CMGT431 University of Phoenix Security Vulnerability Report Homework

User Generated

tof411

Programming

CMGT431

Description

A security vulnerability report identifies the areas of the organization that are at risk of losing data, outages, etc. Typically, organizations categorize the report to focus on specific areas and highlight the level of risk per area. Based on the vulnerability report, organizations are able to plan appropriately for budgeting and resource improvements.

Write a 2½- to 3 ½-page security vulnerability report in Microsoft Word based on the organization you chose in Week 1. An internal review of your organization was previously conducted and found the following vulnerabilities:

  • A formal Password Policy has not been developed that meets your organization’s regulatory requirements.
  • The organization only uses single factor authentication using weak passwords.
  • Vulnerability Severity: High
  • Impact: Threats could easily guess weak passwords allowing unauthorized access.
  • Software configuration management does not exist on your organization’s production servers.
  • There are different configurations on each server and no operating system patching schedule.
  • Vulnerability Severity: Moderate
  • Impact: With ad hoc configuration management, the organization could inadvertently or unintentionally make changes to the servers that could cause a self-imposed denial of service.
  • An Incident Response Plan has not been developed.
  • There is not a formal process for responding to a security incident.
  • Vulnerability Severity: High
  • Impact: In the event of a security incident, an ad hoc process could allow the security incident to get worse and spread throughout the network; the actual attack may not be recognized or handled in a timely manner giving the attacker more time to expand the attack.

Consider people, processes, and technology that can be exploited by the source of a threat.

Include recommended countermeasures to mitigate the impacts and risks of the vulnerabilities.

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

hello t...


Anonymous
I use Studypool every time I need help studying, and it never disappoints.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4
Similar Content
Related Tags