Engineering Homework Help

This week, you will submit the second project, VM Scanner Background Report, based on the Nessus Report. As you are writing your report, you may want to refer back to the CEO’s video in Week 1 to make sure your analysis and recommendations align with the CEO’s priorities and concerns.

You should link your analysis to the kinds of organizational functions and data associated with a transportation company (e.g., protecting order data, customer lists, sales leads, Payment Card Industry (PCI) compliance for processing credit, proprietary software, etc.) and provide your recommendation if Mercury USA should purchase the Nessus tool. This report should be four to six pages in length and include a title/cover page. Include in-text citations and a reference page with three quality sources in a citation style of your choice.

How Will My Work Be Evaluated?

For this assignment, you are asked to provide your supervisor, Judy, with a technical evaluation of a vulnerability scanner. By documenting your results in an effective background report, you are showing how you use your technical knowledge to convey your ideas to others in a professional setting. Your ability to express your findings using the right mix of technical detail in a business context is an important workplace skill.

Here is the transcript of the message

Message from the CEO

Transcript

Hello, as many of you know, I am the CEO and the chairman of the board of directors.

Recently, one of our company’s biggest competitors was the victim of the ransomware known as Wannacry. You may have seen the news reports.

From their initial investigation, our rival found out that their network was compromised by a trick bot on Windows 7 and Windows 8.1 desktops.

The hackers worked their way up to the Windows Server 2012 R2, where the company stored their mission-critical data. Customer data such as shipping records, credit card information, and other pertinent information were encrypted by the ransomware.

The company lost access to customer data and more importantly, lost customer confidence. It is reflected in their stock price.

We can’t afford to let this happen to us. We are going to take steps to ensure that our customers’ data is safe from these kinds of attacks. We’ve got a lot invested in our data, and we don’t want to face a situation where we would be tempted to pay a lot of ransom money with no real guarantee that the bad actors would even provide the key to decrypt our files.

In this competitive market, we need to be proactive to stay relevant.

So, stay tuned, and thanks for all the hard work that you do for our company. 

As the cyber threat analyst at Mercury USA, you will be expected to identify security-related issues that hackers could use against the company. You will begin by addressing the security vulnerabilities present in the IT infrastructure of the company and develop a way forward that helps to prevent and deter attacks.

You will be completing three projects for this course:

Project 1: Vulnerability Process and Assessment Memo—A two- to three-page memorandum outlining the VM process in which you will use a sample vulnerability scan report to assess security posture and develop a recommended VM process (Week 3)

Project 2: VM Scanner Background Report—A four- to six-page background report to review a commercial scanning tool and provide a recommendation (Week 5)

Project 3: Presentation to Management—A five- to 10-slide “pitch” to executive management outlining your assessment of Mercury USA’s security posture, the business need, and seeking a decision on purchasing the commercial tool (Week 7)