Threat, Vulnerability, and Exploits Assessment Practices

User Generated

trrmltfq

Computer Science

Description

Threat, Vulnerability, and Exploits Assessment Practices

There are multiple ways to bring threats and vulnerabilities to light. Common practices and lessons learned can help us explore for known or common threats, but how does an organization with a unique or highly unusual setup discover its vulnerabilities? Many organizations turn to ethical hackers.
Write a four to five (4-5) page paper in which you:

  1. Describe common tools and techniques for identifying and analyzing threats and vulnerabilities.
  2. Critique the practice of offering rewards for discovering vulnerabilities.
  3. Explain the risks of challenging individuals to exploit vulnerabilities in your systems.
  4. Give your opinion on the formation of ethical hackers.
  5. Use at least two (2) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.

Must follow these formatting requirements:

  • Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
  • Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.

The specific learning outcomes associated with this assignment are:

  • Describe techniques for identifying relevant threats, vulnerabilities, and exploits.
  • Use technology and information resources to research issues in IT risk management.
  • Write clearly and concisely about topics related to IT risk management using proper writing mechanics and technical style conventions.

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Hello geezygsd, how have you been? I'm through with the assignment and here it is. Review through it and hit me up in case of anything pal. Always humbled to help. Thanks a lot.Your sincere compadre,Sarah.

Running head: THREAT, VULNERABILITY, AND EXPLOITS ASSESSMENT PRACTICES.1

THREAT, VULNERABILITY, AND EXPLOITS ASSESSMENT PRACTICES.
Name
Professor
Institution
Course
Date

THREAT, VULNERABILITY, AND EXPLOITS ASSESSMENT PRACTICES.

2

Introduction.
This research paper will amply help in the analysis of the threat, vulnerability, and the
exploitation of assessment practices. The paper discusses the correct methods and techniques that
can be employed in the identification and analysis of threats and vulnerabilities within
organizations. It also emphasizes on the advantages of ethical hacking to which many
organizations with unique or highly unusual setups turn into, in cases where they discover
vulnerabilities. This paper will be of great advantage to organizations that wish to detect and curb
flaws detected on their corporate or private networks.
Common tools and techniques for identifying and analyzing threats and vulnerabilities.
There is a huge number of tools and techniques that can be used in the identification and
analysis of threats and vulnerabilities which I’m going to explain. The first one is the use of
Protocol analyzer. A protocol analyzer is a tool that can either be a hardware or a software. It
captures traffic and analyses the signals through a specified, checked and scanned communication
channel. It also provides some ways of communication via a standard communication protocol.
Each of these protocol types comprise of several tools that collect data and information signals.
Port Scanners are basically software application tools designed for probing the servers or
hosts against the open ports. They are mostly utilized by administrators to help in the verification
of the security policies that are related to the networks locally being used by the stakeholders of
their organizations and also the networks used by hackers when trying to access their systems.
This is so as to keep a tally of the types and number of services running on their systems. Port
scans are employed when a server machine requests a range of server addresses currently being
utilized by particular host machines. The addresses are then analyzed and checked for

THREAT, VULNERABILITY, AND EXPLOITS ASSESSMENT PRACTICES.

3

vulnerabilities so as to make sure that machines controlled remotely don’t run services that are not
within the required service inventory.
A vulnerability scanner is an optimally designed software used to scan, check and ascertain
whether a currently installed program is designed to attack the machine or not. Major functions of
the vulnerability scanner are to assess the computer system, applications installing or already
installed and the network being utilized, then analyze and tell the probability of the system to get
attacked and the chances there are for the system to get infected. Most black hats and red hats
jeopardize this software’s functionality by creating accesses to unauthorized information, so it’s
always safe to run them as part of vulnerability management tasks carried out on the system at all
phases to ascertain the safety of the system.
Assessment techniques.
Techniques for identifying and analyzing threats and vulnerabilities are also quite vast and
they include Code review which is a systematic examination of the source codes within a computer
system. It’s examining the eligibility of a source code by analyzing the syntax and semantic errors
then correcting them by overlooking into initial development periods. They offer an advantage to
both the developer and the software or application being developed. Different forms are carried
out when reviewing the codes such as pair programming and informal walkthroughs. Removal of
the errors can also be done through various techniques like buffer overflows and memory leaks.
Therefore, this ascertains the overall safety of the software and the level of security the software
also offers the system it’s running in.
Baseline reporting, on the other hand, is the process of managing change within the
network and the system. To explain its concept, when a system is affected or in the case of a

THREAT, VULNERABILITY, AND EXP...


Anonymous
I was struggling with this subject, and this helped me a ton!

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags