30 Aug Vulnerability Assessment and Operational Security
Step 1: Define Vulnerabilities, Threats, and Risks
Vulnerabilities, threats, and risks are important to understand in order to evaluate and ultimately improve security posture by mitigating risks. Your organization’s security posture will determine its cybersecurity policies. Assessing risk is key in this process. Define vulnerability, threat, and risk. Consider their relationship to one another and how they relate to the security of networks and data. You will use this information to complete your vulnerability assessment and to develop the educational brochure for your workforce. (Review Programming, Systems Software, Application Software and Software Interaction if you do not already have a working understanding of these topics.)
Step 2: Identify Examples of Vulnerabilities, Threats, and Risks
In Step 1, you familiarized yourself with the concepts of vulnerability, threat, and risk. You now understand their relationship to one another and how they relate to security. In this step, you are going to identify at least two examples of a vulnerability, two examples of a threat, and two examples of a risk in each of the following categories:
technology
people (human factors)
policy
You should identify a minimum of eighteen examples. This will assist you in conducting the vulnerability assessment and developing the educational brochure. (Review Basic Elements of Communication and Computer Networks if you do not already have a working understanding of these topics.)
Step 3: Identify Current Vulnerabilities and Threats
After defining and identifying examples of vulnerabilities, threats, and risks in Steps 1 and 2, you should understand the basic concepts of vulnerabilities and threats as they apply to general cybersecurity. However, vulnerabilities and threats are dynamic: They can evolve with changes in technologies, changes in adversary capabilities or intentions, or changes in human behaviors and organizational policies. It is important to understand current vulnerabilities and threats and their applicability to the larger community as well as to your organization (e.g., critical infrastructure protection), so that you can make informed recommendations on how/whether to mitigate them. Identify current known vulnerabilities and threats that could impact your organization. The vulnerabilities and threats that you identify will be necessary for your final presentation. (Review
List a minimum of two current known vulnerabilities and threats involving the following:
people (human factors)
technology
policy
Step 4: Vulnerability Assessment and Operational Security eLearning Module
To prepare for the upcoming vulnerability assessment, you will practice in a simulated environment with the Vulnerability Assessment & Operational Security eLearning Module. You will learn how to maintain effective audit, risk analysis, and vulnerability assessment practices in a fictional scenario. You will also review risk and vulnerability analysis tools. (Review Network Devices & Cables and Network Protocols if you do not already have a working understanding of these topics.)
Take time during this module to take notes as the information will be helpful during your own vulnerability assessment in Step 7. Specifically note the major components of cybersecurity architecture, architectural methodologies for the physical structure of a system’s internal operations and interactions with other systems, and architectural methodology standards that are compliant with established standards or guidelines.
Step 5: Identify Attack Vectors
Attack vectors are the means by which vulnerabilities are exploited and threats realized. As a result, understanding attack vectors is critical to developing impactful mitigations. Identify the applicable attack vectors, the weaknesses exploited, and the means used to gain access based on the vulnerabilities and threats identified in Step 2. Also note the common types of cyber attacks. The attack vectors and weaknesses that you identify will be necessary for your vulnerability assessment and final presentation. (Review A Closer Look at the Web, Web Markup Language and Web and Internet Services if you do not already have a working understanding of these topics.)
Identify attack vectors and weaknesses exploited via the following:
hardware
software
operating systems
telecommunications
human factors
Step 6: Examine and Identify Known Attribution
Attribution is often very difficult, if not impossible, to identify. One reason is the anonymity afforded by the Internet. Another reason is the potential sophistication of malicious state actors and non-state actors who are able to disguise themselves and/or exploit an innocent and often unknowing computer user to achieve their goals. Attribution is desired because knowing who is behind an exploit can provide insight into the motivations, intentions, and capabilities of threat actors. Understanding attack vectors used by threat actors provides key insights that help to build stronger defenses and construct better policy management. In order to complete your vulnerability assessment, you will need to first do the following:
From the attack vectors identified in Step 5, determine if attribution is known for the threat actor (e.g., name of nation state, non-state and/or hackers and actors) most likely involved in exploiting each weakness.
Categorize the threat actor(s) based on attribution for previous exploits, likely targets, and rationale(s) for targeting/exploitation (e.g., profit, political statements, extortion, etc.).
Step 7: Vulnerability Assessment
From the results of Steps 4, 5, and 6, develop and submit a spreadsheet that includes the following:
characterization of current and emerging vulnerabilities and threats
identification of the attack vector(s) employed against each
your assessment (high, medium, or low) of the impact the vulnerability could have on your organization
Make sure to address security architectures, including components, specifications, guidelines, standards, technologies, etc. Also consider international threats and attack vectors. This assessment will be included in your final presentation.
Submit your assessment for feedback.
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
About Writedemy
We are a professional paper writing website. If you have searched a question and bumped into our website just know you are in the right place to get help in your coursework. We offer HIGH QUALITY & PLAGIARISM FREE Papers.
How It Works
To make an Order you only need to click on “Order Now” and we will direct you to our Order Page. Fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Are there Discounts?
All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.