Computer Science Homework Help
Athenaeum of Ohio Cyber Security & Vulnerabilities in Operating Systems Paper
| Project 1: Requires the Following 2 Pieces |
| 1. Security Assessment Report |
| 2. Non-Technical Presentation Slides |
| Project 1 – Evaluation Criteria |
| 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment. |
| 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem. |
| 5.4: Identify potential threats to operating systems and the security features necessary to guard against them |
| 1. Security Assessment Report |
| Discuss all topics below. Consider using the topic headers as subheaders to organize your report. |
| Purpose and Scope |
| Based on your scenario (i.e. hypothetical or real), briefly explain why is there a need for a security assessment in your organization (purpose) and explain which components will be assessed (scope) |
| OS Overview |
| In your SAR, provide the leadership of your organization a brief explanation of operating systems (OS) fundamentals and information systems architectures. Include the following: |
| 1. Explain the user’s role in an OS. |
| 2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user. |
| 3. Describe the embedded OS. |
| 4. Describe how operating systems fit in the overall information systems architecture, of which cloud computing is an emerging, distributed computing network architecture. |
| OS Vulnerabilities |
| Provide the leadership of your organization with an overview of OS vulnerabilities to include the following: |
| 1. Explain Windows vulnerabilities and Linux vulnerabilities. |
| 2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices. |
| 3. Explain the motives and methods for intrusion of MS and Linux operating systems. |
| 4. Explain the types of security management technologies such as intrusion detection and intrusion prevention systems. |
| 5. Describe how and why different corporate and government systems are targets. |
| 6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections |
| Preparing for the Vulnerability Scan |
| Provide the leadership of your organization with the following: |
| 1. Include a description of the methodology you proposed to assess the vulnerabilities of the operating systems. |
| 2. Provide an explanation and reasoning of how the methodology you propose, will determine the existence of those vulnerabilities in the organization’s OS. |
| 3. Include a description of the applicable tools to be used, limitations, and analysis. |
| 4. Provide an explanation and reasoning of how the applicable tools you propose will determine the existence of those vulnerabilities in the organization’s OS. |
| 5. In your report, also discuss: |
| the strength of passwords |
| any Internet Information Sevices’ administrative vulnerabilities |
| SQL server administrative vulnerabilities, |
| security updates and management of patches as they relate to OS vulnerabilities |
| Vulnerability Assessment Tools for OS and Applications (Lab) |
| Use the vulnerability scanning tool to complete/determine the following for Window OS: |
| 1. Determine if Windows administrative vulnerabilities are present. |
| 2. Determine if weak passwords are being used on Windows accounts. |
| 3. Report which security updates are required on each individual system. |
| 4.The tool provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. |
| 5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, a tool such as OpenVAS will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. |
| For the Linux OS: |
| 1. Determine if Linux vulnerabilities are present. |
| 2. Determine if weak passwords are being used on Linux systems. |
| 3. Determine which security updates are required for the Linux systems. |
| 4.You noticed that the tool you used for Linux OS (i.e., OpenVAS) provides dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other grouping. |
| 5.Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment |
| ** Findings and Recommendations |
| 1.Include a section where the findings (i.e. your lab findings) and your recommendations are enumerated. This is an important section of your report, since your feedback/report will help the leadership of your organization allocate the necessary resources to ensure the risks you identified will be mitigated. Each finding should have a corresponding recommendation. E.g. Finding 1. It was found that …. Recommendation 1. It is recommended that …. Finding 2…. Recommendation 2…… |
| 2. Include a brief risk assessment associated with the security recommendations to propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it. Explain your answer. |
| Security Assessment Report Feedback |
| 2. Presentation Slides (narration not required) |
| Design a presentation directed to the leadership of your organization (technical and non-technical audience) that includes: |
| 1. Title Slide |
| 2. Use of Readable Fonts and Color |
| 3. Summarized SAR |
| 4. Summary of Findings and Recommendations at High Level |
| Presentation Slides Feedback |
| Your lab report should include: |
| 1. Summary of lab experience |
| 2. Vulnerabilities identified and explained for both Windows and Linux systems |
| 3 |
| 4. Ensure a summary of your results is included in your SAR |
| I need assistance on step which is the actual report and step 2 which is the presentation of the report |
Talk to us support@bestqualitywriters.com