Computer Science Homework Help

Transcript.

undefined

Operating Systems Vulnerabilities

undefined

Congratulations. You are the newly appointed lead cybersecurity engineer with your company in the oil and natural gas sector. This is a senior-level position.

undefined

You were hired two months ago based on your successful cybersecurity experience with a previous employer. Your technical knowledge of cybersecurity is solid. However, you have a lot to learn about this company’s culture, processes, and IT funding decisions, which are made by higher management.

undefined

You have recently come across numerous anomalies and incidents leading to security breaches. The incidents took place separately, and it has not been determined if they were caused by a single source or multiple related sources.

undefined

First, a month ago, a set of three corporate database servers crashed suddenly. Then, a week ago, anomalies were found in the configuration of certain server and router systems of your company. You immediately recognized that something with your IT resources was not right. You suspect that someone, or some group, has been regularly accessing your user account and conducting unauthorized configuration changes.

undefined

You meet with your leadership to discuss the vulnerabilities. They would like you to provide a security assessment report, or SAR, on the state of the operating systems within the organization.

undefined

You’re also tasked with creating a non­technical narrated presentation summarizing your thoughts. The organization uses multiple operating systems that are Microsoft-­based and Linux­-based. You will have to understand these technologies for vulnerability scanning using the tools that work best for the systems in the corporate network.

undefined

You know that identity management will increase the security of the overall information systems infrastructure for the company. You also know that with a good identity management system, the security and productivity benefits will outweigh costs incurred. This is the argument you must make to the stakeholders.

undefined

To be completed by the Homeland Security Representative: Use the US-CERT and similar resources to discuss the vulnerabilities and exploits that might have been used by the attackers. Ensure that the information is appropriately cited.

undefined

Explore the resources for risk mitigation and provide the risk, response, and risk mitigation steps that should be taken if an entity suffers the same type of attack.

undefined

To be completed by all team members: Provide a risk-threat matrix and a current state snapshot of the risk profile of the financial services sector. These reports will be part of an overall risk assessment, which will be included in your SAR and AAR. Ensure that the information is appropriately cited.

undefined

Review and refer to this risk assessment resource to aid you in developing this section of the report.

undefined

Four pages.