CST 610 Project 1
Project 1 Scenario
Company:
· A major company of your choice in the gas & oil industry
· May be real or made up
The Scenario:
· Numerous anomalies and incidents have led to separate security breaches.
· Could be caused by a single source or multiple related sources.
You:
· A newly appointed lead cybersecurity engineer
· Successful cybersecurity experience with a previous employer
· Suspect that someone, or some group, has been regularly accessing your user account and conducting unauthorized configuration changes
Desired:
Provide a convincing explanation about what happened and which convinces the leaders on what needs to be done.
· A security assessment report, or SAR, on the state of the operating systems within the organization.
· This is often the case where the company asks for something specific even if there might be other causes.
· Use your specific lab testing results at your company to show what happened.
· You know that identity management will increase the security of the overall information systems infrastructure
· A non-technical narrated presentation summarizing your thoughts for upper management so that they understand the issues and what is recommended to be done and asks them to take action.
Running Head: Security Assessment Repot (SAR) 1
Security Assessment Report (SAR) 2
Project 1 – Windows and Linux OS Security Assessment Report (SAR)
CST 610
[Your Name]
[date]
[The Security Assessment Report (SAR) is one of the main documents included in a system authorization package, along with the System Security Plan (SSP) and Plan of Actions and Milestones (POA&Ms). The purpose of a SAR is to communicate the
results of security assessments made on the information technology (IT) infrastructure including its people, processes, policies and information systems (NIST, 2018).
These documents are used to provide the Authorizing Official (AO) with necessary information on the security state and posture of the system so they can
make a risk-based decision if the system should operate or continue operations as is. The SAR provides the overall state of security of the IT infrastructure (system) detailing the system’s ability to meet the Confidentiality, Integrity, and Availability (CIA) security objectives, when protecting the data that is transmitted, stored or processed by and through the IT infrastructure.
The SAR is a document that is a snapshot in time, of the security state of the information system. The SAR is updated whenever subsequent security assessments are performed or when significant changes to the system are made. The SAR is annotated with updated versions each time it is changed and these changes are annotated within the SAR itself, to support document revision.
The key elements to a system assessment report are outlined in (NIST, 2022).
However,
for this SAR only include: Operating System (OS) Overview, OS Vulnerabilities, Assessment Methodologies, and Recommendations based on actual lab results, per this template
.]
1.0 INTRODUCTION
[Inject yourself into the given scenario and respond as the newly appointed lead cybersecurity engineer with your company in the oil and natural gas sector. Make this real, not theoretical. Provide a very short and concise summary of the scenario and what you did, what assumptions you making and what is included and what is not included.]
2.0 OS OVERVIEW
[Integrate information, research and findings from each step, including the lab, to describe and present an overview of the
current security posture as it relates to your company in the scenario. Provide a
brief definition and explanation of OSs and information systems in your company. (See Step 1, Items 1-4, repeated below.) Note that although these Items, and others to follow, may be specific questions, you are not necessarily just answering them. They are guidelines of important aspects to write about. You cover these aspects and others you believe are relevant in your writing, in the OS overview in this case. Keep this “tutorial” brief, however, since the focus of an SAR is results and action that is needed.]
1. Explain the user’s role in an OS.
2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user.
3. Describe the embedded OS.
4. Describe how the systems fit in the overall information system architecture, of which cloud computing is an emerging, distributed computing network architecture.
3.0 OS VULNERABILITIES
[Continue with a brief overview of the advantages, disadvantages, known vulnerabilities or security issues for each OS. (See the six Items in Step 2, repeated below.) A useful source for being very specific and less general is the MITRE compilation of CVEs for these OSs at
https://cve.mitre.org/
.
Common Vulnerabilities and Exposures (CVEs) identify, define and catalog publicly disclosed, hence known, cybersecurity vulnerabilities.]
1. Explain Windows vulnerabilities and Linux vulnerabilities.
2. Explain the Mac OS vulnerabilities.
3. Explain the motives and methods for intrusion of the MS and Linux operating systems.
4. Explain the types of security awareness technologies, such as intrusion detection and intrusion prevention systems.
5. Describe how and why different corporate and government systems are targets.
6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections.
In addition to discussing the above items, you may wish to use a table, such as the one below, to summarize the OS discussion for Items 1 and 2.
OSs
Advantages
Disadvantages
Known Vulnerabilities
Windows
Linux
MAC
Mobile Device OSs
Table 3.1 OS Comparison
4.0 VULNERABILITY ASSESSMENT PLAN OF ACTION AND OPENVAS
4.1 Plan
[Continue with how you will determine the security posture of your company’s OSs. (See the 3 Items from Step 3, repeated below. Discuss these as well as the strength of passwords, any Internet Information Services’ administrative vulnerabilities, SQL server administrative vulnerabilities and other security updates and management of patches, as they relate to OS vulnerabilities. Feel free to create tables as summaries of your discussion.]
1. A description of the methodology you propose to assess the vulnerabilities of the operating systems, including an explanation of how this methodology will determine the existence of those vulnerabilities in your company’s OS.
2. A description of the applicable tools to be used and any limitations of the tools and analyses, including an explanation of how your proposed applicable tools will determine the existence of those vulnerabilities in your company’s OS.
3. The projected findings from using these vulnerability assessment tools.
5.2 OpenVAS
[Provide an overview of the capabilities of the OpenVAS scanner using the following 5 Items as a guide to your discussion.]
1. OpenVAS pros and cons.
2. Specific types and categories of information provided by the tool
3. What types of issues could each of these indicate?
4. Why are each important? For example, what impact and how could they have on the company and beyond?
5. How can the reported information be used to improve security?
6.0 VULNERABILITY ASSESSMENT RESULTS
[Treat your lab experience as if you are scanning the two OSs (Windows and Linux) at your company. Addresses the two OSs which you scanned.
Include the specific results and conclusions based on your lab data. You are also responsible for providing a lab report. You may wish to include that report including your printout of each OS scan results in the Lab Report Appendix to the SAR or in a separate Word file submission. Based on the detailed lab results, prepare professional tables, charts, graphs, etc. which list, describe, clarify, etc. the issues for your OS security and vulnerability. Don’t only question “issues” identified. Sometimes understanding why a result is accepted as positive can give important insight into security, as well. You may also wish to report the results in three categories: extremely important, lesser importance and those in the middle. That lends itself to a roadmap for addressing the issues. Keep in mind having dashboard summaries for use in the recommendations section as well as your narrated presentation. Being quantitative and specific also demonstrates that you have successfully and comprehensively complete the lab.]
6.1
Windows OS Vulnerability Scan Results
You should be able to:
1. Determine if Windows administrative vulnerabilities are present.
2. Determine if weak passwords are being used on Windows accounts.
3. Report which security updates are required on each individual system.
4. Scan one or more computers by domain, IP address range or other groupings. (The tool provides a dynamic assessment of missing security updates.)
OpenVAS will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML.
6.2
Linux Vulnerability Scan Results
You should be able to:
1. Determine if Linux vulnerabilities are present.
2. Determine if weak passwords are being used on Linux systems.
3. Determine which security updates are required for the Linux systems.
4. Scan one or more computers by domain, IP address range or other groupings. (The tool provides a dynamic assessment of missing security updates.)
7.0 RECOMMENDATIONS
[Provide a detailed report and recommendations on how to make your system a more secure working environment. Your final recommendations should include which issues should be addressed, how they should be addressed, the order to address them and why (i.e., the roadmap). Convincing reasons are quantitative impact on the business vs. perhaps how “costly” it would be to take any action, i.e., risk. (See Step 6, Items 1-2, repeated below.). Consider using a summary table or tables for greater clarity than long written paragraphs. Your PowerPoint Presentation will be a non-technical summary of the SAR from which the company leadership can understand the issues and recommended actions.]
Your recommendations should
1. Provide the actual data from the tools, the status of security and patch updates, security recommendations and specific remediation guidance.
2. Include any risk assessments for each recommendation and propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it. Be sure you explain these 4 approaches to risk.
9.0 SUMMARY OF REFERENCES
[Provide your summary list of references using proper APA format. (Remember: You must also use in-line citations with proper APA format throughout the report.) I included my two references here (and inline within the SAR body) as a guide for you.]
NIST. (2018, December). Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy, Special Publication 800-37 Revision 2
. National Institute of Standards and Technology.
Retrieved from
https://csrc.nist.gov/publications/detail/sp/800-37/rev-2/final
NIST. (2022, January). Assessing Security and Privacy Controls in Information Systems and Organization, Special Publication 800-53A Revision 4.
National Institute of Standards and Technology.
Retrieved from
https://csrc.nist.gov/publications/detail/sp/800-53a/rev-5/final
APPENDIX-LAB REPORT
[Share your lab experience here or in a separate Word file submission, including screen prints and findings, to demonstrate that you performed the lab. You may wish to include printouts of each OpenVAS OS scan results.]
Guidance for Project 1
Here are some thoughts on how Project 1 can be approached and how it will be graded.
The project deliverables include (1)A Security Assessment Report or SAR on the state of the Microsoft and Linux operating systems within the fictitious organization in the scenario, (2)A non-technical narrated presentation. There is no executive summary. Your narration can be written speakers notes in the notes area. The audiences for the SAR and for the presentation are different. The SAR targets technical and non-technical leadership and the Presentation targets only the executive level which needs to know the credible essence for making their decisions.
Next go through the template I provide for your report. The template organizes your work and indicates the information to be included and follows each step of the project. It addresses Criteria 1.1. I therefore suggest that you use it. However, feel free to use any format that is well-organized and covers the desired information within the Project steps.
Now, go through each of the project Steps and begin completing the template by understanding and analyzing what you learn in each step and writing the corresponding desired material in security-professional language, being specific rather than general and citing real events and impact as appropriate. This will address Criteria 2.3 and 5.4. Professionals often include tables of results which makes comparisons and explanations easier to understand. Feel free to include tables and be sure that you explain what and the significance of the table entries are when using tables.
. Make believe that you are performing the work at the company in the scenario and finding results which identify threats, vulnerabilities and means for remediation. Use those specific results within your report. This again addresses Criteria 2.3 and 5.4.
All three Criteria are also addressed in your narrated presentation non-technical presentation to upper management/executives. Here are a few significant aspects for you to keep in mind when you create your presentation.
1. Upper-management is interested in the bottom line.
2. Help upper management understand the technical vulnerabilities you found by giving them the business impact and consequences. Giving real examples drive such impact home.
3. Help them understand that having these issues is normal for an organization and that they just need to address them in some orderly fashion.
4. Help them clearly see their required actions and/or approvals. Explicitly ask for them.
5. Remember the options are to do nothing and accept the risk, to take all actions and to take some actions. Also remember that there are often multiple actions that can be taken for a given vulnerability. Help them understand which to settle on. You can make the suggested steps clear to them at the very end.
6. Finally, simply copying sections of your report and pasting them on slides in the presentation, does not accomplish the above. You need to digest what you covered in the SAR and in business, rather than technical terms help them understand the importance and need to act and the options available and recommended to them.
~ 2 ~
Star
t Here:
The operating system (OS) of an information system contains the software that executes the critical functions of the information system. The OS manages the computer’s memory, processes, and all of its software and hardware. It allows different programs to run simultaneously and access the computer’s memory, central processing unit, and storage.
The OS coordinates all of these activities and ensures that sufficient resources are allocated. These are the fundamental processes of the information system, and if they are violated by a security breach or exploited vulnerability, that could have a significant impact on the organization.
Security for operating systems means protecting the OS components from attacks that could cause deletion, modification, or destruction of the operating system. Threats to an OS could include a breach of confidential information, unauthorized modification of data, or unauthorized destruction of data.
It is the job of the cybersecurity engineer to understand the operations and vulnerabilities of the OS (for any type of OS), and to provide mitigation, remediation, and defense against threats that would expose those vulnerabilities or attack the OS.
As you assess your company’s systems, you will likely uncover gaps and errors. These may reveal mistakes that people at the company have made which might embarrass or anger those involved. However, the trust placed in you means that you have a responsibility to report your findings fully and accurately so that you can reduce or eliminate the risk of future unauthorized access. So be fair and follow industry standards, but have the courage to be a force for positive change in your company’s cybersecurity efforts.
Step 1: Define the OS
The audience for your security assessment report (SAR) is the leadership of your company, which is made up of technical and nontechnical staff. Some of your audience will be unfamiliar with operating systems. Therefore, you will begin your report with a brief explanation of OS fundamentals and the types of information systems.
Operating System Fundamentals
An operating system (OS) is the most critical piece of software found on a computer. The operating system allows the system to deal with key tasks, such as the management of memory and processing. This makes operations possible and builds a foundation for applications to run on.
In addition, the operating system allows users to interact with hardware. Through the use of a graphic user interface (GUI), an end user can interact with the operating system, and by extension the hardware. A computer without an operating system cannot function.
Embedded OS
An embedded OS is the operating system that has been designed for use with an embedded computer system. Such systems are designed to run as efficiently as possible, using the least amount of resources to accomplish tasks. Embedded OSs are designed to be reliable, but they are not versatile. They are designed usually to work with specialized applications and hardware to accomplish specific tasks. Often, these systems are running light hardware in terms of RAM (random access memory) and ROM (read-only memory).
Applications of the OS
The requirements of the user are a primary focus in web architecture. Making sure a site meets the needs of a client and has a strong usability are keys to the approach. Since easy access to needed information is a priority for users, this approach can lead to intuitive design choices. Applications are programs that run on top of an OS.
Information System Architecture
Information system (IS) architecture is a description of the sum total of the components that make up an organizational information system. This encompasses many different parts and can include both technological aspects such as technical framework, and product technologies as well as organizational aspects, such as policy or business processes.
There are a number of ways to break IS architecture down, but it is generally made up of four layers and each can be broken down into smaller subunits. The four primary layers of information systems architecture are the business process architecture, the systems architecture, the technical architecture, and the product delivery architecture.
Cloud Computing
Cloud Computing
Source: Microsoft
Cloud computing refers to the use of remote servers over the internet (instead of via local servers or devices) for the purpose of sharing resources. According to the National Institute of Standards and Technology (Mell & Grance, 2011):
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. (p. 2)
There are several advantages to cloud computing, including ease of use and upgrades, low capital expenditure, remote access capabilities from several locations, higher security/better data recovery, and optimized use of resources.
Cloud computing servers offer three models: software as a service, or SaaS (use of Internet-based applications through web browsers); platform as a service, or PaaS (use of cloud platforms that can be used to develop applications); and infrastructure as a service, or IaaS (use of remote infrastructure to create platforms and applications).
Cloud computing is a general term for the delivery of hosted services over the internet. The use of cloud computing can increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel, or licensing new software.
Just a few examples of cloud services are:
· Dropbox
· Evernote
· Mozy
· Carbonite
· Google Docs
· Runescape
References
References
References
Mell, P., & Grance, T. (2011). Special publication 800-145:
The NIST definition of cloud computing: Recommendations of the National Institute of Standards and Technology. National Institute of Standards and Technology. nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145
Step 2: Review OS Vulnerabilities
You just summarized operating systems and information systems for leadership. In your mind, you can already hear leadership saying, “So what?” The company’s leaders are not well versed in operating systems or in the threats and vulnerabilities in them, so you decide to include in your SAR an explanation of advantages and disadvantages of the different operating systems and their known vulnerabilities.
Prepare by first reviewing the different types of vulnerabilities and intrusions explained in these resources:
Windows Vulnerabilities
The Windows-based operating systems are the most popular with business users. That means that a vulnerability found in a Windows operating system or application can have far-reaching consequences. Windows-based operating systems have more known vulnerabilities than other platforms, though it is not definitively known if this is because of the way the operating systems are designed, or simply because the popularity makes more people look for the vulnerabilities.
Linux Vulnerabilities
Not everyone is familiar with Linux-based operating systems. These open-source operating systems come in related “flavors.” Each starts with a similar Linux kernel and is then modified by a team of volunteer developers. Since each flavor of Linux has its unique features, and often purpose, there is no one set of Linux vulnerabilities. They must each be assessed on a flavor-by-flavor basis. This presents a unique set of challenges to Linux system administrators, one made more urgent by the fact that Linux is more commonly used on servers than individual desktop PCs, making the cost of an open vulnerability potentially higher.
Mac OS Vulnerabilities
Many people mistakenly believe that Mac-based operating systems, sometimes called OS X if you are referring to the current version for computers or iOS for mobile devices, are inherently secure. This is an incorrect assumption. For a long time, the best protection for Mac-based operating systems was scarcity. With a much smaller user base, fewer people were looking for vulnerabilities.
As Mac products have increased in popularity, most notably iPhone and iPad products, a growing number of vulnerabilities have been found. The perception of Macs as secured operating systems has actually been a hindrance to security efforts, as users often fail to take basic precautions such as installing antivirus software.
Like most technologies, the operating systems produced by Apple are susceptible to their own set of vulnerabilities. This is true for both Apple’s laptop and smartphone platforms. The following is an overview, with some additional resources.
An active community composed of general users and developers identifies and documents Mac OS X vulnerabilities so that they can be systematically analyzed, tracked, and addressed in future software updates. A list of the vulnerabilities identified for Mac OS X can be found on the
Common Vulnerabilities and Exposures (CVE) website
.
The vulnerability types cataloged include denial-of-service attacks, the ability to obtain sensitive information, and the ability to bypass security mechanisms.
Other sites that provide information about both operating system and application vulnerabilities are available. For example, a security engineer has posted a list of vulnerable OS X applications on his blog (Radek, 2016).
As for Apple’s smartphone platform, the public discussion following a shooting in San Bernardino, California, provided interesting insights and revealed the tension between law enforcement needs and the privacy of smartphone users. Soon after the shooting, the US Federal Bureau of Investigation (FBI) asked Apple to identify and exploit a vulnerability of its iPhone in order to unlock the shooter’s smartphone, bypassing the password and security features provided by the phone (Benner & Lichtblau, 2016). The FBI requested that Apple create a backdoor into its product’s secure system. When Apple refused, the FBI took the case to the courts in an effort to compel Apple to cooperate. During that process, however, the government was able to successfully employ a third-party organization to hack into and unlock the iPhone (Digital Trends staff, 2016). This revelation left Apple wondering what the vulnerability was that enabled the third-party organization to breach its iPhone’s security (Dave, 2016).
References
Benner, K., & Lichtblau, E. (2016, March 28). U.S. says it has unlocked iPhone without Apple.
The New York Times. https://www.nytimes.com/2016/03/29/technology/apple-iphone-fbi-justice-department-case.html
Dave, P. (2016, March 29). Apple wants the FBI to reveal how it hacked the San Bernardino killer’s iPhone.
The Los Angeles Times. https://www.latimes.com/business/technology/la-fi-tn-apple-next-steps-20160330-story.html
Digital Trends staff. (2016, April 3). Apple vs. the FBI: A complete timeline of the war over tech encryption. Digital Trends. http://www.digitaltrends.com/mobile/apple-encryption-court-order-news/
Radek. (2016, January 29). There’s a lot of vulnerable OS X applications out there [Blog post]. https://vulnsec.com/2016/osx-apps-vulnerabilities
SQL PL/SQL, XML, and Other Injections
An injection attack is a way of sneaking malicious code into an application. This is most frequently successful with data-driven applications, where the addition of new information is expected to be fairly routine. An entry field is the most common access route. Once an access route is found, code will be injected into the field and transmitted to the application.
Common languages for injection attacks include SQL and XML, though others can be used. The goals of injection attacks can vary, from spoofing an identity to tampering with data already on a system or even shutting down access to a system.
Based on what you gathered from the resources, compose the OS vulnerability section of the SAR. Be sure to:
· explain Windows vulnerabilities and Linux vulnerabilities;
· explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices;
· explain the motives and methods for intrusion of the MS and Linux operating systems;
· explain the types of security awareness technologies, such as intrusion detection and intrusion prevention systems;
· describe how and why different corporate and government systems are targets; and
· describe different types of intrusions such as SQL PL/SQL, XML, and other injections.
You will provide the company’s leadership with a brief overview of these vulnerabilities in your SAR.
Step 3: Prepare for the Vulnerability Scan
You have just finished defining the vulnerabilities an OS can have. Soon, you will perform vulnerability scanning and vulnerability assessments on the security posture of your company’s operating systems. But first, consider your plan of action. Read these two resources to be sure you fully grasp the purpose, goals, objectives, and execution of vulnerability assessments and security updates:
Vulnerability Assessments
A vulnerability assessment is a process for finding and classifying security problems in a system or network. These holes can then be patched, or associated risks can be mitigated. Not all vulnerabilities in an assessment will be treated as equal. Some vulnerabilities, usually those that are far less likely to happen, may be deprioritized. More common holes are likely to receive priority. This is also true of holes with a high risk of losing sensitive or important data, even if the vulnerability is less likely.
Patches
A patch is a piece of software that is designed to make changes to an operating system or an application in order to make it more secure by fixing a specific vulnerability. Patches can also be used to fix bugs in the software’s code, or improve the usability or performance of a piece of software. Patches are also sometimes called updates, and are not stand-alone programs. They work inside an existing piece of software.
Then provide the leadership with the following:
· A description of the methodology you propose to assess the vulnerabilities of the operating systems, including an explanation of how this methodology will determine the existence of those vulnerabilities in the your company’s OS
· A description of the applicable tools to be used and any limitations of the tools and analyses, including an explanation of how your proposed applicable tools will determine the existence of those vulnerabilities in your company’s OS
· The projected findings from using these vulnerability assessment tools
In your report, discuss the strength of passwords, any Internet Information Services’ administrative vulnerabilities, SQL server administrative vulnerabilities, and other security updates and management of patches, as they relate to OS vulnerabilities.
Step 4: Review Vulnerability Assessment Tools for OS and Applications
Vulnerability assessment is scanning a network for known security weaknesses. Vulnerability scanners are software tools designed to provide an automated method for conducting vulnerability scans across an entire network that may run into hundreds or even thousands of machines. According to EC-Council (2018), vulnerability scanners can help identify the following types of weaknesses:
· the OS version running on computers or devices
· IP and Transmission Control Protocol/User Datagram Protocol (TCP/UDP) ports that are listening
· applications installed on computers
· accounts with weak passwords
· files and folders with weak permissions
· default services and applications that might have to be uninstalled
· mistakes in the security configuration of common applications
· computers exposed to known or publicly reported vulnerabilities
Additionally, vulnerability scanners can be used to help predict the effectiveness of countermeasures (security controls) and to test the effectiveness of those controls in the production network. Further, vulnerability scanners also have limitations, primarily in that they are only as effective as the supporting databases and/or plug-ins at a point in time. Large, automated vulnerability scanning suites also require maintenance, tuning, and frequent updates to be able to detect new vulnerabilities. Finally, scanning engines are prone to both false positives and negatives. That is where you as the cybersecurity professional will apply your deep knowledge of the environment, network, and applications in use.
Two common vulnerability scanners used in industry are the free Open Source scanner
OpenVAS
, and the commercial tool, Nessus. In this lab, you will use OpenVAS. Select the following links to learn more about OpenVAS and computer networks:
OpenVAS
OpenVAS, or the Open Vulnerability Assessment System, is a scanner designed to detect security issues in servers and network devices. It is a framework of tools, most licensed under the GNU General Public License. The tools in OpenVAS scan for possible vulnerabilities and help provide a management software such as word-processing programs, spreadsheets, or databases as well as games, audio-editing software, or other pieces of software that add functionality to the computer.
OpenVAS provides an open-source suite of tools and services to support vulnerability scanning, detection , and management for networks. The central tool in this SSL-secured, service-oriented architecture is its OpenVAS scanner that executes the network vulnerability tests.
The OpenVAS framework includes the scanner, the OpenVAS Manager (provides central service controls and user management), the Greenbone Security Assistant (GSA) (provides web service interface), and the OpenVAS CLI (provides command line tool) (OpenVAS, 2016).
References
OpenVAS. (2016). About OpenVAS software. http://www.openvas.org/software.html
Computer Networks
Computer networks are collections of devices (or nodes) connected to each other via different types of communication channels to share resources. Computer networks can be categorized by their conceptual structure or topology, and by size or coverage area.
Network topology defines how the devices are connected and coverage area
defines how far apart the devices are. Coverage area refers to the geographical space, such as a room, a building, a city, or an area much larger than a city.
Coverage Area or Size
Networks can be defined as any of the following, based on their coverage area:
· PAN (personal area network)—a network of elements of one computer connected within a few feet of one another in a personal space (e.g., a computer and its printer).
· LAN (local area network)—a network of computers and network devices inside a building (home, office, school) or group of buildings. LANs are simple, cheap, and fast.
· WAN (wide area network)—a network that connects two or more local area networks (LANs) and can span large geographical areas. For example, international companies use LANs to establish networks across multiple locations to share resources.
· MAN (metropolitan area network)—a network that provides citywide coverage. MAN is now considered old-fashioned and an out-of-date terminology.
· GAN (global area network)—a network that covers the largest geographical area. The best example of a GAN is the internet, which connects computers on a global scale.
Wireless Networks
A wireless network is any type of computer network that uses wireless data connections for connecting network nodes. This means there are no physical wires or cables to connect devices.
Like wired media, wireless networks can also have different sizes and coverage areas. Wireless connections are convenient because they allow users to move around and not be tied down.
Examples of wireless networks include cell phone networks, Wi-Fi local networks, and terrestrial microwave networks (Wireless network, n.d.).
Topology
Topology defines the arrangement of network devices. In other words, topology defines the layout of the network, or the way the nodes are interconnected. One way to think about topology is to consider the different ways you can arrange tables and chairs in a room. We will look at various examples of network topologies.
Different topologies are used based on different technologies. For example, the star and tree topologies are very popular for LAN networks because of the simplicity of their configuration and implementation. However, mesh topology is heavily used in the backbones of networks and the internet due to its high performance and redundancy.
Bus
As you can see in the figure below, all the devices are connected to the same line, known as a bus, in this configuration. It is similar to different houses’ driveways connecting to the same street. This topology is not used anymore because it is inefficient and slow.
Bus Topology
Source: GW Simulations, Wikimedia Commons
Ring
The ring topology is shown below. The nodes are arranged in a ring configuration. In this topology, devices take turns using the communication channel.
Ring Topology
Source: GW Simulations, Wikipedia
Star
In this topology, a central node is used to connect all the other nodes in the network as depicted below. The central node acts like a switch, connecting all the devices. Although this topology is common, it suffers from the problem of a single point of failure. If the central node/switch fails, all the nodes attached to it fail.
Star Topology
Source: GW Simulations, Wikipedia
Tree
A tree topology organizes the layers of connections in a branching format similar to that of a tree, as shown below.
Tree Topology
Source: Wikimedia Commons
Mesh
Mesh topology, shown below, is used mostly in high-performance networks that require redundant connections. A mesh topology can be fully or partially connected.
Mesh Topology
Source: Wikimedia Commons
Hybrid
When different topologies are combined, they form a hybrid topology, as shown below.
Hybrid Topology
Source: Tsingha02, Wikimedia Commons
References
Network topology. (n.d.). In
Wikipedia. https://en.wikipedia.org/wiki/Network_topology
Your leadership will want to understand the capabilities of the OpenVAS scanner, so you will need to include that information in your Security Assessment Report (SAR).
Use the tool’s built-in checks to complete the lab. For details on accessing the lab, see the “Complete This Lab” box below.
Use OpenVAS to complete the following:
For the Windows OS:
1. Determine if Windows administrative vulnerabilities are present.
2. Determine if weak passwords are being used on Windows accounts.
3. Report which security updates are required on each individual system.
4. The tool provides a dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other groupings.
5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, the OpenVAS tool will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML.
For the Linux OS:
1. Determine if Linux vulnerabilities are present.
2. Determine if weak passwords are being used on Linux systems.
3. Determine which security updates are required for the Linux systems.
4. The tool provides a dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other groupings.
5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment.
Knowledge acquired from this Workspace exercise will help your company’s client organizations secure the computer networks’ resources and protect corporate data from being stolen.
Validate and record the benefits of using these types of tools. You will include this in the SAR.
References
EC-Council (2018). Certified Ethical Hacker (CEH) Version 10 eBook (Volumes 1 through 4). [VitalSource Bookshelf]. Retrieved from
https://bookshelf.vitalsource.com/#/books/9781635671919
Step 5: Create the Security Assessment Report
By using the OpenVAS security vulnerability assessment tool from the previous step, you now have a better understanding of your system’s security status. Use the results you obtained to create the Security Assessment Report (SAR) as part of your deliverables.
In your report to the leadership, make sure to emphasize the benefits of using the security tool, and provide recommendations based on your findings.
Remember to include analyses and conclusions in the SAR deliverable as follows:
1. After you provide a description of the methodology you used to make your security assessment, provide the actual data from the tools, the status of security and patch updates, security recommendations, and specific remediation guidance for your senior leadership.
2. Include any risk assessments associated with the security recommendations, and propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it.
Include your SAR in your final deliverable to leadership.
Step 6: Develop the Presentation
Based on what you have learned in the previous steps and your SAR, you will also develop a presentation for your company’s leadership.
Your upper-level management team is not interested in the technical report you generated from your Workspace exercise. Team members are more interested in the bottom line. You must help these nontechnical leaders understand the very technical vulnerabilities you have discovered. They need to clearly see what actions they must either take or approve. The following are a few questions to consider when creating your nontechnical presentation:
· How do you present your technical findings succinctly to a nontechnical audience? Your Workspace exercise report will span many pages, but you will probably not have more than 30 minutes for your presentation and follow-up discussion.
· How do you describe the most serious risks factually but without sounding too dramatic? No one likes to hear that the entire network has been hacked, data has been stolen, and the attackers have won. You will need to describe the seriousness of your findings while also assuring upper-level management that these are not uncommon occurrences today.
· How do your Workspace exercise results affect business operations? Make sure you are presenting these very technical results in business terms that upper-level management will understand.
· Be clear about what action you are recommending. Upper-level managers will want to understand not only what you discovered, but also what you propose as a solution. They will want to know what decisions they need to make based on your findings.
Your goal for the presentation is to convince the leadership that the company needs to adopt at least one security vulnerability assessment tool to provide an extra layer of security.
The deliverables for this project are as follows:
1. Security Assessment Report (SAR): This report should be a seven- to eight-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
2. Nontechnical presentation: This is a set of eight to 10 PowerPoint slides for upper management that summarizes your thoughts regarding the findings in your SAR.
image2
image3
image4
image5
image6
image7
image1
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
