CSI 242 Computer System Security Vulnerability Assessment Project7/10/22
CSI 242 Computer System Security Vulnerability Assessment Project7/10/22
Complete the following:
Review the Demo.Scan.Result.pdf document of a sample security assessment scan report.
Select 3 detected issues that you have identified as needing remediation. Research information regarding your detected issue and the details of how it can be resolved.
Populate the DREAD worksheet for each of your identified issues.
Complete a NOC report for each issue you identified.
NOC REPORTING TEMPLATE
Date Updated: Click here to enter a date.Name:
A. Introduction
Background on the scan itself: was it a standard or scheduled scan, a one-off or scan for a specific purpose, was the scan initiated as a result of a related security issue?
For this exercise you may leave this blank.
B. Vulnerability Scan
Leave this blank, typically you would indicate the report name here and attach as an appendix
C. Scan Summary
What is the issue identified?
D. Detailed Analysis
What is the criticality of the issue? (The components of you DREAD ratings would go here.)
E. Scan Response
What was detected that is susceptible to exploit or abuse.
F. Remediation
Steps to resolve.
G. Recommendations
Administrative Controls:
These could be changes to policy or procedures and the like.
Technical Controls:
These could be new or updated software, hardware or configuration settings
NOC REPORTING TEMPLATE
Date Updated: Click here to enter a date.Name:
A. Introduction
Background on the scan itself: was it a standard or scheduled scan, a one-off or scan for a specific purpose, was the scan initiated as a result of a related security issue?
For this exercise you may leave this blank.
B. Vulnerability Scan
Leave this blank, typically you would indicate the report name here and attach as an appendix
C. Scan Summary
What is the issue identified?
D. Detailed Analysis
What is the criticality of the issue? (The components of you DREAD ratings would go here.)
E. Scan Response
What was detected that is susceptible to exploit or abuse.
F. Remediation
Steps to resolve.
G. Recommendations
Administrative Controls:
These could be changes to policy or procedures and the like.
Technical Controls:
These could be new or updated software, hardware or configuration settings
NOC REPORTING TEMPLATE
Date Updated: Click here to enter a date.Name:
A. Introduction
Background on the scan itself: was it a standard or scheduled scan, a one-off or scan for a specific purpose, was the scan initiated as a result of a related security issue?
For this exercise you may leave this blank.
B. Vulnerability Scan
Leave this blank, typically you would indicate the report name here and attach as an appendix
C. Scan Summary
What is the issue identified?
D. Detailed Analysis
What is the criticality of the issue? (The components of you DREAD ratings would go here.)
E. Scan Response
What was detected that is susceptible to exploit or abuse.
F. Remediation
Steps to resolve.
G. Recommendations
Administrative Controls:
These could be changes to policy or procedures and the like.
Technical Controls:
These could be new or updated software, hardware or configuration settings
