Essay on Metasploit Vulnerability Scanner Executive Proposal

This project identifies a two possible issues that can happen during the system operations like hacking or data loss due to improper security provided to the company branches and there is no proper infrastructure of the firewall for the network structure. The aircraft security policy result in failure due to their two year reset program.

Companies should develop a control that requires that routine vulnerability assessment of their customer facing web sites, network infrastructure, and associated systems (such as database systems). Vulnerability assessment can help identify potential weaknesses to systems and also provide a sort of feedback to the organization’s IT department on their current operational policy and security posture. The cost of performing a routine vulnerability assessment is considerably less than that of an actual data breach.

The world of cyber security continues to introduce new threats each year against network infrastructures and computer devices. In the recent years, the impact from cyber-attacks has wreaked havoc on many company brands and organizational reputations. As this issue grows so does the technology to prevent and protect against these malicious attacks. It is absolutely crucial for organizations and businesses to shift focus from defense for different types of attacks to improving safeguards to mitigate the loss of sensitive data when an attack occurs. In addition to the traditional security technology used to detect an attack, companies will have to include

Despite the presence of network security devices such as firewalls and other security appliances, today's corporate networks are still vulnerable to both internal and external attacks by hackers intent on creating havoc. By proactively

Cyber-security demands are ever increasing in the field of Information Technology with the globalization of the internet. Disruptions due to cyber-attacks are affecting the economy, costing companies billions of dollars each year in lost revenue. To counter this problem

Cyber threats have increased dramatically over the past few years, with large companies such as Amazon, Netflex, PayPal, Wikipedia and most recently Equifax, experiencing high profile breaches. Traditional tools, defenses and responses have been strained with keeping up with the level and sophistication of an very organized and ubiquitous hacking community, which has coalesced into organized crime syndicates that the FBI and law enforcement continues to battle.

Aim Higher College needs to ensure the safety of all its information. Recently we have seen suspicious and careless activity in the research data center. Data center technicians have reported lights left on, doors left open, successful logins to the research database, as well as login attempts in the backup business database after normal hours of operation. Because this is also the backup for our business information we need to keep this area as secure as possible.

A vulnerability scanner is a computer program designed to assess computers, computer systems, networks or applications for weaknesses. In others words, these scanners are used to discover the weak points or poorly constructed parts. These vulnerability scanning can be run either as part of vulnerability management by black hat attackers looking to gain unauthorized access or by those tasked with protecting systems.

Appendix B Results. The second part of this lab is the actual exercise where the student will use the penetration testing tools and perform more active reconnaissance, and demonstrate gaining access through exploits found. Again, all step by step instructions can be found in Appendix B. The following are a summary and specific results that are called out in the lab.

Teneable Nessus has been rated by its users to be the best in preventative defense in addition to being low cost solution with free online training. Though the application suite requires profile configurations to start, it provides the necessary functions to support the requirements of software and system configuration vulnerability assessments and easily scales to accommodate future growth. Plugins are updated regularly and new plugins are added to account for new Common Vulnerabilities and Exposures (CVEs) as they arise. Security Center Continuous View simplifies the administrator’s role by integrating with other tools like Mobile Device Management (MDM) and a head to toe vulnerability detection and mitigation solution for any platform [3].

Computer security is a critical issue for nearly all businesses today. Threats to security have become more pervasive, more dangerous, and more damaging to the health of businesses. Being able to appropriately respond to a security breach is essential to the long-term success of any business. Incident response planning is necessary before an incident occurs. In their publication, Computer Security Incident Handling Guide (Special Publication 800-61, Revision 2), the National Institute of Standards and Technology (NIST) has made recommendations on the phases of incident response, what types of tools can be useful to a team responsible for incident response (IR), and what documentation is needed as part of the response. This paper discusses these topics as endorsed by NIST.

Some of these critical challenges that this industry faces are: network access control, identification, authentication, wireless and mobility, and most recently, securing cloud computing. With the increase of technology, wireless devices, and number of attacks happening, our main goal is protect your network and increase productivity by identifying and eliminate threats before they happen. There are companies that haven’t been so lucky. The costs and potential consequences of security problems can be devastating, if not, disastrous.

Cyber-attacks are common in the defense industry, but in January 2010, a sophisticated, advanced persistent threat hacked into the commercial sector forever changing the face of cyber security. Dubbed “Operation Aurora” by McAfee, the attack targeted specific high profile corporations to obtain valuable intellectual property. Google, Yahoo, Juniper Networks and Adobe Systems were also among the victims of this highly coordinated cyber heist. By manipulating computer codes the attackers were able to exploit the Microsoft Internet Explorer vulnerabilities to gain access and obtain valuable sensitive information from over thirty high profile companies. Operation Aurora proves that the world is entering into a high-risk era where

As global security continues to grow exponentially in response to threats of cyber terrorism, the field of computer security continues to proliferate into many adjacent socioeconomic and technologically-based areas of society. Gartner Group, a leading market research in the enterprise IT industry, has stated that the worldwide market for security software will reach $21B in 2011, rising to $15.8B in 2015 (Karjalainen, Siponen, 2011). This rapid growth of computer security is also driving the development of entirely new patents in the areas of cryptography, enterprise security management strategies, and extensive support for more advanced programming features for securing enterprise networks (Albrechtsen, 2007). The pace of development in this market is accelerating as the sophistication and variety of threats continues to also exponentially escalate (Liang, Xue, 2010).

Almost all kind of large and small organizations might face increasing number of attacks into their network or intellectual property. This may lead to data disclosure, data destruction, and damage of organization’s reputation. There are numerous threats in the cyber space which might be capable of stealing, destroying or making use of out sensitive data for financial and non-financial gains. As the amount of computer, mobile and internet users increases, so does the number of exploiters.