Security work
OPERATING SYSTEMS
UNIT 1 IP
Quite frequently (at least once a week), one of the system administrators' workstations freezes and shortly after that, a Linux Web server reboots. Although the system administrator's workstation does not have a major impact on the MWS infrastructure, the Web server rebooting causes outages for all of the Web sites hosted on it, and this causes problems for MWS in terms of reputation and revenue.
In a report of 2–3 pages, describe how and what should be reviewed in terms of operational security to help determine the root cause of this problem. (The network infrastructure is not considered to be part of the discussion).
· Focus should be on both the Web server and the administrator's workstation.
· This report should include identification of security mechanisms for a Windows workstation and a Linux server.
· Use at least 2 credible sources, and cite all sources in APA format.
UNIT 2 IP
The management team would like to better understand what security mechanisms they already have available to them on their servers and workstations. You want to describe the built-in security features of the operating systems used by MWS.
In a paper of 2–3 pages, describe the following on security features:
· Describe built-in security features existing in the Linux Web servers.
· Choose either the Windows workstation or Mac workstation, and describe the security features that are built in to either one of these.
· Discuss the implications of allowing log-ins directly to generic accounts on a server.
· Discuss the impact of having an operating system that allows execution on the stack and what disallowing this will prevent.
· Use at least 2 credible sources, and cite your sources using APA format.
UNIT 3 IP
Every good security practitioner has a suite of third-party tools that it uses in various situations. This is your opportunity to suggest to MWS a suite of tools that it can use to help strengthen its environment.
MWS has described its desire to keep the amount of third-party software to a minimum, especially with respect to the number of different vendors. This does not mean it is opposed to using these tools or programs; it would like to limit the amount of different vendors used in each tool space.
Conduct research on vendors and open-source solutions that provide antivirus software for the three operating systems at MWS: Macintosh, Windows, and Linux. Prepare a paper of 2–3 pages that includes a recommendation for third-party tools for MWS. The paper should include the following:
· Analyze and recommend two antivirus solutions that can be used on all 3 operating systems. Compare and contrast the features of each product, and make a recommendation about which should be used by MWS.
· Describe what scanning and vulnerability assessment tools are and what they are used for. Recommend a tool (or 2) that can be used to scan a host to determine the open ports and identify any known vulnerabilities.
· Explain the reasons for your recommendation. Recommendations should be supported by the research.
· Use at least 2 credible sources in your research, and properly cite them in APA format.
UNIT 5 IP
The management team for MWS has asked for a simple but thorough checklist describing best practices for securing the operating systems used in the company.
· Create a list of 12 best practices.
· Six of the best practices should be general practices.
· Provide 2 best practices that are specific to each operating system:
· Windows
· Linux
· Macintosh OS X
CERTIFICATION AND ACCREDITATION PROCESS
UNIT 3 IP
With the completion of the threat, vulnerability, exposure, and risk analyses conducted by the internal federal C&A team, your chief technology officer (CTO) has asked that the team transition to the evaluation of the technical, management, and operational security controls involving those risk areas identified. The selection and implementation of the technical, management, and operational security controls in the C&A package are required to protect the availability, integrity, and confidentiality of the system and any information being exchanged. Your team must provide responses to the following concerns posed by the CTO.
Provide a report with responses to the CTO in a memo format, with responses of at least 1 page per concern:
· Provide a memo header (To, From, Subject, Date).
· Address the following concerns:
· Concern 1: The CTO does not understand the security controls that are needed to provide risk mitigation based on the current use of information and information systems when executing the mission of the organization and business.
· Concern 2: The CTO is confused with the current security control selection and implementation. Will there be a realistic security control implementation plan? Describe that plan.
· Concern 3: The CTO is concerned with the identified assurance levels (e.g., grounds for confidence). Some people in the organization doubt that the implemented security controls will be effective in their application.
· Provide a closure paragraph to the memo regarding the concerns above.
The memo should be a minimum of 3–5 pages in length (excluding the title page), and it should be neatly formatted. Post your document in your individual assignment upload area. Sources should be properly cited in APA style.