07 Jun This week, you will submit the second project, VM Scanner Background Report, based on the Nessus Report. As you are writing your report, you may want
will provide the for part one in the answer template.
This week, you will submit the second project, VM Scanner Background Report, based on the Nessus Report. As you are writing your report, you may want to refer back to the CEO’s video in Week 1 to make sure your analysis and recommendations align with the CEO’s priorities and concerns.
You should link your analysis to the kinds of organizational functions and data associated with a transportation company (e.g., protecting order data, customer lists, sales leads, Payment Card Industry (PCI) compliance for processing credit, proprietary software, etc.) and provide your recommendation if Mercury USA should purchase the Nessus tool. This report should be four to six pages in length and include a title/cover page. Include in-text citations and a reference page with three quality sources in a citation style of your choice.
Delete the instructional text from the template before you submit.
When you are finished, click “add a file” to upload your work, then click the Submit button
VM Scanner Background Report
<Student Name>
CMIT 421 <Section #xxxx> Threat Management and Vulnerability Assessment
<Date>
Introduction
Provide an introduction that includes what you intend to cover in the background paper. Ensure you are specific and define your purpose clearly.
Part 1: Nessus Vulnerability Report Analysis
In this section, analyze and interpret the results of the report to give your boss a clear picture of the Mercury USA’s potential vulnerabilities.
As you analyze the report, address the following points:
· Is it appropriate to distribute the report as is, or do you need to interpret the report, attach meaning before sending to management? Explain why or why not.
· What is your overall impression of the tool’s output? Is it easy to interpret, well-organized, include enough detail, too much detail?
· Does the tool provide enough reporting detail for you as the analyst to focus on the relevant vulnerabilities for Mercury USA?
· Name the three most important vulnerabilities in this system for Mercury USA. Why are they the most critical?
· How does the report provide enough information to address and remediate the three most important vulnerabilities?
|
Take Note: Judy has asked you to provide a screenshot to help her understand what the Nessus report looks like. Screenshot Instructions 1. Open Lab 4.5.x, “Conducting Vulnerability Scans” within the uCertify Pearson CompTIA Cybersecurity Analyst (CySA+) content 1. After Step 25, click on the scan “General Scan” 1. Click the Report button dropdown and choose HTML 1. In the “Generate HTML Report” dialog, click the Generate Report button 1. Open the report from the browser’s download bar at the bottom of the screen 1. Click the Show Details button 1. Take a full window screenshot that includes the date/time of the report and the date/time area of the VM’s taskbar (refer to the example below) Note: This portion of the background paper also helps determine that your submission is unique. Thus, you must include the specific screenshot as seen below or your project will not be accepted. |
<insert your screenshot here>
Part 2: The Business Case
|
Keep these issues in mind as you address the two questions below: · Think back to the video from Mercury USA’s CEO. What were his main areas of concern? · What is the industry/function of the organization? · What kinds of data might be important to the organization? |
What is your assessment of the Mercury USA’s overall current security posture? What information in the vulnerability scans supports your assessment?
Based on the vulnerabilities present in the reports and the information available about them, what threats might an adversary or black hat hacker try to use against the organization to exfiltrate data or hold it for ransom?
Part 3: Nessus Purchase Recommendation
State your case for your recommendation of the Nessus commercial vulnerability scanner. Be sure to address the following questions:
· Do you think the overall presentation and scoring features are adequate for technical professionals?
· How can this tool help Mercury USA comply with regulatory and standards requirements?
· What is the cost to license the tool? Does the usability, support, and efficacy of the tool warrant the cost?
· Do you think the Nessus report is understandable/suitable for management? Explain why or why not.
· Would you recommend that Mercury USA purchase the tool? Provide your rationale for this recommendation.
Conclusion
Provide a conclusion of at least a paragraph summarizing your analysis of the Nessus vulnerability report, your purchase recommendation, and why your purchase recommendation is beneficial for employees, management, and the organization.
References
Use in-text citations in the body of your memorandum as appropriate. Add all sources you used here. This example citation uses IEEE style. Use a style of your choice or ask your instructor for clarification. When using the associated course content, ensure you cite to the chapter level. An example IEEE citation is provided below for your reference.
[1] "Chapter 5: Implementing an Information Security Vulnerability Management Process", Pearson CompTIA Cybersecurity Analyst (CySA+), 2020. [Online]. Available: https://www.ucertify.com/. [Accessed: 28-Apr-2020].
,
Report generated by Nessus™
Expand All|Collapse All
My Basic Network Scan Wed, 08 Apr 2020 09:12:48 Pacific Standard Time
TABLE OF CONTENTS
Hosts Executive Summary
192.168.1.10
192.168.1.25
192.168.1.30
192.168.1.100
Hosts Executive Summary
192.168.1.10
0 1 1 0 22 CRITICAL HIGH MEDIUM LOW INFO
Severity CVSS Plugin Name
HIGH 9.3 97833 MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION) (ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya) (uncredentialed check)
MEDIUM 5.0 57608 SMB Signing not required
INFO N/A 45590 Common Platform Enumeration (CPE)
INFO N/A 10736 DCE Services Enumeration
INFO N/A 54615 Device Type
INFO N/A 35716 Ethernet Card Manufacturer Detection
INFO N/A 86420 Ethernet MAC Addresses
INFO N/A 12053 Host Fully Qualified Domain Name (FQDN) Resolution
INFO N/A 117886 Local Checks Not Enabled (info)
INFO N/A 10394 Microsoft Windows SMB Log In Possible
INFO N/A 10785 Microsoft Windows SMB NativeLanManager Remote System Information Disclosure
INFO N/A 26917 Microsoft Windows SMB Registry : Nessus Cannot Access the Windows Registry
INFO N/A 11011 Microsoft Windows SMB Service Detection
INFO N/A 100871 Microsoft Windows SMB Versions Supported (remote check)
INFO N/A 106716 Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check)
INFO N/A 11219 Nessus SYN scanner
Hide Details
INFO N/A 19506 Nessus Scan Information
INFO N/A 110723 No Credentials Provided
INFO N/A 11936 OS Identification
INFO N/A 96982 Server Message Block (SMB) Protocol Version 1 Enabled (uncredentialed check)
INFO N/A 25220 TCP/IP Timestamps Supported
INFO N/A 10287 Traceroute Information
INFO N/A 20094 VMware Virtual Machine Detection
INFO N/A 10150 Windows NetBIOS / SMB Remote Host Information Disclosure
192.168.1.25
0 1 2 2 43 CRITICAL HIGH MEDIUM LOW INFO
Severity CVSS Plugin Name
HIGH 7.5 42411 Microsoft Windows SMB Shares Unprivileged Access
MEDIUM 5.0 57608 SMB Signing not required
MEDIUM 4.3 90317 SSH Weak Algorithms Supported
LOW 2.6 70658 SSH Server CBC Mode Ciphers Enabled
LOW 2.6 71049 SSH Weak MAC Algorithms Enabled
INFO N/A 10114 ICMP Timestamp Request Remote Date Disclosure
INFO N/A 18261 Apache Banner Linux Distribution Disclosure
INFO N/A 48204 Apache HTTP Server Version
INFO N/A 39519 Backported Security Patch Detection (FTP)
INFO N/A 39520 Backported Security Patch Detection (SSH)
INFO N/A 39521 Backported Security Patch Detection (WWW)
INFO N/A 45590 Common Platform Enumeration (CPE)
INFO N/A 54615 Device Type
INFO N/A 35716 Ethernet Card Manufacturer Detection
INFO N/A 86420 Ethernet MAC Addresses
INFO N/A 10092 FTP Server Detection
INFO N/A 43111 HTTP Methods Allowed (per directory)
INFO N/A 10107 HTTP Server Type and Version
INFO N/A 24260 HyperText Transfer Protocol (HTTP) Information
INFO N/A 117886 Local Checks Not Enabled (info)
INFO N/A 17651 Microsoft Windows SMB : Obtains the Password Policy
INFO N/A 10394 Microsoft Windows SMB Log In Possible
INFO N/A 10859 Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration
INFO N/A 10785 Microsoft Windows SMB NativeLanManager Remote System Information Disclosure
INFO N/A 11011 Microsoft Windows SMB Service Detection
INFO N/A 60119 Microsoft Windows SMB Share Permissions Enumeration
INFO N/A 10395 Microsoft Windows SMB Shares Enumeration
INFO N/A 100871 Microsoft Windows SMB Versions Supported (remote check)
INFO N/A 106716 Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check)
INFO N/A 11219 Nessus SYN scanner
INFO N/A 19506 Nessus Scan Information
INFO N/A 110723 No Credentials Provided
INFO N/A 11936 OS Identification
INFO N/A 10860 SMB Use Host SID to Enumerate Local Users
INFO N/A 70657 SSH Algorithms and Languages Supported
INFO N/A 10881 SSH Protocol Versions Supported
INFO N/A 10267 SSH Server Type and Version Information
INFO N/A 25240 Samba Server Detection
INFO N/A 104887 Samba Version
INFO N/A 96982 Server Message Block (SMB) Protocol Version 1 Enabled (uncredentialed check)
INFO N/A 22964 Service Detection
INFO N/A 25220 TCP/IP Timestamps Supported
INFO N/A 10287 Traceroute Information
INFO N/A 66293 Unix Operating System on Extended Support
INFO N/A 20094 VMware Virtual Machine Detection
INFO N/A 10150 Windows NetBIOS / SMB Remote Host Information Disclosure
INFO N/A 66717 mDNS Detection (Local Network)
INFO N/A 52703 vsftpd Detection
Hide Details
192.168.1.30
5 1 12 2 57 CRITICAL HIGH MEDIUM LOW INFO
Severity CVSS Plugin Name
CRITICAL 10.0 51988 Bind Shell Backdoor Detection
CRITICAL 10.0 32314 Debian OpenSSH/OpenSSL Package Random Number Generator Weakness
CRITICAL 10.0 32321 Debian OpenSSH/OpenSSL Package Random Number Generator Weakness (SSL check)
CRITICAL 10.0 11356 NFS Exported Share Information Disclosure
CRITICAL 10.0 33850 Unix Operating System Unsupported Version Detection
HIGH 7.1 20007 SSL Version 2 and 3 Protocol Detection
MEDIUM 6.4 51192 SSL Certificate Cannot Be Trusted
MEDIUM 6.4 57582 SSL Self-Signed Certificate
MEDIUM 6.1 104743 TLS Version 1.0 Protocol Detection
MEDIUM 5.0 11213 HTTP TRACE / TRACK Methods Allowed
MEDIUM 5.0 42256 NFS Shares World Readable
MEDIUM 5.0 57608 SMB Signing not required
MEDIUM 5.0 15901 SSL Certificate Expiry
MEDIUM 5.0 45411 SSL Certificate with Wrong Hostname
MEDIUM 5.0 42873 SSL Medium Strength Cipher Suites Supported (SWEET32)
MEDIUM 4.3 90317 SSH Weak Algorithms Supported
MEDIUM 4.3 65821 SSL RC4 Cipher Suites Supported (Bar Mitzvah)
MEDIUM 4.3 78479 SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)
LOW 2.6 70658 SSH Server CBC Mode Ciphers Enabled
LOW 2.6 71049 SSH Weak MAC Algorithms Enabled
INFO N/A 10114 ICMP Timestamp Request Remote Date Disclosure
INFO N/A 10223 RPC portmapper Service Detection
INFO N/A 21186 AJP Connector Detection
INFO N/A 18261 Apache Banner Linux Distribution Disclosure
INFO N/A 48204 Apache HTTP Server Version
INFO N/A 84574 Backported Security Patch Detection (PHP)
INFO N/A 39520 Backported Security Patch Detection (SSH)
INFO N/A 39521 Backported Security Patch Detection (WWW)
INFO N/A 45590 Common Platform Enumeration (CPE)
INFO N/A 10028 DNS Server BIND version Directive Remote Version Detection
INFO N/A 11002 DNS Server Detection
INFO N/A 72779 DNS Server Version Detection
INFO N/A 35371 DNS Server hostname.bind Map Hostname Disclosure
INFO N/A 54615 Device Type
INFO N/A 35716 Ethernet Card Manufacturer Detection
INFO N/A 86420 Ethernet MAC Addresses
INFO N/A 10092 FTP Server Detection
INFO N/A 10107 HTTP Server Type and Version
INFO N/A 24260 HyperText Transfer Protocol (HTTP) Information
INFO N/A 11156 IRC Daemon Version Detection
INFO N/A 117886 Local Checks Not Enabled (info)
INFO N/A 11011 Microsoft Windows SMB Service Detection
INFO N/A 106716 Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check)
INFO N/A 10437 NFS Share Export List
INFO N/A 11219 Nessus SYN scanner
INFO N/A 19506 Nessus Scan Information
INFO N/A 110723 No Credentials Provided
INFO N/A 11936 OS Identification
INFO N/A 50845 OpenSSL Detection
INFO N/A 48243 PHP Version Detection
INFO N/A 118224 PostgreSQL STARTTLS Support
INFO N/A 26024 PostgreSQL Server Detection
INFO N/A 22227 RMI Registry Detection
INFO N/A 11111 RPC Services Enumeration
INFO N/A 53335 RPC portmapper (TCP)
INFO N/A 10263 SMTP Server Detection
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteEdu. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
Do you need help with this question?
Get assignment help from WriteEdu.com Paper Writing Website and forget about your problems.
WriteEdu provides custom & cheap essay writing 100% original, plagiarism free essays, assignments & dissertations.
With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Chat with us today! We are always waiting to answer all your questions.