Home » Project 2 | Information Systems homework help

Project 2 | Information Systems homework help


Step 1: Defining the OS

The audience for your security assessment report (SAR) is the leadership of your organization, which is made up of technical and nontechnical staff. Some of your audience will be unfamiliar with operating systems (OS). As such, you will begin your report with a brief explanation of operating systems fundamentals and the types of information systems.

Click on and read the following resources that provide essential information you need to know before creating a thorough and accurate OS explanation:

  • operating      systems fundamentals
  • the      applications of the OS
  • The Embedded      OS
  • information      system architecture
  • cloud      computing
  • web      architecture

After reviewing the resources, begin drafting the OS overview to incorporate the following:

  1. Explain the      user’s role in an OS.
  2. Explain the      differences between kernel applications of the OS and the applications      installed by an organization or user.
  3. Describe the      embedded OS.
  4. Describe how      the systems fit in the overall information system architecture, of which      cloud computing is an emerging, distributed computing network      architecture..

Include a brief definition of operating systems and information systems in your SAR.

Step 2: OS Vulnerabilities

You just summarized operating systems and information systems for leadership. In your mind, you can already hear leadership saying “So what?” The organization’s leaders are not well versed in operating systems and the threats and vulnerabilities in operating systems, so in your SAR, you decide to include an explanation of advantages and disadvantages of the different operating systems and their known vulnerabilities.

Prepare by first reviewing the different types of vulnerabilities and intrusions explained in these resources:

  • Windows      vulnerabilities
  • Linux      vulnerabilities
  • Mac OS      vulnerabilities
  • SQL PL/SQL,      XML and other injections

Based on what you gathered from the resources, compose the OS vulnerability section of the SAR.  Be sure to:

  1. Explain      Windows vulnerabilities and Linux vulnerabilities.
  2. Explain the      Mac OS vulnerabilities, and vulnerabilities of mobile devices.
  3. Explain the      motives and methods for intrusion of the MS and Linux operating systems;
  4. Explain the      types of security awareness technologies such as intrusion detection and      intrusion prevention systems.
  5. Describe how      and why different corporate and government systems are targets.
  6. Describe      different types of intrusions such as SQL PL/SQL, XML, and other      injections

You will provide leadership with a brief overview of vulnerabilities in your SAR.

Step 3: Preparing for the Vulnerability Scan

You have just finished defining the vulnerabilities an OS can have. Soon you will perform vulnerability scanning and vulnerability assessments on the security posture of the organization’s operating systems. But first, consider your plan of action. Read these two resources to be sure you fully grasp the purpose, goals, objectives, and execution of vulnerability assessments and security updates:

  • Vulnerability      assessments
  • Patches

Then provide the leadership with the following:

  1. Include a      description of the methodology you proposed to assess the vulnerabilities      of the operating systems. Provide an explanation and reasoning of how the      methodology you propose, will determine the existence of those      vulnerabilities in the organization’s OS.
  2. Include a      description of the applicable tools to be used, and the limitations of the      tools and analyses, if any. Provide an explanation and reasoning of how      the applicable tools to be used, you propose, will determine the existence      of those vulnerabilities in the organization’s OS.
  3. Include the      projected findings from using these vulnerability assessment tools.

In your report, discuss the strength of passwords, any Internet Information Services’ administrative vulnerabilities, SQL server administrative vulnerabilities, and other security updates and management of patches, as they relate to OS vulnerabilities.

Step 4: Vulnerability Assessment Tools for OS and Applications

Note: You will use the tools in Workspace for this step. If you need help outside the classroom, register for the CLAB 699 Cyber Computing Lab Assistance (go to the Discussions List for registration information). Primary lab assistance is available from a team of lab assistants. Lab assistants are professionals and are trained to help you.

Click here to access the instructions for Navigating the Workspace and the Lab Setup.

Enter Workspace and complete the lab activities related to operating system vulnerabilities.

Click here to access the Project 2 Workspace Exercise Instructions. Explore the tutorials and user guides to learn more about the tools you will use.

You’ve prepared for your assessment; now it’s time to perform.

Security and vulnerability assessment analysis tools, such as Microsoft Baseline Security Analyzer (MBSA) for Windows OS and OpenVAS for Linux OS, are stand-alone tools designed to provide a streamlined method for identifying common security misconfigurations and missing security updates for the operating systems and applications. These tools work on layers 5-7 of the Open System Interconnection (OSI) model.

Your leadership will want to understand the differences and commonalities in the capabilities of both tools and will want this included in the SAR.

Use the tools’ built-in checks to complete the following for Windows OS (e.g., using Microsoft Baseline Security Analyzer, MBSA):

  1. Determine if      Windows administrative vulnerabilities are present.
  2. Determine if      weak passwords are being used on Windows accounts.
  3. Report which      security updates are required on each individual system.
  4. You noticed      that the tool you used for Windows OS (i.e., MBSA) provides dynamic      assessment of missing security updates. MBSA provides dynamic assessment      of missing security updates. Scan one or more computers by domain, IP      address range, or other grouping.
  5. Once      complete, provide a detailed report and recommendations on how to make      your system a more secure working environment. In this case, a tool such      as MBSA will create and store individual XML security reports for each      computer scanned and will display the reports in the graphical user      interface in HTML.

You will also complete a similar exercise for Linux OS (e.g., using the OpenVAS tool). Select the following links to learn more about OpenVAS and computer networks:

  • OpenVAS
  • Computer      Networks

Utilize the OpenVAS tool to complete the following:

  1. Determine if      Linux vulnerabilities are present.
  2. Determine if      weak passwords are being used on Linux systems.
  3. Determine      which security updates are required for the Linux systems.
  4. You noticed      that the tool you used for Linux OS (i.e., OpenVAS) provides dynamic      assessment of missing security updates. MBSA provides dynamic assessment      of missing security updates. Scan one or more computers by domain, IP      address range, or other grouping.
  5. Once      complete, provide a detailed report and recommendations on how to make      your system a more secure working environment

Knowledge acquired from this Workspace exercise and capability of this tool will help your company’s client organizations secure the computer networks’ resources and protect corporate data from being stolen.

Validate and record the benefits of using these types of tools. You will include this in the SAR.

Step 5: The Security Assessment Report

By utilizing security vulnerability assessment tools, such as MBSA and OpenVAS, you now have a better understanding of your system’s security status. Based on the results provided by these tools, as well as your learning from the previous steps, you will create the Security Assessment Report (SAR).

In your report to the leadership, emphasize the benefits of using a free security tool such as MBSA. Then make a recommendation for using these types of tools (i.e., MBSA and OpenVAS), including the results you found for both.

Remember to include these analyses and conclusions in the SAR deliverable:

  1. After you      provide a description of the methodology you used to make your security      assessment, you will provide the actual data from the tools, the status of      security and patch updates, security recommendations, and offer specific      remediation guidance, to your senior leadership.
  2. You will      include any risk assessments associated with the security recommendations,      and propose ways to address the risk either by accepting the risk,      transferring the risk, mitigating the risk, or eliminating the risk.

Include your SAR in your final deliverable to leadership.

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
The price is based on these factors:
Academic level
Number of pages
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more