Vulnerability Assessment Of Network Security

Added on - 30 Sep 2019

  • 13

    pages

  • 4119

    words

  • 99

    views

  • 0

    downloads

Showing pages 1 to 4 of 13 pages
Network Security Proposal TemplateNetwork Security ProposalPrepared for: CollegePrepared by:Student Name
I. Analysis and PlanningA. Vulnerability AssessmentRequirementsIn therequirementssection, students will make explicit UMUC’s requirements for avulnerability assessment. Use the information provided in the TestOut LabSim and thescenario to explain the requirements for UMUC need to a vulnerability assessment. If youneed more information,feel free to ask your instructor or make some assumptions. If youmake assumptions, be sure to list them.This section should be used to describe thevulnerability assessment requirements of the task at hand.That is, you will be makingexplicit the requirements as you understand them, which will lead to the next section (yourproposed solution). See below for an example. Given this section requires informationrelated to vulnerability assessments, students should review TestOut LabSim section 11(Assessments and Audits), and use additional resources as necessary.Example (Note: The paragraph that follows is an example. It is expected that students will usethis as a reference only. Do not copy and paste into your network security proposal.Remember to include references and cite your work per the IEEE standard.)Secure Network Contractors believes that students, faculty, and staff health, wellbeing,and morale have a significant impact on the learning experience and productivity of theacademic institution. The university wants to ensure a secure operating environment forthe students, faculty and staff. In order to achieve that desire, a current understanding ofany vulnerabilities that may exist is necessary. Therefore, a requirement for the universityis to perform a vulnerability assessment on the existing configuration. Below we makeexplicit how we will successfully achieve this requirement. That is, we propose what canbe done to achieve the requirement of the vulnerability assessment. Then, we justify whythis is a necessary requirement for the Network Security Proposal. Etc... (Students shouldcontinue to explain the technical requirements).Proposed SolutionIn theproposed solutionsection, students willprovide details of the proposed solution,based on the technical requirements and assumptions. Student should be specific and useadditional resources as necessary. For example, if the solution is to perform a vulnerabilityassessment with a vulnerability scanner, research the types of vulnerability scanners currently
available. Select one and describe it to the reader. Given this section requires us to understandvulnerability assessments, students should review TestOut LabSim section 11 (Assessmentsand Audits), and use additional resources as necessary.Example (Note: The paragraph that follows is an example. It is expected that students will usethis as a reference only. Do not copy and paste into your network security proposal.Remember to include references and cite your work per the IEEE standard.)Secure Network Contractors has researched the available vulnerabilities scanners that willallow us to meet the requirement of performing a vulnerability assessment on the UMUCnetwork. A vulnerability scanner is a software program that passively searches an application,computer, or network for weaknesses. [1] Weaknesses in the context of a vulnerabilityassessment relate to vulnerabilities such as open ports, active IP addresses, runningapplication or services, missing critical patches, default user accounts that have not beendisabled, default or blank passwords, misconfiguration, and missing security controls. [1] Thesolutions available include freely available scanners, and those that can be purchased. Thedifferences between these two types of vulnerability scanners are based on their functionalityand outputs. For example, some vulnerability scanners that are free offer a command line toolto perform the scan. Some of the paid vulnerability scanners offer an intuitive, Graphical UserInterface (GUI) that allows for a point-and-click solution. The output provided by the scannersrange from a list of vulnerabilities to a graphical depiction of the network. Secure NetworkContractors recommends an initial vulnerability scan with a freely available tool called OpenVulnerability Assessment System (OpenVAS), so that we can understand the existing networksecurity posture. After we perform the necessary patches and network security implementationdescribed in the remainder of the proposal, we suggest performing a second vulnerabilityassessment with a second vulnerability scanner tool. This will enable us to initially identifyvulnerabilities, fix them to the best of our ability, implement additional security mechanisms, andthen rescan the network a second time with another vulnerability scanner to see how well wedid. The process is repeatable and should be used continuously to provide situationalawareness of our network security posture. Etc... (Students should continue to explain thetechnical requirements).JustificationThis section should be used tojustify your proposed solution based on therequirement(s).That is, you are explaining why you proposed the solution in theaforementioned paragraph, based on the requirement you made explicit in aforementionedparagraph. Each section should allow the reader to proceed from requirement, to solution, tojustification. Given this section requires us to understand vulnerability assessments, studentsshould review TestOut LabSim section 11 (Assessments and Audits), and use additionalresources as necessary.Example (Note: The paragraph that follows is an example. It is expected that students will usethis as a reference only. Do not copy and paste into your network security proposal.
Remember to include references and cite your work per the IEEE standard.)Secure Network Contractors believes that Open Vulnerability Assessment System(OpenVAS) is the best solution based on the requirements described by the University ofMaryland University College (UMUC). Specifically, the requirement that we perform avulnerability assessment. This initial assessment will be one of many we propose areperformed. We proposed OpenVAS because it is free, with most components licensedunder the GNU General Public License (GNU GPL). OpenVAS requires an initialconfiguration on a Linux-based host, but provides an intuitive and easy to managebackend to determine network and host-based vulnerabilities. Etc... (Students shouldcontinue to explain their justification).B. Security PolicyRequirementsIn therequirementssection, students will make explicit UMUC’s requirements for a securitypolicy. Given this section requires information related to security policies, students shouldreview TestOut LabSim section 4 (Policies, Procedures, and Awareness), and use additionalresources as necessary.Proposed SolutionIn theproposed solutionsection, students willprovide details of the proposed solution,based on the technical requirements and assumptions. Student should be specific and useadditional resources as necessary. Given this section requires us to understand securitypolicies, students should review TestOut LabSim section 4 (Policies, Procedures, andAwareness), and use additional resources as necessary.JustificationThis section should be used tojustify your proposed solution based on therequirement(s).That is, you are explaining why you proposed the solution in theaforementioned paragraph, based on the requirement you made explicit in aforementionedparagraph. Each section should allow the reader to proceed from requirement, to solution, tojustification. Given this section requires us to understand security policies, students shouldreview TestOut LabSim section 4 (Policies, Procedures, and Awareness), and use additionalresources as necessary.C. Risk Management
desklib-logo
You’re reading a preview
card-image

To View Complete Document

Become a Desklib Library Member.
Subscribe to our plans

Unlock This Document