PricingBlogAbout Us

Analyzing Information Security Vulnerabilities and Remediation

Verified

Added on  2023/03/20

|7
|1269
|70
Homework Assignment
AI Summary
This assignment delves into various information security vulnerabilities, categorizing them by severity and providing specific remediation steps for each. The vulnerabilities discussed include those related to Microsoft Windows SMB Shares, D-Link DCC Protocol, MS09-050, Linksys Router default passwords, and multiple versions of iTunes. The assignment also explores why some vulnerabilities require OS configuration changes rather than simple patches or upgrades. Furthermore, it outlines a process for monthly vulnerability scanning, review, and remediation, emphasizing the importance of risk identification, communication, policy updates, and metric development. The assignment references the Common Vulnerabilities and Exposures (CVE) website and Nessus reports, highlighting the need for tailored approaches in different environments and the significance of addressing false positives in scanning results.
Document Page
Running head: INFORMATION SECURITY
INFORMATION SECURITY
Name of the Student
Name of the Organization
Author Note
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1INFORMATION SECURITY
Vulnerabilities categorized as high
Microsoft Windows SMB Shares Unprivileged Access
For restricting the access under Windows, first the explorer is to be opened and after that
right click is to be made upon each share. Then there will be need to move to the particular tab of
‘sharing’ and then ‘permissions’ option is to be clicked upon.
D-Link DCC Protocol Security Bypass
It has been observed that there are no such particular way for providing remediation for
such a vulnerability where the remote D-link Click ‘n Connect Daemon doesn’t implement any
kind of authentication and hence allows several remote attackers to highly view the configuration
as well as control several functions via the particular service which is affected. While it can just
be recommended that several organizations must place a much higher priority upon the
protection of several wireless clients as well as points of access.
MS09-050: Microsoft Windows SMB2 _Smb2ValidateProviderCallback() Vulnerability
(975497) (uncredentialed check)
For this kind of vulnerability, it has been observed that Microsoft has released a
particular patch for Windows Vista as well as Windows Server 2008. It can be recommended
some of the vulnerability tools of management like AVDS can be utilised in such a case of
vulnerability. AVDS is mostly alone in utilising the particular testing based upon behaviour
which will the possessing with the capability of eliminating such an issue. In such a case, the
procedure of penetration testing will be helping a lot in discovering vulnerabilities in Microsoft
Document Page
2INFORMATION SECURITY
Windows SMB2 '_Smb2ValidateProviderCallback()' Vulnerability (MS09-050, Network Check)
and this will be producing the highest accuracy rate of discovery.
Linksys Router Default Password (admin)
In such a case, the remediation procedure will be involving the development of a
connection to this port with the browser of web and then ‘Password’ section will have to be
clicked upon for setting a password which will be very much strong for preventing any kind of
attacks.
iTunes < 9.2.1 'itpc:' Buffer Overflow Vulnerability (uncredentialed check)
In such a kind of vulnerability where the remote version of iTunes is much older than
9.2.1, then such versions become very much prone to the particular vulnerability of the overflow
of buffer during the handling of itpc. The process of remediation will be only the upgradation to
iTunes 9.2.1 or later.
iTunes < 9.1 Multiple Vulnerabilities (uncredentialed check)
In such a case of vulnerability where the remote host mostly contains particular
application which is highly affected by a number of vulnerabilities, only one possible way for
remediation can be made which will be nothing but the upgradation to iTunes 9.1 or later.
iTunes < 9.0.1 PLS File Buffer Overflow (uncredentialed check)
In such a case of vulnerability where the remote host containing a particular application
which is highly affected by the vulnerability of buffer overflow, it can be stated that the only
possible way of remediation will be the upgradation to iTunes 9.0.1 or later.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
3INFORMATION SECURITY
CentOS Update Set
For preventing such kind of vulnerability where the remote operating system of CentOS
will become out-of-date, the only possible procedure of remediation will be the application of the
latest Update Set.
Explanation based upon the readings, why sometimes vulnerabilities
need to be addressed by several alterations to the OS configuration
and why not every vulnerability can be quickly remediated with a
patch or upgrade
In some of the cases, it has been observed that there huge concerns regarding the
upgradation to a full new version or rather for taking a particular patch. There are a number of
questions related to compatibility with some other programs, no transferring of content or rather
the most favourite feature being taken away. While taking such kinds of updates are considered
to be very much essential and sometimes it may be not enough as well. Even, sometimes there is
a huge need for making the OS much tougher or rather hardening the OS. The particular need
will be involving taking all kinds of needed updates, upgrades or rather patches to a particular
system mainly for enabling some full new features. There are even many instances where some
companies may be running certain systems of legacy and a number of planning carefully has to
be taken place first.
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
4INFORMATION SECURITY
Outlining a process for monthly vulnerability scanning, review and
remediation
On a particular monthly basis, there is a huge need for scanning of several kinds of
vulnerabilities within the networks. This can be easily done with the help of several avenues. It
can be best done within the company. It has been referenced that Nessus has utilised in the
previous scanning and there will make sense for utilising moving forward. The scans are quite
straight forward to perform in a well manner but the getting all of them the procedure of
correction of all the findings is the actual difficult part. While reading Common Vulnerabilities
and Exposures website, it can be clearly shown that there are certain considerations which are
needed to be made and they are:
1) Identification of the risk where it is seen what is the issue to begin and start going from
there.
2) Proper communication which will be showing what actually has been found within the
scan to all those who are needed to be known.
3) Either update or rather the creation of policy is highly needed.
4) Development of metrics for the measurement of compliance.
There is not at all a particular concept of “one size fits all” within the situation. Each and
every environment will be totally different and hence will be needing a separate approach.
Another concern while looking at the scanning is always seen to be present which actually the
false-positives are. Due to all the false-positives while is capable of making a “tail-chase” it is
really very much essential for getting a specific scanner which will be very much helpful for the
Document Page
5INFORMATION SECURITY
identification or rather for ignoring all the false-positives. In the scanner of Nessus, it utilises the
banner which has been returned while the connections is seen to be done to all the ports.
The main idea is to get all for the particular procedure of buy-in this for helping in ensuring
about the basic fact that it will be getting support which is needed to be successful. All the scans
will be showing the particular software which will be needed to be updated and that particular
update may be needing some work which will be very much involved from a number of
departments. It is very much important for keeping the entire enterprise safe and also the system
to be running with its full potential.

This is a preview!

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
6INFORMATION SECURITY
References
CVE - Common Vulnerabilities and Exposures (CVE) . (2019). Cve.mitre.org. Retrieved 18 May
2019, from http://cve.mitre.org/
Nessus Report. (2019). Static.tenable.com. Retrieved 18 May 2019, from
http://static.tenable.com/reports/Full-Network-Scan-Details.html
chevron_up_icon
1 out of 7
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.