Order Vulnerability Process Assessment
Previously, the CEO told you about the breach at a rival company and his concerns for security at Mercury USA. In light of these developments, Mercury USA has decided to conduct vulnerability assessments. An outside firm has conducted penetration tests on Mercury’s systems and provided the reports. Now, it is up to you as the cyber threat analyst to look at those reports, apply them to the specific company setup and business needs, and recommend changes.
Mercury USA’s concerns:
· protecting customer information
· protecting proprietary business data
· protecting dangerous loads/hazardous materials during transportation
Before you came onboard, a third-party penetration tester was brought in to assess Mercury USA’s security posture and network. One of the findings from the pen test report was the realization that an important part of a VM process is a vulnerability scanner. The pen tester provided a scan report using the free tool Open Vulnerability Assessment Scanner (OpenVAS). Judy has provided you with the OpenVAS report for your initial analysis.
Your boss wants you to draft a two- to three-page vulnerability process and assessment memorandum addressing the main points of a VM process for Mercury USA. You will cover the main elements of a vulnerability management process, tailored to Mercury USA’s business in the transportation sector, evaluate the OpenVAS scanning tool, and provide recommendations for mitigating the vulnerabilities found within the OpenVAS report.
The third-party pen tester used the free tool Open Vulnerability Assessment Scanner (OpenVAS) to scan Mercury USA’s network. Review the report from the OpenVAS Scan.
As you review the scan, consider some important points from Lesson 5.6, Remediation:
· Difficulty of implementation
· Communication/change control
· Inhibitors to remediation
· Business process interruption
· Degrading functionality
How Will My Work Be Evaluated?
An important part of your duties as a cybersecurity analyst will involve analyzing data from multiple sources and sensors such as antivirus/antimalware scanners, firewalls, insider threat monitoring systems, intrusion detection/prevention systems, SIEMs, vulnerability scanners, web application scanners, and other tools. You will also process logs from applications, auditing, network infrastructure devices, internet of things (IoT) devices, mobile communications devices, printers, servers, security appliances, and generalized logging collectors like syslog and Windows Event Logs.
As a cybersecurity analyst, you will be considered the subject matter and technical expert. A large part of your work will focus on identifying, analyzing, and mitigating vulnerabilities. For this assignment, you are asked to provide your supervisor with a technical evaluation of the organization’s vulnerabilities and propose a vulnerability management process. By summarizing your results in a short memorandum, you are showing how you use your technical knowledge to convey your ideas to others in a professional setting. Your ability to express your findings using the right mix of technical detail in a business context using an accepted format is an important workplace skill.
The following evaluation criteria aligned to the competencies will be used to grade your assignment:
· 1.1.1: Articulate the main idea and purpose of a communication.
· 1.3.1: Identify potential sources of information that can be used to develop and support ideas.
· 1.4.1: Produce grammatically correct material in standard academic English that supports the communication.
· 10.1.1: Identify the problem to be solved.
· 10.1.2: Gather project requirements to meet stakeholder needs.
· 12.1.2: Formulate policies, processes, and procedures based upon identified business needs.
· 12.2.1: Identify systems for the risk assessment.
You will use this report to write a two- to three-page memorandum for your manager, Judy. Follow the instructions in the VM Process Overview Template to record your work.
Delete the instruction text before you submit your project.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more