MC Security Assessment Operating Systems Presentation

The audience for your security assessment report (SAR) is the leadership of your company, which is made up of technical and nontechnical staff. Some of your audience will be unfamiliar with operating systems. Therefore, you will begin your report with a brief explanation of OS fundamentals and the types of information systems. Include a brief definition of operating systems and information systems in your SAR.

undefined

• Explain the user’s role in an OS.
• Explain the differences between kernel applications of the OS and the applications installed by an organization or user.
• Describe the embedded OS.
• Describe how the systems fit in the overall information system architecture, of which cloud computing is an emerging, distributed computing network architecture.

undefined

You just summarized operating systems and information systems for leadership. In your mind, you can already hear leadership saying, “So what?” The company’s leaders are not well versed in operating systems or in the threats and vulnerabilities in them, so you decide to include in your SAR an explanation of advantages and disadvantages of the different operating systems and their known vulnerabilities.

undefined

• explain Windows vulnerabilities and Linux vulnerabilities;
• explain the Mac OS vulnerabilities, and vulnerabilities of mobile devices;
• explain the motives and methods for intrusion of the MS and Linux operating systems;
• explain the types of security awareness technologies, such as intrusion detection and intrusion prevention systems;
• describe how and why different corporate and government systems are targets; and
• describe different types of intrusions such as SQL PL/SQL, XML, and other injections.

undefined

You have just finished defining the vulnerabilities an OS can have. Soon, you will perform vulnerability scanning and vulnerability assessments on the security posture of your company’s operating systems. But first, consider your plan of action. Read these two resources to be sure you fully grasp the purpose, goals, objectives, and execution of vulnerability assessments and security updates or patches:

undefined

• A description of the methodology you propose to assess the vulnerabilities of the operating systems, including an explanation of how this methodology will determine the existence of those vulnerabilities in the your company’s OS
• A description of the applicable tools to be used and any limitations of the tools and analyses, including an explanation of how your proposed applicable tools will determine the existence of those vulnerabilities in your company’s OS
• The projected findings from using these vulnerability assessment tools

undefined

In your report, discuss the strength of passwords, any Internet Information Services’ administrative vulnerabilities, SQL server administrative vulnerabilities, and other security updates and management of patches, as they relate to OS vulnerabilities.

undefined

This report should be a seven- to eight-page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.

undefined

Nontechnical presentation: This is a set of eight to 10 PowerPoint slides for upper management that summarizes your thoughts regarding the findings in your SAR. Include power point slides

in APA FORMAT