Software configuration management

Write a 2½- to 3 ½-page security vulnerability report in Microsoft Word based on the organization CAPITAL ONE. An internal review of your organization was previously conducted and found the following vulnerabilities:

  • – A formal Password Policy has not been developed that meets your organization’s regulatory requirements.
  •       -The organization only uses single factor authentication using weak passwords.
  •             – Vulnerability Severity: High
  •             – Impact: Threats could easily guess weak passwords allowing unauthorized access.
  • – Software configuration management does not exist on your organization’s production servers.
  •        – There are different configurations on each server and no operating system patching schedule.
  •               – Vulnerability Severity: Moderate
  •               – Impact: With ad hoc configuration management, the organization could inadvertently or unintentionally                         make changes to the servers that could cause a self-imposed denial of service.
  • – An Incident Response Plan has not been developed.
  •        – There is not a formal process for responding to a security incident.
  •               – Vulnerability Severity: High
  •               – Impact: In the event of a security incident, an ad hoc process could allow the security incident to get worse and spread throughout the network; the actual attack may not be recognized or handled in a timely manner giving the attacker more time to expand the attack.

 – Consider people, processes, and technology that can be exploited by the source of a threat.

– Include recommended countermeasures to mitigate the impacts and risks of the vulnerabilities.

Format your citations according to APA guidelines.

Reference no: EM132069492



Hello! Need help with your assignments? We are here
Don`t copy text!