DFC 610-Cyber Foundations

Project 2: OPERATING SYSTEM VULNERABILITY LAB

Microsoft (MS), Baseline Security Analyzer (MBSA), and the Open Vulnerability Assessment System (OpenVAS) operating system (OS) vulnerability (OSV) scanning tools were required to conduct Lab 2. This Lab required the security manager (Sec Mgr) and system administrator (Sys Admin) to use the MBSA and OpenVAS tools to scan for OS vulnerabilities across the company’s network for Windows (Microsoft Office) and LINUX. Screenshots provided displays the process of using both of these tools. While using the tools during this lab, the Security Manager and the System Administrator noted that the MBSA tools were more simplified to use and provided a more detailed list of findings and remediation steps for all types of Microsoft Office (MO) vulnerabilities. It also concluded, that the OpenVAS tool was much more difficult to use due to it requiring the user to have a decent knowledge or understanding of the Linux operating system and commands. Although, the operation was more challenging, the OpenVAS tool provided a more comprehensive list of common vulnerabilities and exposure findings that encompassed all vulnerabilities. This detailed list also includes hyperlinks that explained remediation instructions for the system administrator to use. The Microsoft Baseline Security Analyzer (MBSA) scan of the network granted the Security Manager and the System Administrator with a list of vulnerabilities. In addition to the notation that the Windows Firewall was disabled without proper authorization. This led to incorrect auditing configurations, Sequel (SQL) Server and Microsoft Server Desktop Engine (MSDE) not being installed, the Internet Information System (IIS) not running on the system, and none of the Microsoft Office products on the system were supported. The OpenVAS scan of the network allowed for the System Administrator and the Security Manager to find numerous encryption vulnerabilities, program errors, and other vulnerabilities. A security scan of the network also determined that more than half of all of the system vulnerabilities were classified as High or Medium. This would mean that these were serious threats to be monitored. The System Administrator and the Security Manager will need to work harmoniously in order to correct the vulnerabilities identified during the OpenVAS and MBSA scans. Both the System Administrator and the Security Manager will need to complete of all scans in order to discuss the different vulnerabilities and discuss remediation procedures. Once this has taken place, both will require the discussion of and provide a list of the vulnerabilities by priority (High to Low) in regards to threat level.