Submission Requirements for all two parts of the project: · Format: Microsoft Word · Font: Arial, 12-Point, Double-Space · Citation Style: APA · Length: Each part should have a minimum of 3 pages. So...

1 answer below »
Need to write a project report. Please see the attachments.


Submission Requirements for all two parts of the project: · Format: Microsoft Word · Font: Arial, 12-Point, Double-Space · Citation Style: APA · Length: Each part should have a minimum of 3 pages. So overall report size should be a minimum of 6 pages (excluding title page and bibliography). Part 1: Current Security Threats  Overall Scenario Aim Higher College is a fictitious institution located in the United States. The college offers undergraduate and graduate courses in domains, such as business management, information security, and nursing. Imagine that you have a new job at Aim Higher College as an information security analyst. Throughout this course, you will analyze the threats and vulnerabilities of Aim Higher College and recommend controls to secure the college’s information systems. Scenario It is your first day at the job in the information security department, and you are called for a meeting. In the meeting the need for strengthening the information security for the college is discussed, and everyone agrees that the first step in this direction is to identify the top five threats that are a potential risk to Aim Higher College. The college’s administrative staff and faculty run the latest version of Microsoft Windows on their primary workstations, whereas students’ laptops may run Windows or macOS. The college’s web servers run on Linux; however, all other servers are Windows Server-based. Student, staff, and faculty mobile devices, such as tablets and smartphones, run on iOS or Android; all mobile devices can connect to the campus network. Tasks You have been given the responsibility to determine the top five threats that Aim Higher College faces. You asked your supervisor for support in this task and he gave you the following resources that might be useful in your research and analysis: Microsoft Security Advisories and Bulletins (https://docs.microsoft.com/en-us/security-updates/) Common Vulnerabilities and Exposure (CVE) database search (http://cve.mitre.org/find/index.html) Security organizations, such as Secunia (http://secunia.com/) Your supervisor has also asked you to consider the following questions as you shortlist the threats: What threats are new this year, and which have become more prevalent? Why are these threats more common and why are they important? What threats remain constant from year to year? Why? What threats do you believe will become more critical in the next 12 months? Why? What is the likelihood of an exploit affecting Aim Higher College, and which operating system(s) does it target? With these considerations in mind, write a summary report of the top five threats to Aim Higher College. Briefly explain why you have selected them and what effect they might have on the institution or its students, employees, graduates, or other communities on campus.   Part 2: Identify Vulnerabilities in IT Security   Overall Scenario Aim Higher College is a fictitious institution located in the United States. The college offers undergraduate and graduate courses in domains, such as business management, information security, and nursing. Imagine that you have a new job at Aim Higher College as an information security analyst. Throughout this course, you will analyze the threats and vulnerabilities of Aim Higher College and recommend controls to secure the college’s information systems. Scenario Aim Higher College has been the target of focused attacks from a variety of attackers. Your manager has assigned you the task to review the port and vulnerability scan data recently gathered from a typical system to determine what ports and services are exposed to attackers, and what vulnerabilities exist on that system. Required Resources Access to the Internet Text sheet: Zenmap Intense Scan Results pdf file (hacking_ts_zenmapscan.pdf) Tasks 1. Analyze the results of the Zenmap scan. Your report must answer the following questions: What are the first five open ports as identified by the Zenmap scan? Include the port number Include the service name Include a brief description of how each is used 2. The Nessus scan identified two critical vulnerabilities, identified as ID 32314 and ID 33850. Research the vulnerabilities against the Common Vulnerabilities and Exposure (CVE) database . Include the name and a brief description of each vulnerability. 3. Determine what can be done to protect the system and defend the campus network against attempts to gather data, and to resolve vulnerabilities. Also determine which ports and services likely need to remain open. 4. Write a report targeted at IT management and systems administration staff explaining the vulnerabilities and protection mechanisms that Aim Higher College should adopt, which will be applied to all similar systems at the college. Microsoft Word - hacking_ts_zenmapscan.docx This document is required to complete part of the course-wide project. The following are results of an Intense Scan performed in Zenmap. Starting Nmap 6.40 ( http://nmap.org ) at 2018-08-04 09:20 Pacific Daylight Time NSE: Loaded 110 scripts for scanning. NSE: Script Pre-scanning. Initiating ARP Ping Scan at 09:20 Scanning 172.30.0.30 [1 port] Completed ARP Ping Scan at 09:20, 0.23s elapsed (1 total hosts) Initiating SYN Stealth Scan at 09:20 Scanning 172.30.0.30 [1000 ports] Discovered open port 139/tcp on 172.30.0.30 Discovered open port 53/tcp on 172.30.0.30 Discovered open port 23/tcp on 172.30.0.30 Discovered open port 5900/tcp on 172.30.0.30 Discovered open port 3306/tcp on 172.30.0.30 Discovered open port 445/tcp on 172.30.0.30 Discovered open port 80/tcp on 172.30.0.30 Discovered open port 21/tcp on 172.30.0.30 Discovered open port 111/tcp on 172.30.0.30 Discovered open port 22/tcp on 172.30.0.30 Discovered open port 25/tcp on 172.30.0.30 Discovered open port 8180/tcp on 172.30.0.30 Discovered open port 1524/tcp on 172.30.0.30 Discovered open port 8009/tcp on 172.30.0.30 Discovered open port 6667/tcp on 172.30.0.30 Discovered open port 5432/tcp on 172.30.0.30 Discovered open port 514/tcp on 172.30.0.30 Discovered open port 1099/tcp on 172.30.0.30 Discovered open port 6000/tcp on 172.30.0.30 Discovered open port 2121/tcp on 172.30.0.30 Discovered open port 2049/tcp on 172.30.0.30 Discovered open port 513/tcp on 172.30.0.30 Discovered open port 512/tcp on 172.30.0.30 Completed SYN Stealth Scan at 09:20, 0.41s elapsed (1000 total ports) Initiating Service scan at 09:20 Scanning 23 services on 172.30.0.30 Completed Service scan at 09:20, 11.16s elapsed (23 services on 1 host) Initiating OS detection (try #1) against 172.30.0.30 mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers NSE: Script scanning 172.30.0.30. Initiating NSE at 09:21 Completed NSE at 09:21, 31.80s elapsed Nmap scan report for 172.30.0.30 Host is up (0.0022s latency). Not shown: 977 closed ports PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 2.3.4 |_ftp-anon: Anonymous FTP login allowed (FTP code 230) 22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0) | ssh-hostkey: 1024 60:0f:cf:e1:c0:5f:6a:74:d6:90:24:fa:c4:d5:6c:cd (DSA) |_2048 56:56:24:0f:21:1d:de:a7:2b:ae:61:b1:24:3d:e8:f3 (RSA) 23/tcp open telnet Linux telnetd 25/tcp open smtp Postfix smtpd |_smtp-commands: metasploitable.localdomain, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN, | ssl-cert: Subject: commonName=ubuntu804- base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX | Issuer: commonName=ubuntu804- base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX | Public Key type: rsa | Public Key bits: 1024 | Not valid before: 2010-03-17T13:07:45+00:00 | Not valid after: 2010-04-16T13:07:45+00:00 | MD5: dcd9 ad90 6c8f 2f73 74af 383b 2540 8828 |_SHA-1: ed09 3088 7066 03bf d5dc 2373 99b4 98da 2d4d 31c6 |_ssl-date: 2018-08-04T16:20:12+00:00; -50s from local time. 53/tcp open domain ISC BIND 9.4.2 | dns-nsid: |_ bind.version: 9.4.2 80/tcp open http Apache httpd 2.2.8 ((Ubuntu) DAV/2) |_http-methods: No Allow or Public header in OPTIONS response (status code 200) |_http-title: Metasploitable2 - Linux 111/tcp open rpcbind 2 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2 111/tcp rpcbind | 100000 2 111/udp rpcbind | 100003 2,3,4 2049/tcp nfs | 100003 2,3,4 2049/udp nfs | 100005 1,2,3 46502/udp mountd | 100005 1,2,3 59389/tcp mountd | 100021 1,3,4 42125/tcp nlockmgr | 100021 1,3,4 58483/udp nlockmgr | 100024 1 37968/tcp status |_ 100024 1 53793/udp status 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP) 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP) 512/tcp open exec netkit-rsh rexecd 513/tcp open login? 514/tcp open shell? 1099/tcp open java-rmi Java RMI Registry 1524/tcp open shell Metasploitable root shell 2049/tcp open nfs 2-4 (RPC #100003) 2121/tcp open ftp ProFTPD 1.3.1 3306/tcp open mysql MySQL 5.0.51a-3ubuntu5 | mysql-info: Protocol: 10 | Version: 5.0.51a-3ubuntu5 | Thread ID: 12 | Some Capabilities: Connect with DB, Compress, SSL, Transactions, Secure Connection | Status: Autocommit |_Salt: !J1V>q@,XX0(vE 5432/tcp open postgresql PostgreSQL DB 8.3.0 - 8.3.7 5900/tcp open vnc VNC (protocol 3.3) | vnc-info: | Protocol version: 3.3 | Security types: |_ Unknown security type (33554432)
Answered Same DayApr 19, 2021

Answer To: Submission Requirements for all two parts of the project: · Format: Microsoft Word · Font: Arial,...

Ritu answered on Apr 23 2021
151 Votes
Part 1
What threats are new this year, and which have become more prevalent and Why are these threats more common and why are they important?
1. Blackmail Hack
Blackmail hacking means that if a victim makes no payments or does not respond to any other request, the attacker threatens to release confidential company or customer data. These attacks can ruin us as well as our custo
mers by backing up data as well as allowing the hacker to lock out of the system. There is only one problem tracking such attacks. If the victim dug the cave as well as paid, people may not know that blackmail has occurred. However, at least two blackmail hacks are recorded. Ashley Madison Hak resigned his CEO as well as exposed millions of corrupt individuals to public ridicule. Hacking InvestBank in the United Arab Emirates leaked customer account information. Forced hacking is a response to the most serious fear of companies as well as executives. If they don't do it well, the company secrets will be exposed, the customers will sue, as well as the executive will lose their jobs (Awan, Memon & Burfat, 2019).
2. Attack to modify or manipulate data
A cyber operation that modifies or manipulates digital data to compromise integrity, rather than deleting or releasing stolen data. Attackers can break into financial as well as stock trading systems to change data as well as raise or lower stock prices according to their purpose. Certain types of data operations can even die.
3. Encryption is now standard, but not everyone is satisfied with it.
Encryption is finally defaulted with increased security as well as privacy concerns due to intelligence exposure as well as reported data breaches. Certain organizations, such as law enforcement as well as intelligence agencies, are unhappy with the idea of having a negative impact on security (Cassotta & Pettersson, 2019).
4. The attacker is more interested in the mobile payment system, but for a while he is committed to traditional payment fraud.
5. Attack Services as well as Express Kits occur for mobile (as well as other) platforms.
What threats remain constant from year to year? Why?
Threats prepared next year include malware, malicious internal stakeholders, abused vulnerabilities, inadvertent employees, mobile devices, social networking, social engineering, zero-day exposure, cloud computing security threats, as well as cyber-spies. These threats are very common unless proper employee training is performed. This type of threat is always present in the IT world, so the threat can be constant every year (Cassotta & Pettersson, 2019).
Common security threats include:
Malware: Malware is a shortened form for pernicious programming. Wikipedia portrays malware as a term used to signify "various types of unfriendly, meddling, or undesirable programming or program code". Malware incorporates PC infections, worms, Trojan ponies, unapproved spyware, just as malignant rootkits. These are characterized underneath.
PC Virus: A PC infection is little programming that spreads starting with one contaminated PC then onto the next. This infection can wreck, take, or erase information on your PC, just as it can likewise delete all information on your hard drive. Infections can spread themselves to different PCs by utilizing different projects, for example, email programs (Faga, 2017).
Unapproved Security Software: Have you at any point seen a spring up window promoting security updates or alarms? It looks authentic, just as you click the connection to "update" or "expel" the unneeded pernicious programming that is obviously recognized. This may be illicit security programming intended to guide clients to click just as download noxious programming. Microsoft has malevolent security programming just as a helpful page that discloses how to ensure you...
SOLUTION.PDF

Answer To This Question Is Available To Download

Related Questions & Answers

More Questions »

Submit New Assignment

Copy and Paste Your Assignment Here