Recovering from a Failed Security Audit – Case Study

1. Print the Case Study document.

2. Read the Case Study.

3. Answer the questions in the following manner:

a. Find the paragraph in the case study that relates to the question.

b. In the margin of the document next to the subject paragraph, print a brief statement on your copy of the case study explaining what you found.

c. Using your phone, take a picture of the paragraph including your printed comment.

d. Paste the photograph into this Word answer document.

e. Underneath the photograph, type a longer, more thorough explanation of what you found.

f. Place each answer on a separate page.

4. After answering all of the questions, upload your document to Blackboard.

Sample question:

How did the Agency and its network administration learn of major security problems?

While the network administrator was on vacation, his boss hired an independent auditor to perform various penetration tests over several weeks. These tests revealed some very serious security flaws at the Agency.

Q1. What three specific issues did the independent auditor find?

Q2. What did the netbios scan discover?

Q3. FERPA protects student data from being shared without the student’s permission. How was student data protected by FERPA made inadvertently vulnerable?

Q4. What approach did the network administrator use to rank the various security threats?

Q5. How was the problem of anonymous accounts on the FTP server resolved?

Q6. Regarding SNMP what was the problem with vendor defaults?

Q7. It was discovered that the Administrator password on local workstations was null. What circumstances caused the password to be null?

Q8. Explain how VMR led to the problem of “leaving the keys in the front door” problem.

Q9. Regarding the application of patches, why did the network administrator decide on a policy of waiting 48 hours before installing a newly released patch?

Q10. What is the new policy for a workstation that has a virus?