Current Security Threats? Overall Scenario Aim Higher College is a fictitious institution located in the United States. The college offers undergrad
Part 1: Current Security Threats
Overall Scenario
Aim Higher College is a fictitious institution located in the United States. The college offers undergraduate and graduate courses in domains, such as business management, information security, and nursing. Imagine that you have a new job at Aim Higher College as an information security analyst. Throughout this course, you will analyze the threats and vulnerabilities of Aim Higher College and recommend controls to secure the college’s information systems.
Scenario
It is your first day at the job in the information security department, and you are called for a meeting. In the meeting the need for strengthening the information security for the college is discussed, and everyone agrees that the first step in this direction is to identify the top five threats that are a potential risk to Aim Higher College.
The college’s administrative staff and faculty run the latest version of Microsoft Windows on their primary workstations, whereas students’ laptops may run Windows or macOS. The college’s web servers run on Linux; however, all other servers are Windows Server-based. Student, staff, and faculty mobile devices, such as tablets and smartphones, run on iOS or Android; all mobile devices can connect to the campus network.
Tasks
You have been given the responsibility to determine the top five threats that Aim Higher College faces. You asked your supervisor for support in this task and he gave you the following resources that might be useful in your research and analysis:
Microsoft Security Advisories and Bulletins (https://docs.microsoft.com/en-us/security-updates/)
Common Vulnerabilities and Exposure (CVE) database search (http://cve.mitre.org/find/index.html)
Security organizations, such as Secunia (http://secunia.com/)
Your supervisor has also asked you to consider the following questions as you shortlist the threats:
What threats are new this year, and which have become more prevalent?
Why are these threats more common and why are they important?
What threats remain constant from year to year? Why?
What threats do you believe will become more critical in the next 12 months? Why?
What is the likelihood of an exploit affecting Aim Higher College, and which operating system(s) does it target?
With these considerations in mind, write a summary report of the top five threats to Aim Higher College. Briefly explain why you have selected them and what effect they might have on the institution or its students, employees, graduates, or other communities on campus.
Part 2: Identify Vulnerabilities in IT Security
Overall Scenario
Aim Higher College is a fictitious institution located in the United States. The college offers undergraduate and graduate courses in domains, such as business management, information security, and nursing. Imagine that you have a new job at Aim Higher College as an information security analyst. Throughout this course, you will analyze the threats and vulnerabilities of Aim Higher College and recommend controls to secure the college’s information systems.
Scenario
Aim Higher College has been the target of focused attacks from a variety of attackers. Your manager has assigned you the task to review the port and vulnerability scan data recently gathered from a typical system to determine what ports and services are exposed to attackers, and what vulnerabilities exist on that system.
Required Resources
Access to the Internet
Text sheet: Zenmap Intense Scan Results pdf file (hacking_ts_zenmapscan.pdf Download hacking_ts_zenmapscan.pdf)
Tasks
1. Analyze the results of the Zenmap scan. Your report must answer the following questions:
What are the first five open ports as identified by the Zenmap scan?
Include the port number
Include the service name
Include a brief description of how each is used
2. The Nessus scan identified two critical vulnerabilities, identified as ID 32314 and ID 33850.
Research the vulnerabilities against the Common Vulnerabilities and Exposure (CVE) database .
Include the name and a brief description of each vulnerability.
3. Determine what can be done to protect the system and defend the campus network against attempts to gather data, and to resolve vulnerabilities. Also determine which ports and services likely need to remain open.
4. Write a report targeted at IT management and systems administration staff explaining the vulnerabilities and protection mechanisms that Aim Higher College should adopt, which will be applied to all similar systems at the college.
Submission Requirements for both parts of the project:
- Format: Microsoft Word
- Font: Arial, 12-Point, Double-Space
- Citation Style: APA
- Length: Each part should have a minimum of 3 pages. So overall report size should be a minimum of 6 pages (excluding title page and bibliography).
This document is required to complete part of the course-wide project. The following are results of an Intense Scan performed in Zenmap.
Starting Nmap 6.40 ( http://nmap.org ) at 2018-08-04 09:20 Pacific Daylight Time
NSE: Loaded 110 scripts for scanning. NSE: Script Pre-scanning. Initiating ARP Ping Scan at 09:20 Scanning 172.30.0.30 [1 port] Completed ARP Ping Scan at 09:20, 0.23s elapsed (1 total hosts) Initiating SYN Stealth Scan at 09:20 Scanning 172.30.0.30 [1000 ports] Discovered open port 139/tcp on 172.30.0.30 Discovered open port 53/tcp on 172.30.0.30 Discovered open port 23/tcp on 172.30.0.30 Discovered open port 5900/tcp on 172.30.0.30 Discovered open port 3306/tcp on 172.30.0.30 Discovered open port 445/tcp on 172.30.0.30 Discovered open port 80/tcp on 172.30.0.30 Discovered open port 21/tcp on 172.30.0.30 Discovered open port 111/tcp on 172.30.0.30 Discovered open port 22/tcp on 172.30.0.30 Discovered open port 25/tcp on 172.30.0.30 Discovered open port 8180/tcp on 172.30.0.30 Discovered open port 1524/tcp on 172.30.0.30 Discovered open port 8009/tcp on 172.30.0.30 Discovered open port 6667/tcp on 172.30.0.30 Discovered open port 5432/tcp on 172.30.0.30 Discovered open port 514/tcp on 172.30.0.30 Discovered open port 1099/tcp on 172.30.0.30 Discovered open port 6000/tcp on 172.30.0.30 Discovered open port 2121/tcp on 172.30.0.30 Discovered open port 2049/tcp on 172.30.0.30 Discovered open port 513/tcp on 172.30.0.30 Discovered open port 512/tcp on 172.30.0.30 Completed SYN Stealth Scan at 09:20, 0.41s elapsed (1000 total ports) Initiating Service scan at 09:20 Scanning 23 services on 172.30.0.30 Completed Service scan at 09:20, 11.16s elapsed (23 services on 1 host) Initiating OS detection (try #1) against 172.30.0.30 mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using –system-dns or specify valid servers with –dns-servers NSE: Script scanning 172.30.0.30. Initiating NSE at 09:21 Completed NSE at 09:21, 31.80s elapsed Nmap scan report for 172.30.0.30 Host is up (0.0022s latency). Not shown: 977 closed ports PORT STATE SERVICE VERSION
21/tcp open ftp vsftpd 2.3.4 |_ftp-anon: Anonymous FTP login allowed (FTP code 230) 22/tcp open ssh OpenSSH 4.7p1 Debian 8ubuntu1 (protocol 2.0) | ssh-hostkey: 1024 60:0f:cf:e1:c0:5f:6a:74:d6:90:24:fa:c4:d5:6c:cd (DSA) |_2048 56:56:24:0f:21:1d:de:a7:2b:ae:61:b1:24:3d:e8:f3 (RSA) 23/tcp open telnet Linux telnetd 25/tcp open smtp Postfix smtpd |_smtp-commands: metasploitable.localdomain, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN, | ssl-cert: Subject: commonName=ubuntu804- base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX | Issuer: commonName=ubuntu804- base.localdomain/organizationName=OCOSA/stateOrProvinceName=There is no such thing outside US/countryName=XX | Public Key type: rsa | Public Key bits: 1024 | Not valid before: 2010-03-17T13:07:45+00:00 | Not valid after: 2010-04-16T13:07:45+00:00 | MD5: dcd9 ad90 6c8f 2f73 74af 383b 2540 8828 |_SHA-1: ed09 3088 7066 03bf d5dc 2373 99b4 98da 2d4d 31c6 |_ssl-date: 2018-08-04T16:20:12+00:00; -50s from local time. 53/tcp open domain ISC BIND 9.4.2 | dns-nsid: |_ bind.version: 9.4.2 80/tcp open http Apache httpd 2.2.8 ((Ubuntu) DAV/2) |_http-methods: No Allow or Public header in OPTIONS response (status code 200) |_http-title: Metasploitable2 – Linux 111/tcp open rpcbind 2 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2 111/tcp rpcbind | 100000 2 111/udp rpcbind | 100003 2,3,4 2049/tcp nfs | 100003 2,3,4 2049/udp nfs | 100005 1,2,3 46502/udp mountd | 100005 1,2,3 59389/tcp mountd | 100021 1,3,4 42125/tcp nlockmgr | 100021 1,3,4 58483/udp nlockmgr | 100024 1 37968/tcp status |_ 100024 1 53793/udp status 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP) 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: WORKGROUP) 512/tcp open exec netkit-rsh rexecd 513/tcp open login? 514/tcp open shell? 1099/tcp open java-rmi Java RMI Registry 1524/tcp open shell Metasploitable root shell
2049/tcp open nfs 2-4 (RPC #100003) 2121/tcp open ftp ProFTPD 1.3.1 3306/tcp open mysql MySQL 5.0.51a-3ubuntu5 | mysql-info: Protocol: 10 | Version: 5.0.51a-3ubuntu5 | Thread ID: 12 | Some Capabilities: Connect with DB, Compress, SSL, Transactions, Secure Connection | Status: Autocommit |_Salt: !J1V>[email protected],XX0(v<hu5E>E 5432/tcp open postgresql PostgreSQL DB 8.3.0 – 8.3.7 5900/tcp open vnc VNC (protocol 3.3) | vnc-info: | Protocol version: 3.3 | Security types: |_ Unknown security type (33554432) 6000/tcp open X11 (access denied) 6667/tcp open irc Unreal ircd | irc-info: | server: irc.Metasploitable.LAN | version: Unreal3.2.8.1. irc.Metasploitable.LAN | servers: 1 | users: 1 | lservers: 0 | lusers: 1 | uptime: 0 days, 0:57:59 | source host: A46BC482.A40F3517.714E1E9C.IP |_ source ident: nmap 8009/tcp open ajp13 Apache Jserv (Protocol v1.3) |_ajp-methods: Failed to get a valid response for the OPTION request 8180/tcp open http Apache Tomcat/Coyote JSP engine 1.1 |_http-favicon: Apache Tomcat |_http-methods: No Allow or Public header in OPTIONS response (status code 200) |_http-title: Apache Tomcat/5.5 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at http://www.insecure.org/cgi-bin/servicefp-submit.cgi : SF-Port514-TCP:V=6.40%I=7%D=8/13%Time=53EB9060%P=i686-pc-windows-windows%r SF:(NULL,33,"x01getnameinfo:x20Temporaryx20failurex20inx20namex20res SF:olutionn"); MAC Address: 62:BA:80:38:19:87 (Unknown) Device type: general purpose Running: Linux 2.6.X OS CPE: cpe:/o:linux:linux_kernel:2.6 OS details: Linux 2.6.9 – 2.6.33 Uptime guess: 0.037 days (since Aug 4 08:27:52 2018) Network Distance: 1 hop TCP Sequence Prediction: Difficulty=201 (Good luck!)
IP ID Sequence Generation: All zeros Service Info: Hosts: metasploitable.localdomain, localhost, irc.Metasploitable.LAN; OSs: Unix, Linux; CPE: cpe:/o:linux:linux_kernel Host script results: | nbstat: | NetBIOS name: METASPLOITABLE, NetBIOS user: <unknown>, NetBIOS MAC: <unknown> | Names | METASPLOITABLE<00> Flags: <unique><active> | METASPLOITABLE<03> Flags: <unique><active> | METASPLOITABLE<20> Flags: <unique><active> | x01x02__MSBROWSE__x02<01> Flags: <group><active> | WORKGROUP<00> Flags: <group><active> | WORKGROUP<1d> Flags: <unique><active> |_ WORKGROUP<1e> Flags: <group><active> | smb-os-discovery: | OS: Unix (Samba 3.0.20-Debian) | NetBIOS computer name: | Workgroup: WORKGROUP |_ System time: 2018-08-04T12:20:12-04:00 TRACEROUTE HOP RTT ADDRESS 1 2.16 ms 172.30.0.30 NSE: Script Post-scanning. Initiating NSE at 09:21 Completed NSE at 09:21, 0.00s elapsed Read data files from: C:Program Files (x86)Nmap OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 55.81 seconds Raw packets sent: 1020 (45.626KB) | Rcvd: 1016 (41.430KB)
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.