Project Part 2: Identify Vulnerabilities in IT Security
Scenario
Aim Higher College has been the target of focused attacks from a variety of attackers. Your manager has assigned you the task to review the port and vulnerability scan data recently gathered from a typical system to determine what ports and services are exposed to attackers, and what vulnerabilities exist on that system.
Required Resources
?Access to the Internet
?Text sheet: Zenmap Intense Scan Results (ts_zenmapscan)
Tasks
1. Analyze the results of the Zenmap scan. Your report must answer the following questions:
?What are the first five open ports as identified by the Zenmap scan?
?Include the port number
?Include the service name
?Include a brief description of how each is used
2. The Nessus scan identified two critical vulnerabilities, identified as ID 32314 and ID 33850.
?Research the vulnerabilities against the Common Vulnerabilities and Exposure (CVE)database.
?Include the name and a brief description of each vulnerability.
3. Determine what can be done to protect the system and defend the campus network againstattempts to gather data, and to resolve vulnerabilities. Also determine which ports and services likely need to remain open.
4. Write a report targeted at IT management and systems administration staff explaining thevulnerabilities and protection mechanisms that Aim Higher College should adopt, which will be applied to all similar systems at the college.
Submission Requirements
?Format: Microsoft Word (or compatible)
?Font: Arial, size 12, double-space
?Citation Style: Follow your school’s preferred style guide
?Length: 2 to 4 pages