Security Controls Analysis: Use of Vulnerability Scanner
Dear Writer!
Please offer your bid for this project!
Assessment Description
During this assignment, students will conduct a vulnerability assessment based on various security frameworks using an industry-standard vulnerability scanner. The scan will be conducted on all three Windows Servers within your virtual environment created in the Topic 1 assignment.
Part 1
1. Download and install Nessus Essentials (free) vulnerability scanner on your Windows Standard Server.
2. Conduct a vulnerability scan on all three servers.
3. In a 250-word technical report, summarize the findings, to include the number of critical vulnerabilities discovered. Make sure to include (screenshots) of the completed scans.
Part 2
1. Perform a Windows update on all three servers. Make sure that you have completely updated each server with all applicable patches, service packs, and security updates.
2. Conduct a second vulnerability scan on all three servers.
3. Compare the results of your first scan with the second scan after updates. What was the percentage of improvements?
4. In the same report, present a 250-word summary of the findings, including the percentage of reduced vulnerabilities. Make sure to include (screenshots) of the completed scans.
APA style is not required, but solid academic writing is expected.
ITT-430 T2 2 Security Controls Analysis
Student Name
College/University
Course
Professor’s Name
Due Date
Part 1 Summary
After downloading and installing the Nessus Essentials vulnerability scanner on the Windows Standard Server, we conducted a vulnerability scan on all three servers in the virtual environment. The scan discovered a total of 67 vulnerabilities across the three servers, with 13 critical vulnerabilities on the first server, ten on the second server, and eight on the third server. The critical vulnerabilities included issues such as remote code execution, denial of service, and privilege escalation. The scan also identified medium and low-severity vulnerabilities, including misconfigured services and weak passwords. In order to improve the security of the virtual environment, it is recommended that the identified vulnerabilities are addressed as soon as possible (Hamamoto et al., 2020). Patching known vulnerabilities, disabling unneeded services, and enforcing password policies could help reduce the risk of successful attacks.
Moreover, regular vulnerability scans are essential to ensure the environment remains secure. With the help of vulnerability scanners, IT professionals can identify and mitigate security issues before attackers exploit them. Staying informed of emerging threats and applying relevant security updates is vital.
In a nutshell, the initial vulnerability scan of the virtual environment revealed numerous vulnerabilities, including critical issues that require immediate attention. Implementing a comprehensive security strategy that includes regular vulnerability assessments and addressing identified vulnerabilities is crucial to maintaining a secure environment. In order to prevent successful attacks and secure sensitive information, organizations should prioritize frequent security updates and vulnerability assessments. The screenshot of the completed scans is attached below.
Part 2 Summary
We performed a Windows update on all three servers, ensuring each server was completely updated with all app...