The Microsoft Baseline Security Analyzer (MBSA) is Microsoft’s user-friendly software vulnerability assessment tool intended for IT security professionals from small to medium-sized organizations used to scan one or more computers, and provide a detailed security assessment report with specific recommendations and guidance on correcting any found deficiencies (Vacca 2013). The MBSA used for this assignment was the MBSA version 2.3, which performed scans for missing patches, missing/weak passwords, and assess the holistic security status to determine any associated potential risks to the computer. MBSA utilized the Microsoft update catalog and determined which security updates required updating, provided a report on specific system information, and performed Windows Security and Desktop Application Scans to report any further administrative vulnerabilities.
The resulting security assessment report indicated that the scanned computer was at potential risk due to the failure of one or more non-critical checks. The results proved surprising as the scanned computer was purchased a little over a month ago. The failures in the report included, a) a missing a service pack (Windows Malicious Software Removal Tool released March 2014) and b) non-expiring and weak passwords for the user accounts. Fortunately, the MBSA found no other issues with the scanned computer’s firewall or desktop applications. These results were informative and provided guidance on how to better improve the scanned computer’s security measures. Using the recommendations for a solution to mitigate the potential risks, I installed the Malware Removal Tool software, created new more complicated passwords, and adjusted the user setting by removing the “password nev...
... middle of paper ...
...cate itself and propagate through removable media such as USB flashdrives and portable external hard drives wreaking havoc and spreading throughout the networks. Figure 3 below illustrates how the Conflicker worm infiltrated the networks.
Corporate network system administrators routinely use vulnerability assessment tools such as the popular and user friendly MBSA to scan the corporate IT systems for potential risks to the network. One of the features of the MBSA is the administrative vulnerabilities assessment as part of the Windows Scan which, among a myriad of other assessments, analyses the system’s firewall and determines if there any exceptions configured in the firewall. Unauthorized exceptions the firewall configuration could be an indicator of infiltration in the network.
Works Cited
http://www.sans.org/security-resources/policies/Password_Policy.pdf
Security of the companies data is one of the most important components which allows the business to perform its day to day operation using various networking devices, services that absolutely needs to be protected from intruders. Some of these devices include online transactions, the exchange of data between users and clients both internal and external and external web data needs to be secured. There are several polices that would need to be configured such as a web sever and firewall configurations. However, with these configurations the first and most important task is to identify any vulnerabilities or loopholes in security within the company. The company has both LAN (Local Area Network) and WAN (Wireless Local Area Network) and a web sever. These resources need to be secured at all times from hackers or anyone else by implementing the appropriate security measures.
The analysis conducted by Control Data Corporation (1999), provides a quality, and precise assessment of adhering to cybersecurity policy. This analysis is organized into several different categories:
To get through these security walls “cybercrooks” are creating more and more different types of malware. What is malware? Microsoft defines it as the following “Malware is sho...
Johansson, Jesper M. "Managing the Windows Vista Firewall." TechNet 2008: n. pag. Web. 14 Nov. 2013. http://technet.microsoft.com/en-us/magazine/2008.06.security.aspx
Windows Server 2012 is a dynamic piece of software as it is constantly evolving. These improvements are available to users in the form of Windows Updates and patches. The results of an audit can show that without proper monitoring our system can slowly become obsolete, less productive, and potentially out of Government compliance. Microsoft is constantly making improvements or fixing bugs through a series of updates. Some of the updates are very important to keep products like Windows Server 2012 up to date and secure. Other updates may be labeled as recommended or optional from Microsoft. “Microsoft routinely releases security updates on the second Tuesday of each month, commonly known as Patch Tuesday” (Regan, 2013) With the abundance and frequency of patches it’s important for our organization to manage them in an efficient and organized manner so that we maintain the highest levels of productivity while minimizing system downtime.
Malware, short for malicious software, is wide-spread in today’s computer market. Malware is software intended to gain sensitive information or access to a victim’s private system (“Who Creates Malware and Why?” par. 13). Many forms of malware exist: the major categories including viruses, ransom ware, worms, keyloggers, trojan horses and rootkits. Today, malware is most commonly used to steal victims’ personal information for financial gains, but malwares’ attention was not always this way. The first computer worms were written as harmless pranks.
Network hackers are forever inventing ways to break into the computer systems of organizations. Their aim is to take adventure of the susceptibilities of the system. Hackers remain only limited by the created activity of their minds. Hackers have the time, capability, and experience to infra trace any system. The organization has the responsibility to prevent hackers from infra tracing their system. Organizations remain required to plan for the assaults of hackers. Organization can only be better prepared to defend against hackers, if the organization has taken the necessary action to hinder the hackers’ assaults. There remain various ways in which an organization can prepare to do battle with hackers. The first step to battling hackers is for the organization to have an excellent understanding of its abilities and capabilities. Security analysis systems remain invented to aid organizations in the process of un...
Vulnerability scanning security software can combat system based threats while maintaining compliance and securing critical IT assets. This paper will look at vulnerability scanning security and discuss what it is, its value to the organization, integration with the current IT infrastructure as well as vender vulnerabil...
In the following report I will discuss the role of network management and how the network manager contributes to the network security of an organisation. Network security will be discussed in full to inform on how big of an impact network attacks can have on an organisation. Once the impact of network security has been covered I will go through all possible threats that can harm an organisation and the steps network managers should go through to secure a network to the best of their ability. The importance of network tools will be introduced last along with benefits they can provide.
Summary Report for: Computer Security. (2010). January 10, 2011, from O*net Online: retreived January/15/2011 http://online.onetcenter.org/link/summary/15-1071.01
Some of the more common security problems that affect small business computers include viruses and hackers. Viruses can rewrite coding to make your software programs unusable, as well as scramble and...
Reviewing the current network configuration, I have discovered several vulnerabilities in regards to the organization's network.
Lastly, the application layer (Layer 7) supplies services to application procedures and threats are static passwords and SNMP private community strings (Holl, 2003). Organization will need to enforce encryption to limit the exposure of personal information, ensure that patches are installed for applications, patching and is performed on all network and hardware devices, hardening of operation system and implements secure authentication methods (Baker & Wallace, 2007). Additionally, a quality anti-virus is utilized on workstations, servers and other devices connected to the organization IT infrastructure. All types of attackers discussed in this paper are applicable. Black hat hackers and cyber terriorist will control exploit vulnerabilities in networks and application systems that are not properly patch as well as malware writer
Although cyber-attacks are quite common in the defense industry, Operation Aurora illuminated that even the once immune commercial sectors are no longer safe from cyber hacking. The world of cybercrime is quickly changing its focus to intellectual property repositories. With vulnerabilities out there, consumers will always be at risk for future attacks. Therefore, it is critical to protect their systems with latest updates and security protection programs such as McAfee. Countermeasures should be taken seriously to ensure system optimal against all threats malicious or not.
Penetration testing - using tools and processes to scan the network environment for vulnerabilities, [03& T, J.K et al. 2002] there are many different types of vulnerability assessments. Penetration Testing focuses on understanding the vulnerabilities of components that you’ve made available on the network as seen from the perspective of a skilful and determined attacker who has access to that network. It will provide a thorough overview of the ...