mod11

docx

School

Schoolcraft College *

*We aren’t endorsed by this school

Course

115

Subject

Information Systems

Date

Dec 6, 2023

Type

docx

Pages

2

Uploaded by SargentGalaxy1810

Report
M11: Security Assessment Make sure you have complete the CNT 115 Security Assessment before beginning this worksheet. The security assessment is available in the M11 Assignment area in Blackboard. As you complete the security assessment, please note the following: Some questions may be in areas you have not considered before and that is OK at this point. The assessment is to determine where improvements can be made, not to make improvements in the course of performing the assessment. As a general rule, you should be able to complete the assessment in less than 20 minutes - if you are unsure about an area, choose that option. 1. What was your assessment score? (1 point) 27 For reference, these are the score ranges for the assessment: Excellent: Scores between 0 and 25 Needs Work: Scores between 26 and 50 Warning!: Scores over 50 Was your score better or worse than you expected? Explain. (3 points) It was better than I expected. I don't usually check imformation like this, however, it's great that I am keeping somewhat on track with making sure my stuff doesn't get hack into mostly. 2. Choose three things you were able to identify as weaknesses in your overall security and list them below. (3 points) Use better passwords that are "good" updating my anti-virus software Scaning my computer for malware and infections 3. For each weakness identified above, provide the following information: explain which attack surface is impacted and which aspect of hardening would be best suited to improving the outcome of your security assessment. (3 points) Weakness #1 Attack surface impacted: Weak passwords can cause more hacking in to. Aspect of hardening best suited to address the weakness: Default passwords or credentials stored in accessible file, where no one can find them. Weakness #2 Attack surface impacted: My data might be hacked into because of my lack of updating my anti-virus Aspect of hardening best suited to address the weakness: Updating my anti-virus more often so I don't lose data. Weakness #3 Attack surface impacted:
That the virus may steal your sensitive information, and infect a device. Aspect of hardening best suited to address the weakness: Updating and removing the malware, and updating anti-malware software. 4. Would completing the security assessment still have been valuable if you had earned a perfect score? Why or why not? (2 points) Not really, because if I had earned a perfect score, I really wouldn't think that my data is at risk. 5. Does earning a perfect score on this (or any other) security assessment mean that you are currently perfectly secure? In the future? Explain. (3 points) No, it does not. There still could be something that someone may know a way to do something simple like steal your password. Like someone may be able to get into a facebook account even if you have perfect password protection. 6. Why is completing security assessments an important part of cybersecurity? (3 points) It's important because you want to be in the know for you computers, phones, and tablets to see how updated and well they're doing. Along with making sure no data can be stolen. 7. Using the Internet, search for information about the following tools that can be used to assess security in different ways. For each tool, write a short summary that includes: a. The purpose of the tool and how it could be used to assess security b. How using the tool would help improve security assessment outcomes Item #1: Burp Suite (3 points) The purpose is tool that works to do security testing in various online applications. Its tools would help to improve how people can use the application’s attack surface and find and exploit security vulnerabilities. Item #2: OpenVAS (3 points) The purpose is that it checks visible ports, services it can access for known exploits, and high level web threats It helps improve where the risks are, and how people can fix their vulnerabilities, and recommend areas to remediate problems on the device. Item #3: OWASP ZAP (3 points) The purpose of this is to help developers and security professionals dectect and protect suspisious things in a site The tools can be used to help detect and find vulnerabilities in websites. Item #4: SonarQube (3 points) The purpose is to inspection of code quality to make automatic reviews with code to detect bugs. The tools can be used to empower both developers and security teams to identify more effectively.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

IN200M1_Part2_Katie Monroe.docx
Module 3 discussion.docx
Mis India.docx
Module discussion.docx
Module 4 discussion ET5033.docx
Comparative Justice Exam 2.docx
CYB_300_3-2_Lab_Worksheet_Joshua_Minnick.docx
Week 7 and 8 Discussions.docx
traceability-matrix-template (1).xlsx
CYB_300_4-4_Milestone_Joshua_Minnick.docx
CYB_300_5-2_Milestone_Joshua_Minnick.docx
CYB_300_4-4_Milestone_Evaluation_Joshua_Minnick.docx