CST63044 Risk Threat and Vulnerability

 CST63044 Risk Threat and Vulnerability Management Essay

Instructions/Descriptions

 CST63044 Risk Threat and Vulnerability Management Essay

1. Introduction

A general review of threats and vulnerabilities on IT systems was carried out by an American based company known as Para Delta that deals with information technology and sells electronic software. This was done in order to assist the firms to come up with effective security control measures which reduce the risk and threats on the IT networks.

Para Delta Company developed procedures through which threat and vulnerability can be managed. The management steps provide emphasis on advance action of network security tasks such as insertion testing.

Some automatic systems have advanced antivirus software installed in them, which are not able to identify the specific security threat and vulnerability even though they are capable of detecting dangers. The Para Delta came up with solutions to these threats by creating a threat intelligence foundation that combines human capability and data-driven intersection.

Cyber-attacks and risk management are done by first assessing vulnerabilities that help to identify the common threats and the magnitude of their effects on the manufacturing environment. The right set of security arrangements and risk management procedures are required to avoid cybersecurity vulnerabilities that pose serious threats to IT networks.

The company found out that there is a need to develop guidelines and techniques which avail adequate information security to secure the operating system. By protecting the information and information systems create an affirmative foundation for strong information.

This initiative helps to mitigate risks on the IT networks by protecting it from unauthorized access or destruction. Frameworks given by IT security procedures provide management to the information technology and governance. Frameworks also acknowledge IT governance objectives and good actions by the IT process.

Companies are required to develop policies on the planning processes of information security systems, which again require plans of action for implementing security controls. This makes it possible for the provision of a more confidential information system and its availability.

[Order Now]

2. The Analysis of Security Baseline

The analysis was carried out by the Para Delta Company through the identification of various procedures, security requirements, the security attacks to the enterprise network control systems, and network infrastructure with security posture components.

2.1. Security requirements and goals

The Para Delta Company carried out an analysis of security baseline through which the identification of various security necessities and results were listed for the preparation of any action of security baseline. The company found out that for strong networks of IT control system to be achieved, there must be some essential elements of the security network.

This helps IT personnel to secure network systems and the important services of the network. The company identified specialized IT personnel to work together to establish cost-effective guidelines. This assists them in securing IT security products and helping in dealing with specific security risks and threats during an outsourcing process and when carrying out procurement processes.

The requirements such as security by design, security by default, and least privileges are identified by risk-assessment, which again helps in developing a favorable system’s objectives and the dominance of pictorial security view.

2.2. General attacks on security networks and their impacts

Most of the known cybersecurity threats include computer viruses. The computer virus is software in nature and is designed in a way that it can be spread from one computer to another.

The Para Delta Company found that the virus is capable of defaulting security settings, corrupting the information, and can even further steal data such as sensitive personal information from the computer. The sources of computer viruses consist of attachments sent from email and download from the infected websites.

Another threat is rogue security software, which is known to commit internet deception. The software is harmful in that it deceives users to believe that they have computer virus installed on their computers, and the security control measures are never updated.

This leads to malfunctioning of the software is installed, and it can impact risks on IT networks. Trojan horse is another security threat which deceives user into inviting a cyber-attacker into a securely protected area and stealing the user’s passwords through recording and further steal the important information from the computer.

Computer worms multiply very fast and spread out from one computer to another. Denial of service attack is performed by various machines and internet connections through website flooding. A distributed denial of service attack function the same as the denial of service, but it is more forceful.

It is very hard to control since it is launched from several computers. Phishing attacks are brought by short text messages shared and emails sent that appear to be authentic and valid. The person receiving the email is deceived into opening harmful links, which again leads to the installation of malfunctioning of the computers.

Other threats include rootkit, which invites the attacker and operates as phishing and injection attacks that execute harmful statements that operate a database behind web applications. Since it involves the interception of communication between two or more digital systems, it is very difficult to detect and control, and the solution to this is defense.

To manage all security network threats, preparation is done in advance to make sure the security network systems are secure. Security risks are managed by raising concerns on server and security network virtualization issues that need to be controlled. This helps to block the hackers from attacking the security network system.

A number of system checks are carried out to enforce the dual controls for critical tasks, which reduce the risk of IT networks. Network infrastructure is deployed to create awareness for IT staff to avoid any significant vulnerability of network systems such as the denial of access.

2.3. Network infrastructure and security posture components.

The figure below shows the network infrastructure with security posture components.

Different types of tests on security networks are done continuously to reduce threats and vulnerability of computers. The different security test types include; static cord analysis, penetration test, conformance test, heavy demand test, and analysis of origin testing. The company stated that to achieve a successful response to any incident, a well-coordinated and organized approach must be put in place.

2.4. Open and closed access areas and interconnection access points

The Para Delta Company identified various wireless devices vulnerable to security network hacking. The open-access points are closed to avoid any external invasion. This is done by outlining important steps covered by any response program to effectively address the security incidents (Venkatraman, Daniel, & Murugaboopathi, 2013).

These steps include preparation in policy establishment, detecting and reporting potential security events, triage, and analysis of data collection from tools and systems. The contaminant and neutralization perform an equal closure of all systems, threats mitigation, requests, and post-incident activity, which improves security measures.

2.5. Hardware parts of the security network

The company identified major components of the computer network required for the software installation. These components include networking devices connecting several Ethernet known as hub, network interface card, device connecting multiple devices on a computer(switch), connecting internet device called a router, telephone lines internet connecting device called modem and signal transmitters (cables and connectors).

2.6. Network-server management

The Para Delta Company carried out research and found that network-server management can be done through monitoring, maintaining, and optimizing a network system (Hu, et al, 2018). The management is done with full compliance with security, reliability, and smooth operations.

Workforce skill is improved by exploring cybersecurity risks which help in diagnostic planning. This further creates essential technical skills of the security workforce and helps in commanding the necessary tools set to carry out the work. Network security baselines are used as styles applied during the first evaluation and analysis of gap phases.

It ensures the provision of the least necessities for security control management. The identification of strengths and weaknesses of real network control systems in the world is done by comparing it against the network baseline. The Para Delta Company stated some threat remedies to perform risk assessment, such as gathering systems and related information.

Threats are identified, and their weaknesses discovered before doing the analysis to uncover the dangers and impact of these threats. Proper action is then carried out depending on the level and magnitude of each threat. The solution is provided through the installation of antivirus software and vulnerability management system to handle and resolve vulnerabilities.

[Order Now]

2.7. Methods of security network protection

The method employed by the company was through installing automated systems for regular monitoring of the network. Risk mitigation is done by reducing the threat level by eliminating and intercepting adversaries before they attack the security operating systems. Steps that one applies for mitigation include encryption of data, educating members of staff, and the use of proper termination practices.

3. Determination of Network Defense Strategy

The company further came up with effective strategies for the assurance of service continuity under attack collaboration (Li, et al, 2007). The service providers face risks whose major sources are harmful attacks on the network control systems. Network attacker intends to interrupt and bring disorder in the services, on the other hand, the user providing defense has to make sure there is continuity of the service provision, and this brings a high degree of complexity characteristic.

The defender has to apply the effective and appropriate strategies such as deploying specific advance action and reaction defense mechanisms, under resources and predefined provision quality services to protect the network control system.

3.1. Determination of test violations and procedures of the security network

The Para Delta Company carried out testing violations and assessment of vulnerabilities by using various manual methods and automated tools. The review of manual application systems and the network policies were found to be significantly vulnerable and possible for malicious attackers.

The company identified ports, services, and their capability of vulnerabilities. The verification of these vulnerabilities on the network systems is done by carrying out penetration testing. The review techniques used by the company were manually carried out to examine systems, applications, and network policies to ensure everything put in place.

The network security personnel were interviewed to help in identifying important systems, applications, and services that run on the network, such as word press from the web server and security policies and monitoring systems. The company primarily focused on the webserver for vulnerabilities during the evaluation process.

The vulnerabilities are due to the inspection of packets conveying the network and how the number of times ports are opened. These malicious attacks can be intentionally or accidentally initiated into the network software by an end-user. Automated tools such as maps are used to verify the open ports and to scan them for the possibility of vulnerable directories.

Test of violations on network defense includes identifying system operations through providing backups, and disaster recovery tested, maintaining information through periodic verification and validity of the data updates, identifying and modifying the process, and maintaining system software.

3.2. Identification of different test types and test plans

There two types of tests carried out by the company, which include a security scanning test that is done either manually or by use of automated machines and penetrating tests.

The techniques and procedures used to conduct the test are first starting with obtaining additional information and performing more reconnaissance through network scanning, an inspection of potential parts of exploit on a network system and vulnerability scan help in detecting them, scanning done to find out hackers vulnerabilities to gain access to the network system, attempting to gain unauthorized access to restricted systems by use of password cracking and finishing with a penetration test.

The company noted that when carrying out a test on network security, the following guidelines need to be followed; most critical areas which exposed to the public access should be tested first to avoid exposing risk on the network, the system being tested should have the latest updates of the security patches installed, the correct interpretation of testing outcomes because sometimes vulnerability testing give false-positive results, those carrying out the test should be aware of the security policies, selection of the correct equipment that give favorable characteristics needed to carry out testing.

The Para Delta Company suggested that the outcome achieved from the network security test assist the developers in coming up with various strategies of protecting network security systems and web applications and can also be shared among the security team within the company. Security implementation is done by figuring out the measurement of all collective action that needs to be taken and also initiate the progress or improvement process.

4. Plans for the Penetration Testing Engagement

The company noted that when planning for penetration testing, the rules of engagement for penetration testing need to be addressed. The rules of engagement are directives defining circumstances and conditions such as hostilities and actions needed to be applied when carrying out a penetration test (Tiller, 2011).

4.1. Definition of penetration test and steps involved

This process involves the advanced testing of web applications through executing attacks that are the same as the real attack (Wilhelm, 2013). These attacks might occur at a specific time during the process of testing.

They are computed in a specified manner to get security faults and to provide effective strategies and steps on how to reduce the risks brought by these defects. The process aim at uncovering vulnerabilities and highlight the practical risks involved.

The steps involved in rule of engagement process include; identifying the type and depth of test to be carried out, checking contact details of a client involved, looking at the notifications of the IT team and the client, handling data responsibly and checking the status of any meeting and going through reports.

The company argued that the type of test to be applied is identified depending on the directives given out in the rule of engagement and also the size of information given out by the team conducting the test. The team carrying out the test operates from the view of an attacker from outside the company in the black box test.

The process of penetration starts by identifying the network mapping, implementation of various defense strategies, and website services. This type of test is best applicable internally and can be used by the specialized IT personnel of the Para Delta Company. The white box test is where the available information about the targets is distributed to the testing.

The information sometimes includes the source code of the applications. Testing of web applications is done using a gray box test, and the main purpose is to identify vulnerabilities within the applications. The company found out that the penetration tester can operate with the user accounts to adopt the point of view of a harmful attacker that is capable of gaining access through social engineering.

The client, together with the team conducting testing, evaluate the information that is valuable and necessary to be protected, and the application needed to be tested when making a decision on scope testing. The company found out that capturing the right information contact of the client-side helps to mitigate denial of service attack.

The tests are used to create awareness concerning the readiness of the supporting staff members in responding to incident and intrusion attempts. The client is informed about the testing process through time and date indication and also the source of addresses from where the testing. The penetration tests are always announced.

The data handling process requires special attention in the rule of engagement through which proper storage and communication measures are taken. For a penetration test to be successful, frequent communication is required and very fundamental. The testing team and client of the company are required to carry out regular meetings and give information concerning report status.

4.2. Determination of updates on security components

The Para Delta Company emphasized on the importance of software updates citing that there are critical patches to security network that requires regular monitoring and updates. This brings improvement to the stability of the software and also ensuring that the outdated features are removed.

These updates aim at making the service provider have a better experience. The latest patch implantation is done through efficient patch management, which ensures the security and smooth functioning of corporate software, and the company indicated that it should be automated by the use of specialized patch management solutions.

The aim of patch implementation is to ensure that all applications running on the network are secure and stable. The company listed how these goals can be achieved through taking control of software inventory, monitoring the existence of security for all operating systems and applications, by detecting any software that is not correctly patched, identifying patches to be applied to specific systems, testing of patches and ensuring that they are all installed at the right time to avoid risks to the network security.

5. Analysis of Risk Management Cost Advantage

The company found out that benefit-cost analysis provides one with means of identifying the situations in which the specific interventions to manage risks appear to be cost-effective of mitigating the risk of disaster and orders of magnitude involved. This process is significant in selecting the appropriate loss prevention and control measures.

5.1. Identification of cost test violations and implementation of control measures

Various tests violation were identified, and the implementation of security control measures to help mitigate the risk volume sufficiently (Stoneburner, Goguen, & Feringa, 2002). This provides security on an acceptable level and benefits for the company. These control measures on risk management include the elimination of automated machines that are vulnerable to malicious attackers, a substitution which reduces the risk by replacing a more vulnerable device with a secure device that is cost-effective, and engineering controls that ensure the protection of the service provider.

The engineering control gives priority to measures that protect all employees of the company over the individual measures.

References

Hu, H., Liu, Y., Zhang, H., & Pan, R. (2018). Optimal network defense strategy selection based on incomplete information evolutionary game. IEEE Access, 6, 29806-29821.

Li, M., Koutsopoulos, I., & Poovendran, R. (2007, May). Optimal jamming attacks and network defense policies in wireless sensor networks. In IEEE INFOCOM 2007-26th IEEE International Conference on Computer Communications (pp. 1307-1315). IEEE.

Stoneburner, G., Goguen, A., & Feringa, A. (2002). Risk management guide for information technology systems. Nist special publication, 800(30), 800-30.

Tiller, J. S. (2011). CISO’s guide to penetration testing: a framework to plan, manage, and maximize benefits. CRC Press.

Venkatraman, K., Daniel, J. V., & Murugaboopathi, G. (2013). Various attacks in wireless sensor network: Survey. International Journal of Soft Computing and Engineering (IJSCE), 3(1), 208-212.

Wilhelm, T. (2013). Professional penetration testing: Creating and learning in a hacking lab. Newnes.

 CST63044 Risk Threat and Vulnerability Management Essay

PLACE THE ORDER WITH US TODAY AND GET A PERFECT SCORE!!!