Discussion

By /

Week #4 Discussions

Discussion #382

Recently, you were hired as a Senior Microsoft 365 Administrator for Ninja Developers. The CIO is concerned about the following items.

  • Password Spray and Phishing Attacks
  • Reduce password reset tickets
  • Provide a report of compromised user accounts
  • Use Single Sign-On for an accounting application that is hosted on-premises

Address the following based on the given information.

  • What Azure AD authentication feature helps you reduce password spray and phishing attacks?
  • What can you configure to reduce the password reset tickets?
  • What report should you consult for compromised accounts?
  • What do you need to configure for the accounting application?

Discussion #382-2

As part of your Vulnerability Management project last week, you analyzed a report on a Windows system within the company network vulnerable to the MS17-010 exploit. That report was created using OpenVAS, a free vulnerability scanner designed to run on Linux operating systems (https://www.openvas.org/). Now that you’ve examined a vulnerability assessment report for a Windows machine, it’s time to see what the same tool produces from a Linux system. OpenVAS was used to scan a Linux machine on the network running the company’s database applications. This machine is using an older version of Linux because the company’s database applications are not supported with the latest Linux shared libraries. This system contains critical data and cannot be taken offline.

Your analysis of these two reports should provide you with a good understanding of the OpenVAS tool and the reports you will encounter in the workplace. The report used for this discussion limits the scope to a single host to allow you to focus on the vulnerabilities you would encounter on a Linux machine in the workplace. You will also be able to compare/contrast the vulnerabilities across the two OS platforms.

Looking ahead to Project 2’s VM Scanner Background Report (due at the end of Week 5), you will analyze the results from a commercial VM scanner. You’ll be better prepared to assess the output from the two different vulnerability scanning tools and to form the basis of your recommendation to management.

Review Report of Linux Server (OLD) and answer the following questions in your response:

1. For this Linux system, what do you recommend fixing right away? Are there dangers if the vulnerabilities and associated threats are not fixed? 
2. How do you fix the problem(s) identified? Can you defer mitigation for another time? How can the problem(s) be fixed if the system cannot be taken offline?

Judy is considering asking the pen tester to rescan the company systems using the commercial tool, Nessus. The organization has an evaluation version that can be used for 30 days. After that, the company will need to purchase the tool. The cost is significant.

3. Since some machines were already scanned with OpenVAS, should you also consider scanning the same systems with Nessus? Why or why not?
4. Conduct open source research using the internet. Roughly, what is the cost to license Nessus for one year?

Discussion #382-3

During job interviews, employers often ask if you are familiar with cybersecurity software. For this reason, it is a good idea to become familiar with commonly used software, including capabilities and limitations. These software products are the tools for conducting your day-to-day duties.

For the first six weeks of this course, you have been exposed to many different tools that an analyst should become familiar with: analyst tools, exploitation tools, and forensics tools. Provide a response in which you:

1. Describe a lab or a software tool that you used that has helped you to better understand the role of an analyst within an organization, such as:

  • Kali
  • Metasploit
  • Nessus
  • Nmap
  • Process Explorer
  • Splunk
  • Wireshark
  • Any other tool used in the course

2. Describe the process to install, set up, and configure the tool you selected above. Did you find the tool easy to use? Did you encounter challenges?

3. Highlight some of the benefits of the tool you selected above. Provide some examples of where you think using the tool would benefit you as a cybersecurity threat analyst. Why do you think the tool would be best?

Solution

This question has been answered.

Order Now
Scroll to Top