership of your with an overview of OS vulnerabilities to include the following: 1. Explain Windows vulnerabilities and Linux vulnerabilities. 2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices. 3. Explain the motives and methods for intrusion of MS and Linux operating systems. 4. Explain the types of security management technologies such as intrusion detection and intrusion prevention systems. 5. Describe how and why different corporate and government systems are targets. 6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections Preparing for the Vulnerability Scan Provide the leadership organization with the following: 1. Include a descriptionofofyour the methodology you proposed to assess the vulnerabilities of the operating systems. 2. Provide an explanation and reasoning of how the methodology you propose, will determine the existence of those vulnerabilities in the organization’s OS. 3. Include a description of the applicable tools to be used, limitations, and analysis. 4. Provide an explanation and reasoning of how the applicable tools you propose will determine the existence of those vulnerabilities in the organization’s OS. 5. In your report, also discuss: the strength of passwords any Internet Information Sevices' administrative vulnerabilities SQL server administrative vulnerabilities, security updates and management of patches as they relate to OS vulnerabilities Vulnerability Assessment Tools for OS and Applications (Lab) Use the vulnerability scanning tool to complete/determine the following for Window OS: 1. Determine if Windows administrative vulnerabilities are present. 2. Determine if weak passwords are being used on Windows accounts. 3. Report which security updates are required on each individual system. 4.The tool provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, a tool such as OpenVAS will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. For the Linux OS: 1. Determine if Linux vulnerabilities are present. 2. Determine if weak passwords are being used on Linux systems. 3. Determine security updates are Linux required theOpenVAS) Linux systems. 4.You noticedwhich that the tool you used for OSfor (i.e., provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5.Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment ** Findings and Recommendations 1.Include a section where the findings (i.e. your lab findings) and your recommendations are enumerated. This is an important section of your report, since your feedback/report will help the leadership of your organization allocate the necessary resources to ensure the risks you identified will be mitigated. Each finding should have a corresponding recommendation. E.g. Finding 1. It was found that …. Recommendation 1. It is recommended that …. Finding 2.... Recommendation 2...... 2. Include a brief risk assessment associated with the security recommendations to propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it. Explain your answer. Security Assessment Report Feedback 2. Presentation Slides (narration not required) Design a presentation directed to the leadership of your organization (technical and non-technical audience) that includes: 1. Title Slide 2. Use of Readable Fonts and Color 3. Summarized SAR 4. Summary of Findings and Recommendations at High Level Presentation Slides Feedback 3. Lab Experience Report Your lab report should include: 1. Summary of lab experience 2. Vulnerabilities identified and explained for both Windows and Linux systems 3. Provide screenshots of key results for both systems 4. Ensure a summary of your results is included in your SAR Lab Experience Report Feedback The "X" denotes topics that are still missing or not sufficiently addressed Student Name: Date: Project 1: Requires the Following THREE Pieces 1. Security Assessment Report (including relevant findings from Lab) 2. Non-Technical Presentation Slides 3. Lab Experience Report with Screenshots Grade Project 1 - Evaluation Criteria 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. 5.4: Identify potential threats to operating systems and the security features necessary to guard against them Areas to Improve 1. Security Assessment Report Discuss all topics below. Consider using the topic headers as subheaders to organize your report. Purpose and Scope Based on your scenario (i.e. hypothetical or real), briefly explain why is there a need for a security assessment in your organization (purpose) and explain which components will be assessed (scope) OS Overview In your SAR, provide the leadership of your organization a brief explanation of operating systems (OS) fundamentals and information systems architectures. Include the following: 1. Explain the user's role in an OS. 2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user. 3. Describe the embedded OS. 4. Describe how operating systems fit in the overall information systems architecture, of which cloud computing is an emerging, distributed computing network architecture. OSorganization Vulnerabilities Provide the leadership of your with an overview of OS vulnerabilities to include the following: 1. Explain Windows vulnerabilities and Linux vulnerabilities. 2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices. 3. Explain the motives and methods for intrusion of MS and Linux operating systems. 4. Explain the types of security management technologies such as intrusion detection and intrusion prevention systems. 5. Describe how and why different corporate and government systems are targets. 6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections Preparing for the Vulnerability Scan Provide the leadership organization with the following: 1. Include a descriptionofofyour the methodology you proposed to assess the vulnerabilities of the operating systems. 2. Provide an explanation and reasoning of how the methodology you propose, will determine the existence of those vulnerabilities in the organization’s OS. 3. Include a description of the applicable tools to be used, limitations, and analysis. 4. Provide an explanation and reasoning of how the applicable tools you propose will determine the existence of those vulnerabilities in the organization’s OS. 5. In your report, also discuss: the strength of passwords any Internet Information Sevices' administrative vulnerabilities SQL server administrative vulnerabilities, security updates and management of patches as they relate to OS vulnerabilities Vulnerability Assessment Tools for OS and Applications (Lab) Use the vulnerability scanning tool to complete/determine the following for Window OS: 1. Determine if Windows administrative vulnerabilities are present. 2. Determine if weak passwords are being used on Windows accounts. 3. Report which security updates are required on each individual system. 4.The tool provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, a tool such as OpenVAS will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. For the Linux OS: 1. Determine if Linux vulnerabilities are present. 2. Determine if weak passwords are being used on Linux systems. 3. Determine security updates are Linux required theOpenVAS) Linux systems. 4.You noticedwhich that the tool you used for OSfor (i.e., provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5.Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment ** Findings and Recommendations 1.Include a section where the findings (i.e. your lab findings) and your recommendations are enumerated. This is an important section of your report, since your feedback/report will help the leadership of your organization allocate the necessary resources to ensure the risks you identified will be mitigated. Each finding should have a corresponding recommendation. E.g. Finding 1. It was found that …. Recommendation 1. It is recommended that …. Finding 2.... Recommendation 2...... 2. Include a brief risk assessment associated with the security recommendations to propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it. Explain your answer. Security Assessment Report Feedback 2. Presentation Slides (narration not required) Design a presentation directed to the leadership of your organization (technical and non-technical audience) that includes: 1. Title Slide 2. Use of Readable Fonts and Color 3. Summarized SAR 4. Summary of Findings and Recommendations at High Level Presentation Slides Feedback 3. Lab Experience Report Your lab report should include: 1. Summary of lab experience 2. Vulnerabilities identified and explained for both Windows and Linux systems 3. Provide screenshots of key results for both systems 4. Ensure a summary of your results is included in your SAR Lab Experience Report Feedback The "X" denotes topics that are still missing or not sufficiently addressed Student Name: Date: Project 1: Requires the Following THREE Pieces 1. Security Assessment Report (including relevant findings from Lab) 2. Non-Technical Presentation Slides 3. Lab Experience Report with Screenshots Grade Project 1 - Evaluation Criteria 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. 5.4: Identify potential threats to operating systems and the security features necessary to guard against them Areas to Improve 1. Security Assessment Report Discuss all topics below. Consider using the topic headers as subheaders to organize your report. Purpose and Scope Based on your scenario (i.e. hypothetical or real), briefly explain why is there a need for a security assessment in your organization (purpose) and explain which components will be assessed (scope) OS Overview In your SAR, provide the leadership of your organization a brief explanation of operating systems (OS) fundamentals and information systems architectures. Include the following: 1. Explain the user's role in an OS. 2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user. 3. Describe the embedded OS. 4. Describe how operating systems fit in the overall information systems architecture, of which cloud computing is an emerging, distributed computing network architecture. OSorganization Vulnerabilities Provide the leadership of your with an overview of OS vulnerabilities to include the following: 1. Explain Windows vulnerabilities and Linux vulnerabilities. 2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices. 3. Explain the motives and methods for intrusion of MS and Linux operating systems. 4. Explain the types of security management technologies such as intrusion detection and intrusion prevention systems. 5. Describe how and why different corporate and government systems are targets. 6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections Preparing for the Vulnerability Scan Provide the leadership organization with the following: 1. Include a descriptionofofyour the methodology you proposed to assess the vulnerabilities of the operating systems. 2. Provide an explanation and reasoning of how the methodology you propose, will determine the existence of those vulnerabilities in the organization’s OS. 3. Include a description of the applicable tools to be used, limitations, and analysis. 4. Provide an explanation and reasoning of how the applicable tools you propose will determine the existence of those vulnerabilities in the organization’s OS. 5. In your report, also discuss: the strength of passwords any Internet Information Sevices' administrative vulnerabilities SQL server administrative vulnerabilities, security updates and management of patches as they relate to OS vulnerabilities Vulnerability Assessment Tools for OS and Applications (Lab) Use the vulnerability scanning tool to complete/determine the following for Window OS: 1. Determine if Windows administrative vulnerabilities are present. 2. Determine if weak passwords are being used on Windows accounts. 3. Report which security updates are required on each individual system. 4.The tool provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, a tool such as OpenVAS will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. For the Linux OS: 1. Determine if Linux vulnerabilities are present. 2. Determine if weak passwords are being used on Linux systems. 3. Determine security updates are Linux required theOpenVAS) Linux systems. 4.You noticedwhich that the tool you used for OSfor (i.e., provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5.Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment ** Findings and Recommendations 1.Include a section where the findings (i.e. your lab findings) and your recommendations are enumerated. This is an important section of your report, since your feedback/report will help the leadership of your organization allocate the necessary resources to ensure the risks you identified will be mitigated. Each finding should have a corresponding recommendation. E.g. Finding 1. It was found that …. Recommendation 1. It is recommended that …. Finding 2.... Recommendation 2...... 2. Include a brief risk assessment associated with the security recommendations to propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it. Explain your answer. Security Assessment Report Feedback 2. Presentation Slides (narration not required) Design a presentation directed to the leadership of your organization (technical and non-technical audience) that includes: 1. Title Slide 2. Use of Readable Fonts and Color 3. Summarized SAR 4. Summary of Findings and Recommendations at High Level Presentation Slides Feedback 3. Lab Experience Report Your lab report should include: 1. Summary of lab experience 2. Vulnerabilities identified and explained for both Windows and Linux systems 3. Provide screenshots of key results for both systems 4. Ensure a summary of your results is included in your SAR Lab Experience Report Feedback The "X" denotes topics that are still missing or not sufficiently addressed Student Name: Date: Project 1: Requires the Following THREE Pieces 1. Security Assessment Report (including relevant findings from Lab) 2. Non-Technical Presentation Slides 3. Lab Experience Report with Screenshots Grade Project 1 - Evaluation Criteria 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. 5.4: Identify potential threats to operating systems and the security features necessary to guard against them Areas to Improve 1. Security Assessment Report Discuss all topics below. Consider using the topic headers as subheaders to organize your report. Purpose and Scope Based on your scenario (i.e. hypothetical or real), briefly explain why is there a need for a security assessment in your organization (purpose) and explain which components will be assessed (scope) OS Overview In your SAR, provide the leadership of your organization a brief explanation of operating systems (OS) fundamentals and information systems architectures. Include the following: 1. Explain the user's role in an OS. 2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user. 3. Describe the embedded OS. 4. Describe how operating systems fit in the overall information systems architecture, of which cloud computing is an emerging, distributed computing network architecture. OSorganization Vulnerabilities Provide the leadership of your with an overview of OS vulnerabilities to include the following: 1. Explain Windows vulnerabilities and Linux vulnerabilities. 2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices. 3. Explain the motives and methods for intrusion of MS and Linux operating systems. 4. Explain the types of security management technologies such as intrusion detection and intrusion prevention systems. 5. Describe how and why different corporate and government systems are targets. 6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections Preparing for the Vulnerability Scan Provide the leadership organization with the following: 1. Include a descriptionofofyour the methodology you proposed to assess the vulnerabilities of the operating systems. 2. Provide an explanation and reasoning of how the methodology you propose, will determine the existence of those vulnerabilities in the organization’s OS. 3. Include a description of the applicable tools to be used, limitations, and analysis. 4. Provide an explanation and reasoning of how the applicable tools you propose will determine the existence of those vulnerabilities in the organization’s OS. 5. In your report, also discuss: the strength of passwords any Internet Information Sevices' administrative vulnerabilities SQL server administrative vulnerabilities, security updates and management of patches as they relate to OS vulnerabilities Vulnerability Assessment Tools for OS and Applications (Lab) Use the vulnerability scanning tool to complete/determine the following for Window OS: 1. Determine if Windows administrative vulnerabilities are present. 2. Determine if weak passwords are being used on Windows accounts. 3. Report which security updates are required on each individual system. 4.The tool provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, a tool such as OpenVAS will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. For the Linux OS: 1. Determine if Linux vulnerabilities are present. 2. Determine if weak passwords are being used on Linux systems. 3. Determine security updates are Linux required theOpenVAS) Linux systems. 4.You noticedwhich that the tool you used for OSfor (i.e., provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5.Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment ** Findings and Recommendations 1.Include a section where the findings (i.e. your lab findings) and your recommendations are enumerated. This is an important section of your report, since your feedback/report will help the leadership of your organization allocate the necessary resources to ensure the risks you identified will be mitigated. Each finding should have a corresponding recommendation. E.g. Finding 1. It was found that …. Recommendation 1. It is recommended that …. Finding 2.... Recommendation 2...... 2. Include a brief risk assessment associated with the security recommendations to propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it. Explain your answer. Security Assessment Report Feedback 2. Presentation Slides (narration not required) Design a presentation directed to the leadership of your organization (technical and non-technical audience) that includes: 1. Title Slide 2. Use of Readable Fonts and Color 3. Summarized SAR 4. Summary of Findings and Recommendations at High Level Presentation Slides Feedback 3. Lab Experience Report Your lab report should include: 1. Summary of lab experience 2. Vulnerabilities identified and explained for both Windows and Linux systems 3. Provide screenshots of key results for both systems 4. Ensure a summary of your results is included in your SAR Lab Experience Report Feedback The "X" denotes topics that are still missing or not sufficiently addressed Student Name: Date: Project 1: Requires the Following THREE Pieces 1. Security Assessment Report (including relevant findings from Lab) 2. Non-Technical Presentation Slides 3. Lab Experience Report with Screenshots Grade Project 1 - Evaluation Criteria 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. 5.4: Identify potential threats to operating systems and the security features necessary to guard against them Areas to Improve 1. Security Assessment Report Discuss all topics below. Consider using the topic headers as subheaders to organize your report. Purpose and Scope Based on your scenario (i.e. hypothetical or real), briefly explain why is there a need for a security assessment in your organization (purpose) and explain which components will be assessed (scope) OS Overview In your SAR, provide the leadership of your organization a brief explanation of operating systems (OS) fundamentals and information systems architectures. Include the following: 1. Explain the user's role in an OS. 2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user. 3. Describe the embedded OS. 4. Describe how operating systems fit in the overall information systems architecture, of which cloud computing is an emerging, distributed computing network architecture. OSorganization Vulnerabilities Provide the leadership of your with an overview of OS vulnerabilities to include the following: 1. Explain Windows vulnerabilities and Linux vulnerabilities. 2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices. 3. Explain the motives and methods for intrusion of MS and Linux operating systems. 4. Explain the types of security management technologies such as intrusion detection and intrusion prevention systems. 5. Describe how and why different corporate and government systems are targets. 6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections Preparing for the Vulnerability Scan Provide the leadership organization with the following: 1. Include a descriptionofofyour the methodology you proposed to assess the vulnerabilities of the operating systems. 2. Provide an explanation and reasoning of how the methodology you propose, will determine the existence of those vulnerabilities in the organization’s OS. 3. Include a description of the applicable tools to be used, limitations, and analysis. 4. Provide an explanation and reasoning of how the applicable tools you propose will determine the existence of those vulnerabilities in the organization’s OS. 5. In your report, also discuss: the strength of passwords any Internet Information Sevices' administrative vulnerabilities SQL server administrative vulnerabilities, security updates and management of patches as they relate to OS vulnerabilities Vulnerability Assessment Tools for OS and Applications (Lab) Use the vulnerability scanning tool to complete/determine the following for Window OS: 1. Determine if Windows administrative vulnerabilities are present. 2. Determine if weak passwords are being used on Windows accounts. 3. Report which security updates are required on each individual system. 4.The tool provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, a tool such as OpenVAS will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. For the Linux OS: 1. Determine if Linux vulnerabilities are present. 2. Determine if weak passwords are being used on Linux systems. 3. Determine security updates are Linux required theOpenVAS) Linux systems. 4.You noticedwhich that the tool you used for OSfor (i.e., provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5.Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment ** Findings and Recommendations 1.Include a section where the findings (i.e. your lab findings) and your recommendations are enumerated. This is an important section of your report, since your feedback/report will help the leadership of your organization allocate the necessary resources to ensure the risks you identified will be mitigated. Each finding should have a corresponding recommendation. E.g. Finding 1. It was found that …. Recommendation 1. It is recommended that …. Finding 2.... Recommendation 2...... 2. Include a brief risk assessment associated with the security recommendations to propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it. Explain your answer. Security Assessment Report Feedback 2. Presentation Slides (narration not required) Design a presentation directed to the leadership of your organization (technical and non-technical audience) that includes: 1. Title Slide 2. Use of Readable Fonts and Color 3. Summarized SAR 4. Summary of Findings and Recommendations at High Level Presentation Slides Feedback 3. Lab Experience Report Your lab report should include: 1. Summary of lab experience 2. Vulnerabilities identified and explained for both Windows and Linux systems 3. Provide screenshots of key results for both systems 4. Ensure a summary of your results is included in your SAR Lab Experience Report Feedback The "X" denotes topics that are still missing or not sufficiently addressed Student Name: Date: Project 1: Requires the Following THREE Pieces 1. Security Assessment Report (including relevant findings from Lab) 2. Non-Technical Presentation Slides 3. Lab Experience Report with Screenshots Grade Project 1 - Evaluation Criteria 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. 5.4: Identify potential threats to operating systems and the security features necessary to guard against them Areas to Improve 1. Security Assessment Report Discuss all topics below. Consider using the topic headers as subheaders to organize your report. Purpose and Scope Based on your scenario (i.e. hypothetical or real), briefly explain why is there a need for a security assessment in your organization (purpose) and explain which components will be assessed (scope) OS Overview In your SAR, provide the leadership of your organization a brief explanation of operating systems (OS) fundamentals and information systems architectures. Include the following: 1. Explain the user's role in an OS. 2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user. 3. Describe the embedded OS. 4. Describe how operating systems fit in the overall information systems architecture, of which cloud computing is an emerging, distributed computing network architecture. OSorganization Vulnerabilities Provide the leadership of your with an overview of OS vulnerabilities to include the following: 1. Explain Windows vulnerabilities and Linux vulnerabilities. 2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices. 3. Explain the motives and methods for intrusion of MS and Linux operating systems. 4. Explain the types of security management technologies such as intrusion detection and intrusion prevention systems. 5. Describe how and why different corporate and government systems are targets. 6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections Preparing for the Vulnerability Scan Provide the leadership organization with the following: 1. Include a descriptionofofyour the methodology you proposed to assess the vulnerabilities of the operating systems. 2. Provide an explanation and reasoning of how the methodology you propose, will determine the existence of those vulnerabilities in the organization’s OS. 3. Include a description of the applicable tools to be used, limitations, and analysis. 4. Provide an explanation and reasoning of how the applicable tools you propose will determine the existence of those vulnerabilities in the organization’s OS. 5. In your report, also discuss: the strength of passwords any Internet Information Sevices' administrative vulnerabilities SQL server administrative vulnerabilities, security updates and management of patches as they relate to OS vulnerabilities Vulnerability Assessment Tools for OS and Applications (Lab) Use the vulnerability scanning tool to complete/determine the following for Window OS: 1. Determine if Windows administrative vulnerabilities are present. 2. Determine if weak passwords are being used on Windows accounts. 3. Report which security updates are required on each individual system. 4.The tool provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, a tool such as OpenVAS will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. For the Linux OS: 1. Determine if Linux vulnerabilities are present. 2. Determine if weak passwords are being used on Linux systems. 3. Determine security updates are Linux required theOpenVAS) Linux systems. 4.You noticedwhich that the tool you used for OSfor (i.e., provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5.Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment ** Findings and Recommendations 1.Include a section where the findings (i.e. your lab findings) and your recommendations are enumerated. This is an important section of your report, since your feedback/report will help the leadership of your organization allocate the necessary resources to ensure the risks you identified will be mitigated. Each finding should have a corresponding recommendation. E.g. Finding 1. It was found that …. Recommendation 1. It is recommended that …. Finding 2.... Recommendation 2...... 2. Include a brief risk assessment associated with the security recommendations to propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it. Explain your answer. Security Assessment Report Feedback 2. Presentation Slides (narration not required) Design a presentation directed to the leadership of your organization (technical and non-technical audience) that includes: 1. Title Slide 2. Use of Readable Fonts and Color 3. Summarized SAR 4. Summary of Findings and Recommendations at High Level Presentation Slides Feedback 3. Lab Experience Report Your lab report should include: 1. Summary of lab experience 2. Vulnerabilities identified and explained for both Windows and Linux systems 3. Provide screenshots of key results for both systems 4. Ensure a summary of your results is included in your SAR Lab Experience Report Feedback The "X" denotes topics that are still missing or not sufficiently addressed Linux screenshots Windows machine Linux machine Windows machine Tue 27 Apr, 00:19 StudentFirs Applications New Tab - Google Chrome Greenbone Security Assistx + → C A Not secure | 127.0.0.1:9392/omp?cmd=get_result&result_id=56df7986-eee8-4771-9313-c4dfobe8215d&apply_overrides=... : Greenbone Logged in as Admin admin Logout Security Assistant Tue Apr 27 04:18:43 2021 UTC Dashboard Scans Assets Secinto Configuration Extras Administration Help ? 6 ID: 56df7986-eee8-4771-9313-c4df0be8215d Created: Tue Apr 27 03:36:59 2021 Modified: Tue Apr 27 03:36:59 2021 Owner: admin Result: SSL/TLS: Report Weak Cipher Suites Vulnerability Severity O GOD Host Location Actions SSL/TLS: Report Weak Cipher Suites 4.3 (Medium) 98% 192.168.10.2 3389/tcp Summary This routine reports all Weak SSL/TLS cipher suites accepted by a service. NOTE: No severity for SMTP services with 'Opportunistic TLS' and weak cipher suites on port 25/tcp is reported. If too strong cipher suites are configured for this service the alternative would be to fall back to an even more insecure cleartext communication. Vulnerability Detection Result 'Weak' cipher suites accepted by this service via the TLSv1.2 protocol: TLS ECDHE RSA WITH RC4 128 SHA TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA TLS RSA WITH SEED_CBC_SHA Solution Solution type: Mitigation The configuration of this services should be changed so that it does not accept the listed weak cipher suites anymore. Please see the references for more resources supporting you with this task. Vulnerability Insight These rules are applied for the evaluation of the cryptographic strength: - RC4 is considered to be weak (CVE-2013-2566, CVE-2015-2808). - Ciphers using 64 bit or less are considered to be vulnerable to brute force methods and therefore considered as weak (CVE-2015-4000). 1024 bit RSA authentication is considered to be insecure and therefore as weak. - Any cipher considered to be secure for only the next 10 years is considered as medium - Any other cipher is considered as strong Vulnerability Detection Method Details: SSL/TLS: Report Weak Cipher Suites (OID: 1.3.6.1.4.1.25623.1.0.103440) Tue 27 Apr, 00:19 StudentFirs Applications New Tab - Google Chrome Greenbone Security Assistx + → C A Not secure | 127.0.0.1:9392/omp?cmd=get_result&result_id=56df7986-eee8-4771-9313-c4dfobe8215d&apply_overrides=... : Greenbone Logged in as Admin admin Logout Security Assistant Tue Apr 27 04:18:43 2021 UTC Dashboard Scans Assets Secinto Configuration Extras Administration Help ? 6 ID: 56df7986-eee8-4771-9313-c4df0be8215d Created: Tue Apr 27 03:36:59 2021 Modified: Tue Apr 27 03:36:59 2021 Owner: admin Result: SSL/TLS: Report Weak Cipher Suites Vulnerability Severity O GOD Host Location Actions SSL/TLS: Report Weak Cipher Suites 4.3 (Medium) 98% 192.168.10.2 3389/tcp Summary This routine reports all Weak SSL/TLS cipher suites accepted by a service. NOTE: No severity for SMTP services with 'Opportunistic TLS' and weak cipher suites on port 25/tcp is reported. If too strong cipher suites are configured for this service the alternative would be to fall back to an even more insecure cleartext communication. Vulnerability Detection Result 'Weak' cipher suites accepted by this service via the TLSv1.2 protocol: TLS ECDHE RSA WITH RC4 128 SHA TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA TLS RSA WITH SEED_CBC_SHA Solution Solution type: Mitigation The configuration of this services should be changed so that it does not accept the listed weak cipher suites anymore. Please see the references for more resources supporting you with this task. Vulnerability Insight These rules are applied for the evaluation of the cryptographic strength: - RC4 is considered to be weak (CVE-2013-2566, CVE-2015-2808). - Ciphers using 64 bit or less are considered to be vulnerable to brute force methods and therefore considered as weak (CVE-2015-4000). 1024 bit RSA authentication is considered to be insecure and therefore as weak. - Any cipher considered to be secure for only the next 10 years is considered as medium - Any other cipher is considered as strong Vulnerability Detection Method Details: SSL/TLS: Report Weak Cipher Suites (OID: 1.3.6.1.4.1.25623.1.0.103440) Applications New Tab - Google Chrome AMB Tue 27 Apr, 00:30 Student First Greenbone Security Assist X + f = A Not secure | 127.0.0.1:9392/omp?cmd=get_result&result_id=d25cc246-d5af-45cb-837b-d62d28228ee4&apply_overrides=... Greenbone Logged in as Admin admin Logout Security Assistant Tue Apr 27 04:29:35 2021 UTC Dashboard Scans Assets Secinfo Configuration Extras Administration Help 2016 ID: d25cc246-d5af-45cb-837b-d62d28228ee4 Created: Tue Apr 27 03:36:59 2021 Modified: Tue Apr 27 03:36:59 2021 Owner: admin Result: SSH Weak Encryption Algorithms Supported Severity O QOD Host Location Actions Vulnerability SSH Weak Encryption Algorithms Supported 4.3 (Medium) 95% 192.168.10.2 22/tcp Summary The remote SSH server is configured to allow weak encryption algorithms. Vulnerability Detection Result The following weak client-to-server encryption algorithms are supported by the remote service: 3des-cbc aes 128-cbc aes 192-cbc aes256-cbc blowfish-cbc cast128-cbc The following weak server-to-client encryption algorithms are supported by the remote service: 3des-cbc aes 128-cbc aes 192-cbc aes 256-cbc blowfish-cbc cast128-cbc Solution Solution type: Mitigation Disable the weak encryption algorithms. Vulnerability Insight The arcfour cipher is the Arcfour stream cipher with 128-bit keys. The Arcfour cipher is believed to be compatible with the RC4 cipher (SCHNEIER]. Arcfour (and RC4) has problems with weak keys, and should not be used anymore. The 'none algorithm specifies that no encryption is to be done. Note that this method provides no confidentiality protection, and it is NOT RECOMMENDED to use it. A vulnerability exists in SSH messages that employ CBC mode that may allow an attacker to recover plaintext from a block of ciphertext. Dashboard Scans Assets Secinfo Configuration Extras Administration Help Results (18 of 18) Results by Severity Class (Total: 18) Results vulnerability word cloud Results by CVSS (Total: 18) Medium Log 18 - 16 14 - 12- A g 8 10 - Cipher Suites Certificate Reporting Report SSL/TLS Services Detection 8- 6 17 4 2- 1 N/A 0 1 2 T 3 T 4 T 5 6 7 T 8 9 10 1 - 10 of 18 - OQOD Host Location Created Vulnerability CPE Inventory Unknown OS and Service Banner Reporting Severity 0.0 (Log) 80% 192.168.10.4 general/CPE-T 655/tcp Sat May 1 22:04:47 2021 Sat May 1 22:04:06 2021 0.0 (Log) 80% 192.168.10.4 5.0 (Medium) 80% 192.168.10.4 135/tcp 0.0 (Log) 98% 192.168.10.4 DCE/RPC and MSRPC Services Enumeration Reporting SSL/TLS: Report Supported Cipher Suites SSL/TLS: Report Medium Cipher Suites SSL/TLS: Report Non Weak Cipher Suites 0.0 (Log) 98% 192.168.10.4 0.0 (Log) 98% 192.168.10.4 Sat May 1 22:01:47 2021 Sat May 1 22:01:47 2021 Sat May 1 22:01:47 2021 Sat May 1 22:01:36 2021 Sat May 1 22:01:27 2021 Sat May 1 22:01:16 2021 Sat May 1 22:01:16 2021 Sat May 1 22:01:07 2021 Traceroute 0.0 (Log) 80% 3389/tcp 3389/tcp 3389/tcp general/tcp general/icmp 3389/tcp general/tcp 192.168.10.4 0.0 (Log) 80% 192.168.10.4 ICMP Timestamp Detection SSL/TLS: Report Perfect Forward Secrecy (PFS) Cipher Suites OS Detection Consolidation and Reporting 0.0 (Log) 98% 192.168.10.4 0.0 (Log) 80% 192.168.10.4 VApply to page conte... (Applied filter: min_god=70 apply_overrides=1 autofp=0 rows=10 sort-reverse created first=1) 1 - 10 of 18 Not secure 127.0.0.1:9392/omp?cmdget_result&result_id=6776bici-TbCa-4910-18T3-34dbccT9813T&token=566628ca-80... W7 Greenbone Security Assistant Logged in as Admin admin Logout Sat May 1 22:20:49 2021 UTC Dashboard Scans Assets Secinfo Configuration Extras Administration Help ?. ID: 6776b1c1-fbcd-4910-b8f3-34dbccf98f3f Created: Sat May 1 22:01:47 2021 Modified: Sat May 1 22:01:47 2021 Owner: admin Result: SSL/TLS: Report Supported Cipher Suites Vulnerability Severity OlQOD Host Location Actions SSL/TLS: Report Supported Cipher Suites 0.0 (Log) 98% 192.168.10.4 3389/tcp Summary This routine reports all SSL/TLS cipher suites accepted by a service. As the NVT 'SSL/TLS: Check Supported Cipher Suites' (OID: 1.3.6.1.4.1.25623.1.0.900234) might run into a timeout the actual reporting of all accepted cipher suites takes place in this NVT instead. The script preference 'Report timeout' allows you to configure if such an timeout is reported. Vulnerability Detection Result No 'Strong' cipher suites accepted by this service via the TLSv1.o protocol. 'Medium' cipher suites accepted by this service via the TLSv1.o protocol: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS ECDHE RSA WITH AES 256 CBC_SHA TLS RSA WITH 3DES EDE CBC SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS RSA WITH AES 256 CBC SHA No 'Weak' cipher suites accepted by this service via the TLSv1.o protocol. No 'Null' cipher suites accepted by this service via the TLSv1.o protocol. No 'Anonymous' cipher suites accepted by this service via the TLSv1.o protocol. No 'Strong' cipher suites accepted by this service via the TLSv1.1 protocol. 'Medium' cipher suites accepted by this service via the TLSv1.1 protocol: TLS ECDHE RSA WITH AES 128 CBC SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_DES_EDE_CBC_SHA TLS RSA WITH AES 128 CBC SHA TLS RSA WITH_AES 256_CBC_SHA No 'Weak' cipher suites accepted by this service via the TLSv1.1 protocol. No 'Null' cipher suites accepted by this service via the TLSv1.1 protocol. Dashboard Scans Assets SecInfo Configuration Extras Administration Help summary This routine reports all Non Weak SSL/TLS cipher suites accepted by a service. Vulnerability Detection Result 'Non Weak' cipher suites accepted by this service via the TLSv1.o protocol: TLS ECDHE RSA WITH_AES 128 CBC_SHA TLS ECDHE RSA WITH AES 256 CBC_SHA TLS RSA WITH 3DES EDE CBC SHA TLS RSA WITH AES 128 CBC SHA TLS_RSA_WITH_AES 256_CBC_SHA 'Non Weak' cipher suites accepted by this service via the TLSv1.1 protocol: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHERSA WITH_AES_256_CBC_SHA TLS_RSA WITH_3DES EDE_CBC_SHA TLS_RSA WITH_AES_128_CBC_SHA TLS RSA WITH AES 256 CBC SHA "Non Weak' cipher suites accepted by this service via the TLSv1.2 protocol: TLS_DHERSA_WITH_AES_128_GCM SHA256 TLS_DHE RSA_WITH_AES 256 GCM SHA384 TLS ECDHE RSA WITH AES 128 CBC SHA TLS ECDHE RSA WITH AES 128 CBC SHA256 TLS ECDHE RSA WITH AES 128 GCM SHA256 TLS ECDHE RSA WITH AES 256 CBC SHA TLS ECDHE RSA WITH AES 256CBC SHA384 TLS ECDHE RSA WITH AES 256 GCM SHA384 TLS RSA WITH 3DES EDE CBC SHA TLS RSA WITH AES 128 CBC SHA TLS RSA WITH AES 128 CBC SHA256 TLS RSA WITH AES 128 GCM SHA256 TLS RSA WITH AES 256 CBC SHA TLS RSA WITH AES 256 CBC SHA256 TLS_RSA WITH_AES 256 GCM SHA384 Log Method Details: SSL/TLS: Report Non Weak Cipher Suites (OID: 1.3.6.1.4.1.25623.1.0.103441) Version used: $Revision: 4736 $ User Tags (none) 7:55 0 OBX ? 5G..! fx 55 56 A ?. mun your pm u m0i Devur WinM6 VVTOMI Findings and Recommendations 1.Include a section where the findings (i.e. your lab findings) and your recommendations are enumerated. This is an important section of your report, since your feedback/report will help the leadership of your organization allocate the necessary resources to ensure the risks you identified will be mitigated. Each finding should have a corresponding recommendation. E.g. Finding 1. It was found that .... Recommendation 1. It is recommended that Finding 2.... Recommendation 2...... 2. Include a brief risk assessment associated with the security recommendations to propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it. Explain your answer. Security Assessment Report Feedback 2. Presentation Slides (narration not required) Design a presentation directed to the leadership of your organization (technical and non-technical audience) that includes: 1. Title Slide 57 58 59 60 61 62 63 64 65 66 67 68 2. Use of Readable Fonts and Color 3. Summarized SAR 4. Summary of Findings and Recommendations at High Level Presentation Slides Feedback 3. Lab Experience Report Your lab report should include: 1. Summary of lab experience 2. Vulnerabilities identified and explained for both Windows and Linux systems 3. Provide screenshots of key results for both systems 4. Ensure a summary of your results is included in your SAR Lab Experience Report Feedback 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 II Project 1 + III O ( T 7:55 5Gul AQ Project 1 Grading Checklist - Saved ? O a b 8 fx > A 3 4 5 6 7 8 Project 1: Requires the Following THREE Pieces 1. Security Assessment Report (including relevant findings from Lab) 2. Non-Technical Presentation Slides 3. Lab Experience Report with Screenshots Project 1 - Evaluation Criteria 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. 5.4: Identify potential threats to operating systems and the security features necessary to guard against them 9 10 11 12 13 14 15 16 17 18 19 20 21 1. Security Assessment Report Discuss all topics below. Consider using the topic headers as subheaders to organize your report. Purpose and Scope Based on your scenario (i.e. hypothetical or real), briefly explain why is there a need for a security assessment in your organization (purpose) and explain which components will be assessed (scope) OS Overview In your SAR, provide the leadership of your organization a brief explanation of operating systems (OS) fundamentals and information systems architectures. Include the following: 1. Explain the user's role in an OS. 2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user. 3. Describe the embedded OS. 4. Describe how operating systems fit in the overall information systems architecture, of which cloud computing is an emerging, distributed computing network architecture. OS Vulnerabilities vulnerabilities to include the following: 1. Explain Windows vulnerabilities and Linux vulnerabilities. 2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices. 3. Explain the motives and methods for intrusion of MS and Linux operating systems. 4. Explain the types of security management technologies such as intrusion detection and intrusion prevention systems. 5. Describe how and why different corporate and government systems are targets. 6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections 22 23 24 25 26 27 28 29 30 Project 1 + III O ( T 7:55 0 OOK ir 5Gull fx A 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 Preparing for the Vulnerability Scan Provide the leadership of your organization with the following: vulnerabilities of the operating systems. 2. Provide an explanation and reasoning of how the methodology you propose, will determine the existence of those vulnerabilities in the rganization's OS. 3. Include a description of the applicable tools to be used, limitations, and analysis. 4. Provide an explanation and reasoning of how the applicable tools you propose will determine the existence of those vulnerabilities in the organization's OS. 5. In your report, also discuss: the strength of passwords any Internet Information Sevices' administrative vulnerabilities SQL server administrative vulnerabilities, security updates and management of patches as they relate to OS vulnerabilities Vulnerability Assessment Tools for OS and Applications (Lab) Use the vulnerability scanning tool to complete/determine the following for Window OS: 1. Determine if Windows administrative vulnerabilities are present. 2. Determine if weak passwords are being used on Windows accounts. 3. Report which security updates are required on each individual system. 4.The tool provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, a tool such as OpenVAS will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. For the Linux OS: 1. Determine if Linux vulnerabilities are present. 2. Determine if weak passwords are being used on Linux systems. 3. Determine which security updates are required for the Linux systems. 4. You noticed that the tool you used for Linux OS (1.e., OpenVAS) provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. 5.Once complete, provide a detailed report and recommendations on how to make your system orking environment ** Findings and Recommendations 1.Include a section where the findings (i.e. your lab findings) and your recommendations are enumerated. This is an important section of your report, since your feedback/report will help the leadership of your organization allocate the necessary resources to ensure the risks you identified will be mitigated. Each finding should have a corresponding recommendation. E.g. Finding 1. It was found that .... Recommendation 1. It is recommended that Finding 2.... Recommendation 2...... II a brief risk assessment associated with the security adations to propose ways to address the risk either by accepting 47 48 49 50 51 52 53 54 more seci 55 56 Project 1 + III O ( T 7:55 0 OBX ? 5G..! fx 55 56 A ?. mun your pm u m0i Devur WinM6 VVTOMI Findings and Recommendations 1.Include a section where the findings (i.e. your lab findings) and your recommendations are enumerated. This is an important section of your report, since your feedback/report will help the leadership of your organization allocate the necessary resources to ensure the risks you identified will be mitigated. Each finding should have a corresponding recommendation. E.g. Finding 1. It was found that .... Recommendation 1. It is recommended that Finding 2.... Recommendation 2...... 2. Include a brief risk assessment associated with the security recommendations to propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it. Explain your answer. Security Assessment Report Feedback 2. Presentation Slides (narration not required) Design a presentation directed to the leadership of your organization (technical and non-technical audience) that includes: 1. Title Slide 57 58 59 60 61 62 63 64 65 66 67 68 2. Use of Readable Fonts and Color 3. Summarized SAR 4. Summary of Findings and Recommendations at High Level Presentation Slides Feedback 3. Lab Experience Report Your lab report should include: 1. Summary of lab experience 2. Vulnerabilities identified and explained for both Windows and Linux systems 3. Provide screenshots of key results for both systems 4. Ensure a summary of your results is included in your SAR Lab Experience Report Feedback 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 II Project 1 + III O ( T