Uploaded by Cion Sandidge

InClass Assignment6 CTEC350 (1) (1)

advertisement
InClass-Assignment6
You should be submitted in Backboard CTEC350\ InClass-Assignment6: due date.
Due Date: 9/25/19 (10:00 pm)
Chapter 8
1. Explain that this section describes several tools used to discover vulnerabilities on
Windows systems. Using several tools collectively is advisable because they help you
pinpoint problems more accurately.
-The tools discussed for discovering vulnerabilities are built in windows tools, MBSA,
and antivirus solutions.
2. Explain to students that they can check the CVE and CERT Web sites to determine
vulnerabilities for any OS.
-CVE Websites hold research on vulnerability relevant to security tests. Security testers
use the information from CVE Websites to tests windows computer
3. Describe NetBEUI as a fast, efficient network protocol that allows NetBIOS packets to
be transmitted over TCP/IP.
-NetBEUI, also known as NetBios Extended User Interface, is a fast and efficient
network protocol that allows NetBIOS packets to be transmitted over TCP/IP. The
program allows computers to communicate in a local area network.
4. Explain that Server Message Block (SMB) is used to share files and usually runs on top
of NetBIOS, NetBEUI, or TCP/IP.
-SMB is used to share files, it was later replaced by CIFS.
5. Explain the main problems of having a Web server installed on your network and provide
some recommendations to better secure it.
-Its more costly than electronic website hosting and needs custom maade engineering and
design,
6. Explain that although IIS 6.0 (Windows Server 2003) through IIS 10.0 (Windows Server
2016) are installed in a “secure by default” mode, previous versions left crucial holes that
made it possible for attackers to sneak into a network.
-Secure by default means the default configurations setting are the most secure settings
possible, but as updates and patches come about the previous default setting may not be
so secure anymore.
7. Explain that it makes sense to disable unneeded services and delete unnecessary
applications or scripts, since they are an open invitation for attacks.
-Unneeded applications should be deleted because they receive less attention as others.
You may not update and patch them like you do used apps, which causes vulnerabilities
that are open for attacks.
8. Explain how filtering out unnecessary ports can protect systems from attack. Discuss
some of the ports frequently subject to attack.
-Some commonly attacked ports are 20, 22, and 80. Port 20 is a TCP port, 22 is a SSH
port, and port 80 is a HTTP port. Filtering out exploitable ports will reduce the risk of
attacks. Often ports are used to attack other sources which gives greater reason to filter
them out.
9. Explain that like any OS, Linux can be made more secure if users are aware of its
vulnerabilities and keep current on new releases and fixes.
-If the user keeps current with updates and patches a linux OS can be deemed more
secure than Windows. The fact is windows has far more viruses than linux which gives
linux the upper hand.