Project Part 2: Vulnerabilities in Information Technology (IT) Security

Scenario

Aim Higher College has been the target of focused attacks from a variety of attackers. Your manager has assigned you the task to review the port and vulnerability scan data recently gathered from a typical system to determine what ports and services are exposed to attackers, and what vulnerabilities exist on that system.

Required Resources

• Access to the Internet
• Text sheet: Zenmap Intense Scan Results (ts_zenmapscan)
• Text sheet: OpenVAS Vulnerability Scan Report (ts_openvasscan)

Tasks

Analyze the results of the Zenmap and OpenVAS scans as provided in the text sheets. Write a brief report targeted at information technology (IT) management and systems administration staff explaining the vulnerabilities and protection mechanisms that Aim Higher College should adopt, which will be applied to all similar systems at the college. Your report must answer the following questions:

• What ports and services of the system were open, as identified by the Zenmap scan?
  • Include the port number
  • Include the service name
  • Include a brief description of how each is used
• What vulnerabilities identified with a high severity indicator were found by the OpenVAS scan?
  • Include the name and/or number associated with each vulnerability
  • Include a brief description of the vulnerability
  • Include the solution suggested by the OpenVAS scan
• What can be done to protect the system, and what ports and services likely need to remain open?

Submission Requirements

• Format: Microsoft Word (or compatible)
• Font: Arial, 10-point
• Line Spacing: Double
• Length: 2 to 4 pages