1.The audience for your security assessment report (SAR) is the leadership of your organization, which is made up of technical and nontechnical staff. Some of your audience will be unfamiliar with operating systems (OS). As such, you will begin your report with a brief explanation of operating systems fundamentals and the types of information systems.
Click on and read the following resources that provide essential information you need to know before creating a thorough and accurate OS explanation:
· operating systems fundamentals
· the applications of the OS
· The Embedded OS
· information system architecture
· cloud computing
· web architecture
After reviewing the resources, begin drafting the OS overview to incorporate the following:
1. Explain the user’s role in an OS.
2. Explain the differences between kernel applications of the OS and the applications installed by an organization or user.
3. Describe the embedded OS.
4. Describe how the systems fit in the overall information system architecture, of which cloud computing is an emerging, modern web architecture.
Include a brief definition of operating systems and information systems in your SAR.
2. You just summarized operating systems and information systems for leadership. In your mind, you can already hear leadership saying “So what?” They are not well versed in web security issues; so in your SAR you decide to include an explanation of advantages and disadvantages of the different operating systems and their known vulnerabilities.
Prepare by first reviewing the different types of vulnerabilities and intrusions explained in these resources:
· Windows vulnerabilities
· Linux vulnerabilities
· Mac OS vulnerabilities
· SQL PL/SQL, XML and other injections
Based on what you gathered from the resources, compose the OS vulnerability section of the SAR. Be sure to:
1. Explain Windows vulnerabilities and Linux vulnerabilities.
2. Explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices.
3. Explain the motives and methods for intrusion of the MS and Linux operating systems;
4. Explain the types of security awareness technologies such as intrusion detection and intrusion prevention systems.
5. Describe how and why different corporate and government systems are targets.
6. Describe different types of intrusions such as SQL PL/SQL, XML, and other injections
You will provide leadership with a brief overview of vulnerabilities in your SAR.
3. You have just finished defining the vulnerabilities an OS can have. Soon you will perform vulnerability scanning and vulnerability assessments on the security posture of your organization’s operating systems. But first, consider your plan of action. Read these two resources to be sure you fully grasp the why’s and how’s of vulnerability assessments and security updates:
· Vulnerability assessments
Then provide the leadership with the following:
1. Include a description of the methodology you used to assess the vulnerabilities of the incorporate operating systems.
2. Include a description of the applicable tools used, and the limitations of the tools and analyses, if any.
3. Include the projected findings from using these vulnerability assessment tools.
In your report, discuss the strength of passwords, any IIS administrative vulnerabilities, SQL server administrative vulnerabilities, and other security updates and management of patches.
4. By utilizing security vulnerability assessment tools, such as MBSA and OpenVAS, you now have a better understanding of your system’s security status. Based on the results provided by these tools, as well as your learning from the previous steps, you will create the Security Assessment Report (SAR).
In your report to the leadership, emphasize the benefits of using a free security tool such as MBSA. Then make a recommendation for using these types of tools (i.e., MBSA and OpenVAS), including the results you found for both.
Remember to include these analyses and conclusions in the SAR deliverable:
1. After you provide a description of the methodology you used to make your security assessment, you will provide the actual data from the tools, the status of security and patch updates, security recommendations, and offer specific remediation guidance, to your senior leadership.
2. You will include any risk assessments associated with the security recommendations, and propose ways to address the risk either by accepting the risk, transferring the risk, mitigating the risk, or eliminating the risk.
Include your SAR in your final deliverable to leadership.
We value our customers and so we ensure that what we do is 100% original..
With us you are guaranteed of quality work done by our qualified experts.Your information and everything that you do with us is kept completely confidential.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
The Product ordered is guaranteed to be original. Orders are checked by the most advanced anti-plagiarism software in the market to assure that the Product is 100% original. The Company has a zero tolerance policy for plagiarism.Read more
The Free Revision policy is a courtesy service that the Company provides to help ensure Customer’s total satisfaction with the completed Order. To receive free revision the Company requires that the Customer provide the request within fourteen (14) days from the first completion date and within a period of thirty (30) days for dissertations.Read more
The Company is committed to protect the privacy of the Customer and it will never resell or share any of Customer’s personal information, including credit card data, with any third party. All the online transactions are processed through the secure and reliable online payment systems.Read more
By placing an order with us, you agree to the service we provide. We will endear to do all that it takes to deliver a comprehensive paper as per your requirements. We also count on your cooperation to ensure that we deliver on this mandate.Read more