Preview

Calculate the Window of Vulnerability

Satisfactory Essays
Open Document
Open Document
446 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Calculate the Window of Vulnerability
Unit 2 Assignment 1: Calculate the Window of Vulnerability

The WoV covers a timeline from the moment a vulnerability is discovered and identified by the IT people. It also includes the time taken to fix the vulnerability. It is also important to explore the device(s) that were targeted by the attack. In this instance, being the SMB server within the LAN. The window of vulnerability is 8 days.
1. The WoV covers a timeline from the moment a vulnerability is discovered and identified by the IT people.
2. The critically of the vulnerability is that while the solution is being search, the network may be hacked and information may be jeopardize.
3. The amount of time between when a vulnerability is discovered and when it is eliminated is usually 8 days.
4. Early detection and responsible reporting helps to reduce the risk that a vulnerability might be exploited before it is repaired.
1 What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them.

2401593 CVE-2010-3213 2264072 CVE-2010-1886 980088 CVE-2010-0255 975497 CVE-2009-3103 98343 CVE-2010-0817

2. Do any vulnerabilities involve privilege elevation? Is this considered a high priority issue?

Only two from the five listed in question one are privileged elevation and identified by the asterisk alongside the CVE number. They are of importance but not considered a high priority issue as asked.

3. Identify and document at least three vulnerabilities and the solutions related to the client configurations.

Advisory Number: 977981
Solution: This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the

You May Also Find These Documents Helpful

  • Satisfactory Essays

    ISSC362 Week 2

    • 645 Words
    • 3 Pages

    Which tool and application were used to exploit the identified vulnerability on the targeted Microsoft® Windows 2003 XP server?…

    • 645 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Virtualize the Browser- Give user machines a virtualized instance of a pre-configured standard browser. This eliminates the freedom to surf unsafe websites, download questionable files, install browser toolkits, store passwords, etc. The virtual instance gives the ability to apply the same standards and security settings to each client machine using a copy. Even successful intruders will not be able to access the core OS or execute code…

    • 409 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    In order to try and correct the issue of the window of vulnerability (WOV), the LAN administrator needs to get the patch from Microsoft. Upon contact Microsoft has determined that it will take up to no less than three business days for the patch that we requested to be made available to us. Once we receive the patch we would need approximately several hours to download and then test out the patch to be certain that the patch will work and that this is the correct action to take to fix the Window of Vulnerability and seal the security breach on the Server Message Block server. Upon completion of testing the IT staff would need to hold a meeting to assess the quickest and most correct course of action to take after the patch has been installed to determine how to apply the patch apply it to the server and also to client computers depending on the process the IT staff decides to take it can take anywhere from one to three business days for the completion date to be met. If the IT staff were to work around the clock for overtime in shifts and the security breach was reported on a Friday with three days for the patch to be made and a week to troubleshoot and test the patch.…

    • 391 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Is3110 Week2 Assignment

    • 348 Words
    • 2 Pages

    For this assignment, imagine that you work for U.S. Industries, Inc. as a network administrator. Your…

    • 348 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    3. Identify and document at least three vulnerabilities and the solutions related to the client configurations.…

    • 290 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    100 NT 2580 U2A1

    • 465 Words
    • 2 Pages

    First, what is the definition of Window of Vulnerability (WoV)? According to www.techopedia.com, an IT dictionary and more for the IT word, the definition states that “vulnerability is a cyber-security term that refers to a flaw in a system that can leave it open to attack. Vulnerability may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat.”¹ To calculate this time frame or window of vulnerability mean that we much think about a number of attributes to the situation. The specific attributes we must use in the calculation are the time it takes the attack to start and when the attack is found and removed or fixed. The time from the start to the removal or fix is the window of vulnerability.…

    • 465 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Solution: This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights…

    • 272 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    wk 4 lab 2

    • 403 Words
    • 1 Page

    1. Unauthorized network probing and port scanning. IP router, firewall and network appliance operation system vulnerability.…

    • 403 Words
    • 1 Page
    Satisfactory Essays
  • Good Essays

    Lab 7

    • 928 Words
    • 3 Pages

    1. What are some common risks, threats, and vulnerabilities commonly found in the LAN-to-WAN Domain that must be mitigated through a layered security strategy?…

    • 928 Words
    • 3 Pages
    Good Essays
  • Better Essays

    NT2580 Graded Assignments

    • 5288 Words
    • 22 Pages

    I have correctly matched all the risks or threats within the seven domains of a typical IT infrastructure with the solutions and preventative actions.…

    • 5288 Words
    • 22 Pages
    Better Essays
  • Satisfactory Essays

    IS3445 Lab 7

    • 371 Words
    • 2 Pages

    4. Did the static analysis tool find all the potential security flaws in the application?…

    • 371 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Red Zuma Project

    • 402 Words
    • 2 Pages

    5. The total duration to complete the project changed and actually increased after resource leveling and made the completion later than the original…

    • 402 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Aup Definition

    • 554 Words
    • 3 Pages

    Refer to the handout Testing and Monitoring Security Controls. It contains information on security events or breaches and baseline anomalies.…

    • 554 Words
    • 3 Pages
    Satisfactory Essays
  • Good Essays

    Failure Mode and Effects Analysis is a systematic and proactive technique for evaluating a process to identify where and how it might fail and to assess the relative impact of different failures, in order to identify the parts of the process that are most in need of change. FMEA analysis each item in a system, considers each possible way in which the respective item can fail, determines how each failure will affect system operation, and utilizes the results of the analysis to eliminate the root causes of failures or at least alleviate their effects.…

    • 910 Words
    • 4 Pages
    Good Essays
  • Powerful Essays

    The automated process of proactively identifying vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited andthreatened While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the networks security.…

    • 3248 Words
    • 13 Pages
    Powerful Essays