Add to collection(s) Add to saved
  1. No category
Uploaded by mijansekh123

CMIT 421 Project 3 Presentation.docx (1)

advertisement 
CMIT 421 Project 3 Presentation
Student’s Name
Institutional Affiliation
Introduction
Mercury USA is currently facing many issues with its security system.
The company experiences vulnerabilities resulting from false positives,
debugs, and information overrides detected by the system. Therefore,
the company needs to implement a concrete vulnerability management
system to improve its operations' efficiency. The company can use a
vulnerability tool called Nessus.
### Nessus is a virtual tool used for the scanning of vulnerabilities and
detecting any potential threats to the network systems within an
organization (Palmaers, 2013). It runs several controls on the computer
systems to determine whether the present vulnerabilities can damage
the computer systems. Similarly, it optimizes the tests that aim to
rapidly identify defects within the systems and corrects them
immediately, including the devices, operating systems, and the software
applications available in the computer systems. It can also keep all the
company domains free from malicious attacks and viruses that could
control all the devices in the organization, connected to the internet.
This presentation discusses how Mercury USA can use vulnerability
management and Nessus to analyze its vulnerabilities in the computer
systems.
Vulnerability Management (VM) Process Recommendation
Vulnerability management involves identifying, assessing, managing,
and reporting the threats on an organization's security systems. It scans
all the software running through the network systems within an
organization. It identifies the security vulnerabilities that could
potentially put the firm to jeopardy. This prevents attackers from
compromising organizational information.
This study source was downloaded by 100000775457090 from CourseHero.com on 08-15-2024 17:45:08 GMT -05:00
https://www.coursehero.com/file/68931124/CMIT-421-Project-3-Presentationdocx/
###Vulnerability management process provides organizations with the
appropriate coverage of risks and threats to predict the potential issues
within the computer network system and remediate them immediately
(Palmaers, 2013). It provides end-to-end management solutions to all
the vulnerabilities to the computer systems that could protect the
computer systems at Mercury USA. It also comes with vulnerability
management software that automates the scanning process. The
vulnerability scanner scans all the risks and evaluates them for further
decision-making on managing these vulnerabilities.
The Vulnerability Management Process
This process takes four significant steps, including.
Identification of vulnerabilities. Assessment of the vulnerabilities.
Managing vulnerabilities. Vulnerabilities reporting.
### The first step of identifying the vulnerabilities includes using a
scanner to scan for the potential threats. The vulnerability scanner
scans the accessible systems to identify any open port that can
correlate the information to the potential dangers and vulnerabilities
(Palmaers, 2013). After placing the openness, the second step evaluates
them and analyzes their risk to the organization. The third step includes
managing the identified vulnerabilities. This can be achieved through
This study source was downloaded by 100000775457090 from CourseHero.com on 08-15-2024 17:45:08 GMT -05:00
https://www.coursehero.com/file/68931124/CMIT-421-Project-3-Presentationdocx/
three significant efforts, including mitigation, remediation, and
acceptance. Lastly, the vulnerabilities' reporting includes informing the
firm about the identified threats and the best approaches to mitigate
them.
Vulnerability Scanning Tool Evaluation
It is essential first to highlight the different types of vulnerability
scanners. They include Cloud-based scanners. Network-based scanners.
Host-based scanners. Database-based scanners.
### The Cloud-based vulnerability scanners are mainly applied in the
detection of threats and risks within the systems that use Cloud such as
websites (Nanda, 2017). Network-based scanners detect the
vulnerabilities in the computer networks by running its services through
open ports. Host-based scanners detect the vulnerabilities of individual
hosts like network devices or computer systems. Finally, the data-based
scanners identify vulnerabilities in the management systems containing
databases for keeping private information. Mercury USA can use one or
two of these tools to execute its security management plan.
How the Unified Vulnerability Scanner Operates
This study source was downloaded by 100000775457090 from CourseHero.com on 08-15-2024 17:45:08 GMT -05:00
https://www.coursehero.com/file/68931124/CMIT-421-Project-3-Presentationdocx/
First, it deploys Azure security to screen the virtual machines on the
computer system. Secondly, it collects relevant information and sends
them for further analysis. Third, it analyzes the vulnerabilities and sends
the assessment data to the security center.
### Vulnerability scanning tools enable the systems to identify the
threats and risks to security systems through different ways (Balatska,
2020). They use coding bugs for the code analysis vulnerability, rootkits,
Trojans, and backdoor for the audit vulnerability systems. Furthermore,
they are free from external threats to computer and security systems.
Other benefits of the vulnerability scanners include affordability, fast
operations, improved performance, reduced cost, and increased
benefits to the organization and automatic functions provision.
Nessus Vulnerability Report Analysis
Ease of use. Cost-effective for any firm. Advanced detection of
vulnerability leading to more protection. Correct visibility of computer
networks. Comprises of plugins that provide timely protection.
This study source was downloaded by 100000775457090 from CourseHero.com on 08-15-2024 17:45:08 GMT -05:00
https://www.coursehero.com/file/68931124/CMIT-421-Project-3-Presentationdocx/
### The Nessus vulnerability report provides the analysts with a
comprehensive summary of the existing vulnerabilities in the computer
system based on the CVE data collection methods and analytics
approaches (Nanda, 2017). The report analyzes the trending graphs on
the detection of vulnerabilities for up to three months. It also provides
an account of the mitigated vulnerabilities and the most severe
vulnerabilities that would need a strategic risk management plan.
Therefore, Nessus offers organizations with a remarkable composure by
ensuing they respond quickly to the identified vulnerabilities.
Importance of Purchasing Nessus
Improved scalability of the enterprise.
It provides unlimited scanners that are compatible with Nessus.
Has an advanced support system.
It is less costly compared to other vulnerability management tools.
Provides advanced reports and dashboards.
It can be controlled in the Cloud.
@@@ Tenable Nessus is ideal for Mercury USA as it can be applied in
both small and large-scale firms (Balatska, 2020). It consists of features
that can help this company to thoroughly understand its network
system and evaluate, prioritize, and manage any potential vulnerability
to the plans. Nessus vulnerability scanners can also enable Mercury USA
to discover some of its significant assets and perform target profiling,
malware detection, configuration auditing, and sensitive data discovery.
Finally, Mercury USA can use Nessus Professional to run on devices like
laptops and smartphones used by the firm's security professionals.
Impacts of Failure to Implement the Tenable VM Process
Failure to implement a Tenable VM Process or Nessus can lead to
significant financial losses in Mercury USA. The company could
experience hacker intrusions that would negatively impact its
operations. The company will be more susceptible to attacks due to a
framework for identifying and managing vulnerabilities. The company
This study source was downloaded by 100000775457090 from CourseHero.com on 08-15-2024 17:45:08 GMT -05:00
https://www.coursehero.com/file/68931124/CMIT-421-Project-3-Presentationdocx/
will not be able to update its security systems to align with the existing
software.
### The tenable VM process stops cybercriminals and hackers from
attacking the security systems of organizations by making it difficult for
hackers to enter the systems (Nanda, 2017). Failure to implement VM
Processes can lead to security management gaps, which enable hackers
to execute their attacks. The company will also be at risk due to a lack of
regular updates of the security systems to reduce the vulnerability of
attacks and prevent hackers' intrusion. Also, the available security
systems in Mercury USA may not fully protect its systems against
security threats and vulnerabilities. Failure to implement the VM
process will only worsen the situation and increase the firm's approach
to risks.
Conclusion
This paper addressed the benefits of using VM processes such as
Nessus to organizations. From Mercury USA's reports, it is evident that
the company needs a Nessus scanner to detect its weaknesses and
mitigate them immediately. Nessus is the best VM tool for Mercury USA
due to its numerous benefits. Failure to implement this VM will only
lead to potentially significant losses to the firm.
### The Nessus tenable VM process is an all-inclusive vulnerability
management tool that is designed to scan and evaluate the
vulnerabilities and suggest the possible solutions for immediate
remediation (Balatska, 2020). It provides a real-time scan to the security
systems that could help Mercury USA to detect the potential threats
and execute the countermeasures of dealing with the risks.
References
Balatska, V., & Shabatura, M. (2020). EXPLORATION OF COMPUTER NETWORK BY
VULNERABILITY SCANNER NESSUS. Bulletin of Lviv State University of Life Safety.
This study source was downloaded by 100000775457090 from CourseHero.com on 08-15-2024 17:45:08 GMT -05:00
https://www.coursehero.com/file/68931124/CMIT-421-Project-3-Presentationdocx/
https://doi.org/10.32447/20784643.20.2019.01
Nanda, S., & Ghugar, U. (2017). Approach to an efficient vulnerability management program.
International Journal of Innovative Research in Computer and Communication
Engineering (IJIRCCE), 5(6).
Palmaers, T. (2013). Implementing a vulnerability management process. SANS Institute Reading
Room.
This study source was downloaded by 100000775457090 from CourseHero.com on 08-15-2024 17:45:08 GMT -05:00
https://www.coursehero.com/file/68931124/CMIT-421-Project-3-Presentationdocx/
Powered by TCPDF (www.tcpdf.org)
Related documents
Team-assessment-of-risks-and-protective-factors
Team-assessment-of-risks-and-protective-factors
Assessment 2
Assessment 2
This worksheet
This worksheet
QB MidTerm
QB MidTerm
Digital vulnerabilitz atlas of South Asia [PPT, 2.05
Digital vulnerabilitz atlas of South Asia [PPT, 2.05
r = p
r = p
Abstract
Abstract
Download
advertisement