Class Plan

Davonte Brown

Unit 2 assignment 1

6-25-14

ITT Technical Institute

3825 West Cheyenne Avenue, Suite 600North Las Vegas, Nevada 89032

NT2580 Introduction to Information Security

Week 2, Unit 2 Application of Security Countermeasures to Mitigate Malicious AttacksGraded AssignmentUnit 2 Assignment 1: Calculate the Window of VulnerabilityLearning Objectives and Outcomes

You will learn how to calculate a window of vulnerability (WoV).Assignment Requirements

You are reviewing the security status for a small Microsoft workgroup LAN. The workgroup contains many distinct separations in the network determined by group memberships. An example of the network divisions is as follows:

Windows laptops: Traveling salespeople, remote suppliers, branch offices

Windows desktops: Accounting group, developer group, customer service group

Windows servers: Administrative server, Microsoft SharePoint server, Server Message Block (SMB) server

A security breach has been identified in which the SMB server was accessed by an unauthorized user due to a security hole. The hole was detected by the server software manufacturer the previous day. A patch will be available within three days. The LAN administrator needs at least one week to download, test, and install the patch. Calculate the WoV for the SMB server.Required Resources

NoneSubmission Requirements

Format: Microsoft Word Font: Arial, Size 12, Double-Space Length: 1 page Due By: Unit 3

Self-Assessment Checklist

I have accurately calculated the WoV. If you want perfection in calculating the Wov for a SMB server then youll be doing work for a couple of days. If you want to know the direct amount of days then here you go it will be 11 days of vulnerability Wov. Threats, risks, and vulnerabilities negatively impact the confidentiality, integrity, and availability (CIA) triad. Confidentiality is breached when an attacker discloses private information, integrity is broken when an attacker modifies privileged data, and availability is ruined when an attacker successfully denies service to a mission-critical resource. The length of time these vulnerabilities are present creates a window of vulnerability (WoV), the period within which defensive measures are reduced, compromised, or lacking.

The WoV covers a timeline from the moment vulnerability is discovered and identified by the vendor. It also includes the time taken to create, publish, and finally apply a fix to the vulnerability. Problems arise as fixes can be disruptive to business operations and the delay between discovering and patching a hole leaves sufficient time for an attacker to intrude. At any given time, a system or network will potentially have several overlapping WoVs, not all of which may be immediately identified. Remember, not all vulnerabilities are exploitable. Some exploits cause disruption such as DoS, while others may expose sensitive information or allow an attacker to take control. That was my essay hope you enjoyed and learned something new. http://www.termpaperwarehouse.com/essay-on/Windows-Of-Vulnerability/191361NT2580 Intro to Information Security Page 2 of 2 Week 2, Unit 2

Steve Todd