Assignment 1 Part 1 Business Details Document
Assignment 1 Part 1 Business Details Document
Name: Jupiter Security Services
Industry: IT services for small to mid-type organization
Finding and patching Vulnerability in pre-existing software
Finding and documenting weaknesses in the deployed hardware network
Security training to employees
Number of System used in the organisation: There are 150 servers, 432 Desktop and about 544 mobile devices at 2 locations combined. The servers run on Windows server 2019 and provides real time hosting security tools which helps the consulting business. They also store the information like vulnerability data and reports in highly encrypted format. In addition to these services, Jupiter Security Services use it for basic business operations. The Desktop in the organization provides real-time communication to the employees and the clients. It helps the employees to perform centralized communication and monitoring of clients system. The employees also use it to perform CRM activities. The mobile devices in the organization makes it easier for the employees to communicate swiftly. It also makes the employees to have remote business resources. It will help to rapidly address the demands of the customers.
The types (and versions) of operating systems, applications and services that are in use: Windows Server 2019, Windows 11, Kali Linux, Apple MacOS, and iOS
Office 365, Adobe Creative Suit, Security Analysis tools like Nmap, WifiteDefensive Strategy: Stateful inspection Firewall, Network DMZ, patching software and updating hardware firmware of all devices.
Assessment profile: Whitebox, because the company has pre-existing knowledge of the client and the source code of their software. SME used vulnerability assessment (VA) before.
Duration of the Test: 3 weeks, includes assessment of the hardware and software and documenting all the weaknesses which has been found.
Scope/Definition
Checking vulnerability and security of the entire IT infrastructure
Check the security of the softwares that are installed on the systems, as well as assessment of the hardware
Evaluate the effectiveness of the firewalls which are installed on the system and documenting them
Give a detailed documentation of the present vulnerability and patches to the organizations
Goals
Determine the weaknesses in the IT infrastructure of the organization
Write down the weaknesses and provide feedback to the organization
Develop a plan to fix the weaknesses and implement it
Based on the result, create a comprehensive policy to tackle such incidents in the future
Information Gathering (Foot printing)
This is the first step in gathering data about the client and its system. In this stage, the goal is to collect as much data as possible. Jupiter employees will be using regular scanning as a mean to gather information
Using public information and social engineering. Jupiter employees might scan the web for the client information and social engineer the leak to its original leaker by using tools in Kali Linux.
Jupiter services will keep a track of any unknown data packets in Wireshark during the non-operational hour of the company
Vulnerability Detection
Jupiter services will use tools in Kali to detect for any vulnerability. This tool is Nmap which is going to scan for open ports in the clients infrastructure.
Jupiter services might be able to scan the network using Wifite for all the IP addresses in the network and then point out any unknown IP address.
Scanning the application for malware which is being used by the client for any vulnerabilities.
Information Analysis and planning
After detecting for vulnerability, Jupiter services will compile the result into a file and then review it for any risk. Open ports, malware infestation, possibility of leak. The compiled file will later be reviewed by the cybersec experts at Jupiter Security Services.
A plan to tackle the security risk will be taken upon carefully. This will include a timeline upon which the task which poses maximum threat will be patched first.
Jupiter Security Services will then communicate the finding and the plan with the client and stakeholders so that they understand the risk behind the vulnerability.
Last login: Sat Apr 8 14:06:45 on console
C02XP0LUJ1GC:~ kit304$ ./cyber=params parass 593438
-sh: ./cyber=params: No such file or directory
C02XP0LUJ1GC:~ kit304$ ./cyber-params parass 593438
=========================================================================================
CyberSecurity Assignment Parameters for your SME - username: parass studentid: 593438
=========================================================================================
Employees: 400
Office locations: 2
Operating scale: country
Intrusion detection system installed? no
Firewall type: statefull inspection
Extranet used? no
Network DMZ used? yes
Wireless network (in addition to wired LANs)? no
Cloud provider: none
Web site hosting server location: DMZ
Other business servers location: DMZ
Type of web presence: standard web site
Customers (approximate): 1,000
Customer type: other businesses
Has the SME used vulnerability assessment (VA) before? yes
Has the SME used full pen-testing (PT) before? yes
Did past full PT recommend significant changes? yes
Does SME have security policies in place? no
Does SME deal with PII? yes
Does SME deal with PHI? yes
Does SME have incident response team? no
Does SME have dedicated network security staff? no
=================================================================================
C02XP0LUJ1GC:~ kit304$
CHANGES REQUIRED IN THIS ASSIGNMENT TO MAKE IT REVISED
Submission Feedback Overall Feedback ************************************cyber-params************************************
You do not need to explain terminology such as firewalls, DMZ, footprinting etc
************************************Staff Hierarchy************************************I'd suggest you also consider the company structure (eg departments) and detail employee roles - a diagram would also save on word-count.
************************************System Descriptions************************************
You should also list the other main applications (used on client machines and also server applications) (and quantify the mix of OS eg 20 devices running macOS [version?])
You should also consider in more detail what other servers they run (e.g. general databases, finance, development etc)
************************************Scope************************************This doc should also discusswhat the business wants to be in scope(so your proposal will address that specifically) eg what systems/services etc will be assessed? You should also indicate the desired timeline which should be realistic and achievable. I'd rewrite this so it appears to indicate what systems/processes/infrastructure the SME wants to be assessed, and how long they are prepared for the assessment to last. This will then inform what's achievable in the VA proposal (for example, if they say they want the assessment to only last a week, but expect everything to be assessed, that's not realistic). Also, much of what you have written in the scope/definition section onwards belongs in the VA proposal (with timelines and possible risks). You also won't be proposing to fix vulnerabilities, create policy etc, only assess them
************************************Testing Approach************************************Given cost and possible time constraints, a white box approach would possibly be more feasible..The point of the business description is to contain as much info as possible. Through prior interviews and information sharing you are likely to know what systems are present, as well as what the scope of the assessment is (i.e. what systems/services/infrastructure the SME wants to be assessed and how long they are prepared for such tests to take)
************************************PII/PHI************************************
Should this data be subject to some assessment i.e. the access controls used, the types of access methods/personnel etc? Justify why they are collecting PHI.
************************************General comment(s)************************************General comment: break down infrastructure by siteeg. number of employees, computers, servers, services and other devices, networking infrastructure (eg router(s) and switches) - a diagram would help.
************************************Summary************************************
Provide more detail on personnel and infrastructure. I'd narrow the focus of what the SME wants to be assessed - you also don't specify what tools etc in this document - that's in the VA proposal.
