Project 1: Operating Systems Vulnerabilities (Windows and Linux)

Step 4: Review Vulnerability Assessment Tools for OS and Applications

Vulnerability assessment is scanning a network for known security weaknesses. Vulnerability scanners are software tools designed to provide an automated method for conducting vulnerability scans across an entire network that may run into hundreds or even thousands of machines. According to EC-Council (2018), vulnerability scanners can help identify the following types of weaknesses: 

• the OS version running on computers or devices 
• IP and Transmission Control Protocol/User Datagram Protocol (TCP/UDP) ports that are listening 
• applications installed on computers 
• accounts with weak passwords 
• files and folders with weak permissions 
• default services and applications that might have to be uninstalled 
• mistakes in the security configuration of common applications 
• computers exposed to known or publicly reported vulnerabilities 

Additionally, vulnerability scanners can be used to help predict the effectiveness of countermeasures (security controls) and to test the effectiveness of those controls in the production network. Further, vulnerability scanners also have limitations, primarily in that they are only as effective as the supporting databases and/or plug-ins at a point in time. Large, automated vulnerability scanning suites also require maintenance, tuning, and frequent updates to be able to detect new vulnerabilities. Finally, scanning engines are prone to both false positives and negatives. That is where you as the cybersecurity professional will apply your deep knowledge of the environment, network, and applications in use. 

Two common vulnerability scanners used in industry are the free Open Source scanner OpenVAS, and the commercial tool, Nessus. In this lab, you will use OpenVAS. Select the following links to learn more about OpenVAS and computer networks:

• OpenVAS
• Computer Networks

Your leadership will want to understand the capabilities of the OpenVAS scanner, so you will need to include that information in your Security Assessment Report (SAR). 
 
Use the tool’s built-in checks to complete the lab. For details on accessing the lab, see the “Complete This Lab” box below. 
 
Use OpenVAS to complete the following:

For the Windows OS: 

1. Determine if Windows administrative vulnerabilities are present. 
2. Determine if weak passwords are being used on Windows accounts. 
3. Report which security updates are required on each individual system. 
4. The tool provides a dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other groupings. 
5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. In this case, the OpenVAS tool will create and store individual XML security reports for each computer scanned and will display the reports in the graphical user interface in HTML. 

For the Linux OS: 

1. Determine if Linux vulnerabilities are present. 
2. Determine if weak passwords are being used on Linux systems. 
3. Determine which security updates are required for the Linux systems. 
4. The tool provides a dynamic assessment of missing security updates. Scan one or more computers by domain, IP address range, or other groupings. 
5. Once complete, provide a detailed report and recommendations on how to make your system a more secure working environment. 

 Knowledge acquired from this Workspace exercise will help your company’s client organizations secure the computer networks’ resources and protect corporate data from being stolen. 
 
Validate and record the benefits of using these types of tools. You will include this in the SAR. 
 
References 
 
EC-Council (2018). Certified Ethical Hacker (CEH) Version 10 eBook (Volumes 1 through 4). [VitalSource Bookshelf]. Retrieved from https://bookshelf.vitalsource.com/#/books/9781635671919

Complete This Lab

Resources

• Accessing the Virtual Lab Environment: Navigating UMGC Virtual Labs and Lab Setup
• Self-Help Guide (Workspace): Getting Started and Troubleshooting
• Link to the Virtual Lab Environment: https://vdi.umgc.edu/

Lab Instructions

• Vulnerability Assessment Tools for Operating Systems and Applications (OpenVAS)

Step 5: Create the Security Assessment Report

By using the OpenVAS security vulnerability assessment tool from the previous step, you now have a better understanding of your system’s security status. Use the results you obtained to create the Security Assessment Report (SAR) as part of your deliverables.

In your report to the leadership, make sure to emphasize the benefits of using the security tool, and provide recommendations based on your findings.

Remember to include analyses and conclusions in the SAR deliverable as follows:

1. After you provide a description of the methodology you used to make your security assessment, provide the actual data from the tools, the status of security and patch updates, security recommendations, and specific remediation guidance for your senior leadership.
2. Include any risk assessments associated with the security recommendations, and propose ways to address the risk either by accepting it, transferring it, mitigating it, or eliminating it.

Include your SAR in your final deliverable to leadership.

Step 6: Develop the Presentation

Based on what you have learned in the previous steps and your SAR, you will also develop a presentation for your company’s leadership.

Your upper-level management team is not interested in the technical report you generated from your Workspace exercise. Team members are more interested in the bottom line. You must help these non­technical leaders understand the very technical vulnerabilities you have discovered. They need to clearly see what actions they must either take or approve. The following are a few questions to consider when creating your non­technical presentation:

• How do you present your technical findings succinctly to a non­technical audience? Your Workspace exercise report will span many pages, but you will probably not have more than 30 minutes for your presentation and follow-up discussion.
• How do you describe the most serious risks factually but without sounding too dramatic? No one likes to hear that the entire network has been hacked, data has been stolen, and the attackers have won. You will need to describe the seriousness of your findings while also assuring upper-level management that these are not uncommon occurrences today.
• How do your Workspace exercise results affect business operations? Make sure you are presenting these very technical results in business terms that upper-level management will understand.
• Be clear about what action you are recommending. Upper-level managers will want to understand not only what you discovered, but also what you propose as a solution. They will want to know what decisions they need to make based on your findings.

Your goal for the presentation is to convince the leadership that the company needs to adopt at least one security vulnerability assessment tool to provide an extra layer of security.

The deliverables for this project are as follows:

1. Security Assessment Report (SAR): This report should be a seven- to eight-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
2. Nontechnical presentation: This is a set of eight to 10 PowerPoint slides for upper management that summarizes your thoughts regarding the findings in your SAR.
3. Lab: In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab.

Submit your deliverables after reading the instructions below.

Check Your Evaluation Criteria

Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them. To view the complete grading rubric, click My Tools, select Assignments from the drop-down menu, and then click the project title.

• 1.1: Organize document or presentation clearly in a manner that promotes understanding and meets the requirements of the assignment.
• 2.3: Evaluate the information in a logical and organized manner to determine its value and relevance to the problem.
• 5.4: Identify potential threats to operating systems and the security features necessary to guard against them.

Take Action

Submit your assignment to your instructor for review and feedback.

Follow these steps to access the assignment:

• Click My Tools in the top navigation bar.
• Click Assignments.
• Select the relevant assignment.