StudyDaddy Information Systems Graduate Level Writing!!! Project 3 - Cybersecurity Only!!!

Graduate Level Writing!!! Project 3 - Cybersecurity Only!!!

Running Head: Security Assessment Repot (SAR) 0














Security Assessment Report (SAR)

CYB 610: Cyberspace and Cybersecurity Foundations

Me

University of Maryland University College










OS Overview

Operating System (OS)

This is an interface that sits between a user and hardware resources. Basically it is a software that has among others the following modules: file management modules, memory management module, process management modules, input and output and control module and peripheral device control modules.

User’s Role in OS.

In order to appreciate the role of users it must be recognized that an operating system provides users the services to execute the programs in a convenient way. So, the operating system interacts by users when the users play the roles of asking the operating system to do each of the following:

  • Role of direct program execution using threads and parallel programming routines.

  • Role of I/O operation request by writing to external devices and reading from the same.

  • Role of file system manipulation by creating directories.

  • Role of requesting communication by stopping some running processes or issuing interrupts and signals.

  • Role of requesting program verification by getting error detection and flagging of errors especially by parsers and debuggers and compilers which are part of the operating systems.

Kernel and OS Applications.

OS Types.

Batch operating system. This is a lack of direct interaction between the user and the computer so the user prepares his job on punch cards and gives it to computer operator much like calling customer care center nowadays. To increase processing batches of jobs are prepared meaning they have similar processing cycle and runt at one time. It was the initial generation of computing system.

Time-sharing operating systems. This second generation OS mostly in Unix/Linux allows many people located at various terminals to use a particular computer at the same time. Processors time is shared among multiple users simultaneously so the use of the term timesharing is allowed. In distributed computing environments, processors are connected and they use message passing systems to communicate and because of conditions such as global starvation and global deadlocks, additional layer of software called middleware is used and use of cohorts and elect ions algorithms justified.

OS Vulnerabilities

Windows Vulnerabilities

A threat is a force that is adversarial that directly can cause harm to availability, integrity or confidentiality of a computer information system including all the subsystems. A threat agent is an element that provides delivery mechanisms for a threat while an entity that initiates the launch of a threat is referred to as a threat actor (NIST, 2010). Threat actors are normally made more active through forces of too much curiosity or huge monetary gain without work or a big political leverage or any form of social activism and lastly by revenge (NIST, 2014).

Intrusion Methods.

Stealth port scans is an advanced technique in intrusion when port scanning can’t be detected by auditing tools. Normally, by observing frequent attempts to connect, in which no data is available, detecting intrusion is easy. In stealth port scans, ports scan are done at a very low rate such that it is hard for auditing tools to identify connections requests or malicious attempt to intrude into computer systems (NIST, 2010).

Common gateway interface is an interface between client side computing and server side computing. Cyber criminals who are good programmers can break into computer systems even without the usual login capabilities.

A server message block (SMB) works as an application layer protocol that functions by providing permissions to files, ports, processes and so on. A probe into SMB can check for shared entities that are available on the systems. If a cybercriminal uses an SMB probe, they can detect which files or ports are shared on the system.

Linux Vulnerabilities

A threat actor might purposefully launch a threat using an agent. A threat actor could be for instance be a trusted employee who commits an unintentional human error like a trusted employee who clicks on an email designed to be a phishing email then the email downloads a malware (NIST, 2010).

Intrusion Methods.

In OS fingerprinting attacks, the OS details of a target computer are looked after and the attacker goes for the same. Information looked after includes the vendor name, underlying OS, device type and such.

In buffer overflow attacks, the inputs provided to a program overruns the buffer’s capacity and spills over to overwrite data stored at neighboring memory locations. The attacker usually sets the new values to point to a location where the exploit payload has been positioned (Rouse, 2017). This alters the execution path of the process and effectively transfers control to the attacker's malicious code.

MAC Vulnerabilities

  • Hardware tampering: reported in MAC Tablets. Internal design procedures were not followed in manufacturing the apple devices.

  • Malicious software: discovered at the Payroll system using MAC system by programmers in department of labor.

  • Phishing attacks: occurred on a hacked distributed National Data Services system and reported to company.

Mobile Device Vulnerabilities

  • Date entry error: reported in windows 7 devices in which Microsoft mobile databases reported complaints about illegal login for Department of social welfare.

  • Denial of service: reported in Windows 8 phones. Internal routines overloaded in MIT’S Mobile Lab.

  • Earthquake: hurricanes and earthquakes in China and Japan destroy tablets at home and in office.

  • Espionage: Occurred on a hacked facial recognition system for FBI and reported to Android databases.

  • Floods: Reported in parts of South America and Central Asia flooding homes and destroying mobile devices.

Risk

When the risks have all been identified and risk levels determined, recommendations or countermeasures are drawn to mitigate or eliminate the risks. The goal is to reduce the risk to an acceptable level as considered by management just before system accreditation can be granted. The countermeasures draw their arguments from the following authoritative sources:

  • The effectiveness of the recommended options like system compatibility.

  • Legislation and regulations in place.

  • The strength of organization policy.

  • Overall Operational impact.

  • Safety and reliability of the system in consideration.

Accepting Risk

According to this risk assessment, 11 vulnerabilities were regarded as having low risk ratings, 15 as having moderate risk rating and 7 as having a high risk rating. These observations lead us to comment that the overall level of risk for the organization as Moderate.

Transferring Risk

Among the 33 total number of vulnerabilities identified, 49% are considered unacceptable because serious harm could result with the consequence of affecting the operations of the organization.

Mitigating Risk

Therefore, immediate mandatory countermeasures needs to be implemented so as to mitigate the risk brought about by these threats and resources should be made available so as to reduce the risk level to acceptable level.

Eliminating Risk

Of the identified vulnerabilities 51% are considered acceptable to the system because only minor problems may result from these risks and recommended countermeasures have also been provided to be implemented so as to reduce or eliminate risks.

Vulnerability Assessment Methodology

Microsoft Baseline Security Analyzer (MBSA) and OpenVAS

The MBSA security analyzer and the OpenVAS security also had routines which communicated with green bone security assessment center especially to provide the automated recommendation as evident in the Labs 2 and 3. The green bone security assessment center particularly succeeded in doing the following as evident in output file. Management has the option of doing the following in the corporation:

  • Accepting the risks and chosen recommended controls or negotiating an alternative mitigation, while reserving the right to override the green bone security assessment center and incorporate the proposed recommended control into the Amazons Plan of Action and Milestones.

Conclusion

This Risk Assessment Report (RAR) for the organization identifies risks of the operations especially in those domains which fails to meet the minimum requirements and for which appropriate countermeasures have yet to be implemented.  The RAR also determines the Probability of occurrence and issues countermeasures aimed at mitigating the identified risks in an endeavor to provide an appropriate level of protection and to satisfy all the minimum requirements imposed on the organization’s policy document.

The system security policy requirements are satisfied now with the exception of those specific areas identified in this report.  The countermeasure recommended in this report adds to the additional security controls needed to meet policies and to effectively manage the security risk to the organization and its operating environment.  Finally, the Certification Official and the Authorizing Officials (AO) must determine whether the totality of the protection mechanisms approximate a sufficient level of security, are adequate for the protection of this system and its resources and information.  The Risk Assessment Report supplies critical information and should be carefully reviewed by the AO prior to making a final accreditation decision.

References

1. Bradley, T. (October 17, 2016). Critical Vulnerability in Apple Mac OS. Retrieved from

https://www.lifewire.com/critical-vulnerability-in-apple-mac-os-x-2487643

2. National Institute of Standards and Technology (NIST). (2010). Guide for applying the risk

management framework to federal information systems. NIST Special Publication 800-37 Revision 1. Retrieved from http://csrc.nist.gov/publications/nistpubs/800-37-rev1/sp800-37-rev1-final.pdf

3. National Institute of Standards and Technology (NIST). (2012). Guide for Conducting Risk

Assessments. NIST Special Publication 800-30 Revision 1. Retrieved from

http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-30r1.pdf

4. National Institute of Standards and Technology (NIST). (2014). Assessing security and

privacy controls in federal information systems and organizations. NIST Special Publication 800-53A Revision 4. Retrieved from http://nvlpubs.nist.gov/nistpubs/ SpecialPublications/NIST.SP.800-53Ar4.pdf

5. National Institute of Standards and Technology (NIST). (2006). Electronic Authentication

Guideline. NIST Special Publication 800-63 Revision 1.0.2. Retrieved from http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-63ver1.0.2.pdf

6. Rouse, M. (2017). Definition: buffer overflow. Retrieved from

http://searchsecurity.

techtarget.com/definition/buffer-overflow


Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!