Assessment event 1 – Assess network security threats and vulnerabilities to identify risk

(VM)

Brian.Ashworth

You are required to write a report on how you:

1.1 Assess and report on current system security, according to required asset security level (VM options)

(From page 43 of Vulnerability Management For Dummies)Weigh the pros and cons of each against four key
factors: Design, Deployment, Management, and Compliance.

Design: Assessing risk from the outside, looking in use VM products. Software-based solutions are
installed by users on their enterprise network and operated manually. This is a familiar process but using
software-based solutions for vulnerability management has huge drawbacks: Software-based solutions don’t
provide an outsider’s view of network vulnerabilities, especially for devices on the perimeter.

Installation options are either on the non-routable private side of the network or on the public-facing
Internetside. Behind-the-firewall deployments are unable to process exploits such as transmission of
incorrectly formatted data packets so their scans generate many false positives and false negatives. Products
deployed outside the firewall are subject to attacks and compromise.

Secure communications of scan assessments are

1.2. Determine additional network, software, hardware and system security threats and vulnerabilities (VM
assessment)
 $5000.00 Solution

Try MBS first to see what it shows

Depends on size of company, confidential

It is imperative to fix the critical issues - For example in the screenshot above these vulnerabilities need to be
rectified via updates or through administration configurations.
1.3 Use identified threats and vulnerability information to identify security risks.

1.4 Make recommendations to management to address security deficiencies, according to current and future
commercial and business requirements (VM Executive summary)

A vulnerability scanner is one of many security tools used to improve the security of networks. The goal of running a
vulnerability scanner is to identify devices on a network that are open to known vulnerabilities. A vulnerability tool can help
secure a network or it can be used by potential attackers to identify weaknesses in you system to mount an attack against. The
tool can be used to identify and fix weaknesses before potential attacker use them to exploit victims. There are many different
types of scanners that accomplish similar goals through different means. Some scanners work better than others. Some of the
highly rated vulnerability scanning packages including Belsecure, SAINT, SARA and QualysGuard carry a hefty price tag.
Some companies do not mind the cost of the tools because they add network security and peace of mind. With recent budget
shortfalls within companies, many others do not have the budget needed for these products. Companies that primarily use
Microsoft Windows products use a freely available tool called Microsoft Baseline Security Analyzer (MBSA). MBSA can be
used to scan systems and identify missing patches and missing or weak passwords and other common security issues. MBSA
tool is used to assess security settings within Microsoft (MS) Windows components such as: Internet Explorer, Web Server,
Products Microsoft SQL server, MS Office Settings and is compatible with the Windows Operating Systems Windows – NT,
2000, XP, 2003, Vista, and 7. It average scans over three million computers each week and is used by many leading third-party
vendors, security auditors, medium to large businesses, home Networks - Local Hosts
Free
Microsoft Baseline Security Analyser (MBSA) is a software tool released by Microsoft to determine security state by assessing
missing security updates and less-secure security settings within Microsoft Windows, Windows components such as Internet
Explorer, IIS web server, and products Microsoft SQL Server, and Microsoft Office macro settings.
Paid
The BelSecure Module automatically does a vulnerability assessment of your IT systems, checks security policies, configuration
settings, and discovers other information about the host such as anti-virus status, application versions, security patches, user
accounts and more. BelSecure is much more reliable software.
 Assessment event 2

Implement countermeasures for identified vulnerabilities and threats (VM)

You are required to write a report on how you:

2.1 Implement required level of perimeter security based on current and future business needs

2.2 Assess and implement best practice server and network hardening techniques and measures

2.3Implement secure authentication and user account controls

2.4 Secure data integrity and

Assessment event 3 –

Test and verify functionality and performance of security system implemented (CM)
You are required to write a report on how you:

3.1 Design test items to verify key function and performance measures against criteria

3.2 Conduct function and performance tests recording results

3.3 Modify and debug security system as necessary

3.4 Develop documentation on current system settings and file for future reference

Assessment event 4 – Provide systems for monitoring and maintaining security (CM)
You are required to write a report on how you :

4.1 Monitor current network security, including physical aspects, using appropriate third-party testing
software where applicable

4.2 Review logs and audit reports to identify and record security incidents, intrusions or attempts

4.3 Carry out spot checks and audits to ensure that procedures are not being bypassed

4.4 Document newly discovered security threats, vulnerabilities and risks in a report for presentation to
appropriate person to gain approval for changes to be made