VM Scanner Background

VM Scanner Background Report, based on the

Nessus Report

Don't use plagiarized sources. Get Your Custom Essay on

VM Scanner Background

Just from $13/Page

Order Essay

Please see attachments for additional details and template for report.

https://learn.umgc.edu/content/enforced/567589-027858-01-2212-US1-4520/My_Basic_Network_Scan_qw3e2d%20(2).html

Instructions

Note: Please download the Nessus Report from the hyperlink (…based on the ), the lab has been moved and you no longer need to follow the steps to retrieve the report. It is an interactive HTML, please click “expand” to view result information.

This week, you will submit the second project, VM Scanner Background Report, based on the Nessus Report. As you are writing your report, you may want to refer back to the CEO’s video in Week 1 to make sure your analysis and recommendations align with the CEO’s priorities and concerns.

You should link your analysis to the kinds of organizational functions and data associated with a transportation company (e.g., protecting order data, customer lists, sales leads, Payment Card Industry (PCI) compliance for processing credit, proprietary software, etc.) and provide your recommendation if Mercury USA should purchase the Nessus tool. This report should be four to six pages in length and include a title/cover page. Include in-text citations and a reference page with three quality sources in a citation style of your choice.

How Will My Work Be Evaluated?
For this assignment, you are asked to provide your supervisor, Judy, with a technical evaluation of a vulnerability scanner. By documenting your results in an effective background report, you are showing how you use your technical knowledge to convey your ideas to others in a professional setting. Your ability to express your findings using the right mix of technical detail in a business context is an important workplace skill.
The following evaluation criteria aligned to the competencies will be used to grade your assignment:
· 1.3.1: Identify potential sources of information that can be used to develop and support ideas.
· 1.4.1: Produce grammatically correct material in standard academic English that supports the communication.
· 10.1.1: Identify the problem to be solved.
· 12.2.1: Identify systems for the risk assessment.
· 12.3.1: Select controls.
· 13.2.1: Evaluate vendor recommendations in the context of organization requirements.

If you haven’t already downloaded it last week, download the VM Scanner Background Report Template now and follow the instructions in the document.

Delete the instructional text from the template before you submit.

VM Scanner Background Report

CMIT 421

Threat Management and Vulnerability Assessment

Introduction

Provide an introduction that includes what you intend to cover in the background paper. Ensure you are specific and define your purpose clearly.

Part 1: Nessus Vulnerability Report Analysis

In this section, analyze and interpret the results of the report to give your boss a clear picture of the Mercury USA’s potential vulnerabilities.

As you analyze the report, address the following points:

· Is it appropriate to distribute the report as is, or do you need to interpret the report, attach meaning before sending to management? Explain why or why not.

· What is your overall impression of the tool’s output? Is it easy to interpret, well-organized, include enough detail, too much detail?

· Does the tool provide enough reporting detail for you as the analyst to focus on the relevant vulnerabilities for Mercury USA?

· Name the three most important vulnerabilities in this system for Mercury USA. Why are they the most critical?

· How does the report provide enough information to address and remediate the three most important vulnerabilities?

Take Note: Judy has asked you to provide a screenshot to help her understand what the Nessus report looks like.

Screenshot Instructions

1. Open Lab 4.5.x, “Conducting Vulnerability Scans” within the uCertify Pearson CompTIA Cybersecurity Analyst (CySA+) content

1. After Step 25, click on the scan “General Scan”

1. Click the Report button dropdown and choose HTML

1. In the “Generate HTML Report” dialog, click the Generate Report button

1. Open the report from the browser’s download bar at the bottom of the screen

1. Click the Show Details button

1. Take a full window screenshot that includes the date/time of the report and the date/time area of the VM’s taskbar (refer to the example below)

Note: This portion of the background paper also helps determine that your submission is unique. Thus, you must include the specific screenshot as seen below or your project will not be accepted.

Part 2: The Business Case

Keep these issues in mind as you address the two questions below:

· Think back to the video from Mercury USA’s CEO. What were his main areas of concern?

· What is the industry/function of the organization?

· What kinds of data might be important to the organization?

What is your assessment of the Mercury USA’s overall current security posture? What information in the vulnerability scans supports your assessment?

Based on the vulnerabilities present in the reports and the information available about them, what threats might an adversary or black hat hacker try to use against the organization to exfiltrate data or hold it for ransom?

Part 3: Nessus Purchase Recommendation

State your case for your recommendation of the Nessus commercial vulnerability scanner. Be sure to address the following questions:

· Do you think the overall presentation and scoring features are adequate for technical professionals?

· How can this tool help Mercury USA comply with regulatory and standards requirements?

· What is the cost to license the tool? Does the usability, support, and efficacy of the tool warrant the cost?

· Do you think the Nessus report is understandable/suitable for management? Explain why or why not.

· Would you recommend that Mercury USA purchase the tool? Provide your rationale for this recommendation.

Conclusion

Provide a conclusion of at least a paragraph summarizing your analysis of the Nessus vulnerability report, your purchase recommendation, and why your purchase recommendation is beneficial for employees, management, and the organization.

References

Use in-text citations in the body of your memorandum as appropriate. Add all sources you used here. This example citation uses IEEE style. Use a style of your choice or ask your instructor for clarification. When using the associated course content, ensure you cite to the chapter level. An example IEEE citation is provided below for your reference.

[1] “Chapter 5: Implementing an Information Security Vulnerability Management Process”, Pearson CompTIA Cybersecurity Analyst (CySA+), 2020. [Online]. Available:

https://www.ucertify.com/

. [Accessed: 28-Apr-2020].

Report generated by Nessus™

Expand All|Collapse All

My Basic Network Scan
Wed, 08 Apr 2020 09:12:48 Pacific Standard Time

TABLE OF CONTENTS

Hosts Executive Summary

192.168.1.10

192.168.1.25

192.168.1.30

192.168.1.100

Hosts Executive Summary
192.168.1.10

0 1 1 0 22
CRITICAL HIGH MEDIUM LOW INFO

Severity CVSS Plugin Name

HIGH 9.3 97833 MS17-010: Security Update for Microsoft Windows SMB Server (4013389) (ETERNALBLUE) (ETERNALCHAMPION)
(ETERNALROMANCE) (ETERNALSYNERGY) (WannaCry) (EternalRocks) (Petya) (uncredentialed check)

MEDIUM 5.0 57608 SMB Signing not required

INFO N/A 45590 Common Platform Enumeration (CPE)

INFO N/A 10736 DCE Services Enumeration

INFO N/A 54615 Device Type

INFO N/A 35716 Ethernet Card Manufacturer Detection

INFO N/A 86420 Ethernet MAC Addresses

INFO N/A 12053 Host Fully Qualified Domain Name (FQDN) Resolution

INFO N/A 117886 Local Checks Not Enabled (info)

INFO N/A 10394 Microsoft Windows SMB Log In Possible

INFO N/A 10785 Microsoft Windows SMB NativeLanManager Remote System Information Disclosure

INFO N/A 26917 Microsoft Windows SMB Registry : Nessus Cannot Access the Windows Registry

INFO N/A 11011 Microsoft Windows SMB Service Detection

INFO N/A 100871 Microsoft Windows SMB Versions Supported (remote check)

2/16/21, 17:35
Page 1 of 8

Hide Details

INFO N/A 106716 Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check)

INFO N/A 11219 Nessus SYN scanner

INFO N/A 19506 Nessus Scan Information

INFO N/A 110723 No Credentials Provided

INFO N/A 11936 OS Identification

INFO N/A 96982 Server Message Block (SMB) Protocol Version 1 Enabled (uncredentialed check)

INFO N/A 25220 TCP/IP Timestamps Supported

INFO N/A 10287 Traceroute Information

INFO N/A 20094 VMware Virtual Machine Detection

INFO N/A 10150 Windows NetBIOS / SMB Remote Host Information Disclosure

192.168.1.25

0 1 2 2 43
CRITICAL HIGH MEDIUM LOW INFO

Severity CVSS Plugin Name

HIGH 7.5 42411 Microsoft Windows SMB Shares Unprivileged Access

MEDIUM 5.0 57608 SMB Signing not required

MEDIUM 4.3 90317 SSH Weak Algorithms Supported

LOW 2.6 70658 SSH Server CBC Mode Ciphers Enabled

LOW 2.6 71049 SSH Weak MAC Algorithms Enabled

INFO N/A 10114 ICMP Timestamp Request Remote Date Disclosure

INFO N/A 18261 Apache Banner Linux Distribution Disclosure

INFO N/A 48204 Apache HTTP Server Version

INFO N/A 39519 Backported Security Patch Detection (FTP)

INFO N/A 39520 Backported Security Patch Detection (SSH)

INFO N/A 39521 Backported Security Patch Detection (WWW)

INFO N/A 45590 Common Platform Enumeration (CPE)
INFO N/A 54615 Device Type

2/16/21, 17:35
Page 2 of 8

INFO N/A 35716 Ethernet Card Manufacturer Detection
INFO N/A 86420 Ethernet MAC Addresses

INFO N/A 10092 FTP Server Detection

INFO N/A 43111 HTTP Methods Allowed (per directory)

INFO N/A 10107 HTTP Server Type and Version

INFO N/A 24260 HyperText Transfer Protocol (HTTP) Information

INFO N/A 117886 Local Checks Not Enabled (info)

INFO N/A 17651 Microsoft Windows SMB : Obtains the Password Policy

INFO N/A 10394 Microsoft Windows SMB Log In Possible

INFO N/A 10859 Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration

INFO N/A 10785 Microsoft Windows SMB NativeLanManager Remote System Information Disclosure
INFO N/A 11011 Microsoft Windows SMB Service Detection

INFO N/A 60119 Microsoft Windows SMB Share Permissions Enumeration

INFO N/A 10395 Microsoft Windows SMB Shares Enumeration

INFO N/A 100871 Microsoft Windows SMB Versions Supported (remote check)
INFO N/A 106716 Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check)
INFO N/A 11219 Nessus SYN scanner
INFO N/A 19506 Nessus Scan Information
INFO N/A 110723 No Credentials Provided
INFO N/A 11936 OS Identification

INFO N/A 10860 SMB Use Host SID to Enumerate Local Users

INFO N/A 70657 SSH Algorithms and Languages Supported

INFO N/A 10881 SSH Protocol Versions Supported

INFO N/A 10267 SSH Server Type and Version Information

INFO N/A 25240 Samba Server Detection

INFO N/A 104887 Samba Version

INFO N/A 96982 Server Message Block (SMB) Protocol Version 1 Enabled (uncredentialed check)

INFO N/A 22964 Service Detection

INFO N/A 25220 TCP/IP Timestamps Supported
INFO N/A 10287 Traceroute Information

2/16/21, 17:35
Page 3 of 8

Hide Details

INFO N/A 66293 Unix Operating System on Extended Support

INFO N/A 20094 VMware Virtual Machine Detection
INFO N/A 10150 Windows NetBIOS / SMB Remote Host Information Disclosure

INFO N/A 66717 mDNS Detection (Local Network)

INFO N/A 52703 vsftpd Detection

192.168.1.30

5 1 12 2 57
CRITICAL HIGH MEDIUM LOW INFO

Severity CVSS Plugin Name

CRITICAL 10.0 51988 Bind Shell Backdoor Detection

CRITICAL 10.0 32314 Debian OpenSSH/OpenSSL Package Random Number Generator Weakness

CRITICAL 10.0 32321 Debian OpenSSH/OpenSSL Package Random Number Generator Weakness (SSL check)

CRITICAL 10.0 11356 NFS Exported Share Information Disclosure

CRITICAL 10.0 33850 Unix Operating System Unsupported Version Detection

HIGH 7.1 20007 SSL Version 2 and 3 Protocol Detection

MEDIUM 6.4 51192 SSL Certificate Cannot Be Trusted

MEDIUM 6.4 57582 SSL Self-Signed Certificate

MEDIUM 6.1 104743 TLS Version 1.0 Protocol Detection

MEDIUM 5.0 11213 HTTP TRACE / TRACK Methods Allowed

MEDIUM 5.0 42256 NFS Shares World Readable

MEDIUM 5.0 57608 SMB Signing not required

MEDIUM 5.0 15901 SSL Certificate Expiry

MEDIUM 5.0 45411 SSL Certificate with Wrong Hostname

MEDIUM 5.0 42873 SSL Medium Strength Cipher Suites Supported (SWEET32)

MEDIUM 4.3 90317 SSH Weak Algorithms Supported

MEDIUM 4.3 65821 SSL RC4 Cipher Suites Supported (Bar Mitzvah)

MEDIUM 4.3 78479 SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)

2/16/21, 17:35
Page 4 of 8

LOW 2.6 70658 SSH Server CBC Mode Ciphers Enabled
LOW 2.6 71049 SSH Weak MAC Algorithms Enabled
INFO N/A 10114 ICMP Timestamp Request Remote Date Disclosure

INFO N/A 10223 RPC portmapper Service Detection

INFO N/A 21186 AJP Connector Detection

INFO N/A 18261 Apache Banner Linux Distribution Disclosure
INFO N/A 48204 Apache HTTP Server Version

INFO N/A 84574 Backported Security Patch Detection (PHP)

INFO N/A 39520 Backported Security Patch Detection (SSH)
INFO N/A 39521 Backported Security Patch Detection (WWW)
INFO N/A 45590 Common Platform Enumeration (CPE)

INFO N/A 10028 DNS Server BIND version Directive Remote Version Detection

INFO N/A 11002 DNS Server Detection

INFO N/A 72779 DNS Server Version Detection

INFO N/A 35371 DNS Server hostname.bind Map Hostname Disclosure

INFO N/A 54615 Device Type
INFO N/A 35716 Ethernet Card Manufacturer Detection
INFO N/A 86420 Ethernet MAC Addresses
INFO N/A 10092 FTP Server Detection
INFO N/A 10107 HTTP Server Type and Version
INFO N/A 24260 HyperText Transfer Protocol (HTTP) Information

INFO N/A 11156 IRC Daemon Version Detection

INFO N/A 117886 Local Checks Not Enabled (info)
INFO N/A 11011 Microsoft Windows SMB Service Detection
INFO N/A 106716 Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check)

INFO N/A 10437 NFS Share Export List

INFO N/A 11219 Nessus SYN scanner
INFO N/A 19506 Nessus Scan Information
INFO N/A 110723 No Credentials Provided
INFO N/A 11936 OS Identification

2/16/21, 17:35
Page 5 of 8

INFO N/A 50845 OpenSSL Detection

INFO N/A 48243 PHP Version Detection

INFO N/A 118224 PostgreSQL STARTTLS Support

INFO N/A 26024 PostgreSQL Server Detection

INFO N/A 22227 RMI Registry Detection

INFO N/A 11111 RPC Services Enumeration

INFO N/A 53335 RPC portmapper (TCP)

INFO N/A 10263 SMTP Server Detection

INFO N/A 70657 SSH Algorithms and Languages Supported
INFO N/A 10881 SSH Protocol Versions Supported
INFO N/A 10267 SSH Server Type and Version Information

INFO N/A 56984 SSL / TLS Versions Supported

INFO N/A 45410 SSL Certificate ‘commonName’ Mismatch

INFO N/A 10863 SSL Certificate Information

INFO N/A 70544 SSL Cipher Block Chaining Cipher Suites Supported

INFO N/A 21643 SSL Cipher Suites Supported

INFO N/A 62563 SSL Compression Methods Supported

INFO N/A 57041 SSL Perfect Forward Secrecy Cipher Suites Supported

INFO N/A 22964 Service Detection

INFO N/A 17975 Service Detection (GET request)

INFO N/A 11153 Service Detection (HELP Request)

INFO N/A 25220 TCP/IP Timestamps Supported

INFO N/A 11819 TFTP Daemon Detection

INFO N/A 10287 Traceroute Information

INFO N/A 11154 Unknown Service Detection: Banner Retrieval

INFO N/A 20094 VMware Virtual Machine Detection

INFO N/A 11424 WebDAV Detection

INFO N/A 10150 Windows NetBIOS / SMB Remote Host Information Disclosure
INFO N/A 52703 vsftpd Detection

2/16/21, 17:35
Page 6 of 8

Hide Details
192.168.1.100

0 0 1 0 26
CRITICAL HIGH MEDIUM LOW INFO

Severity CVSS Plugin Name
MEDIUM 5.0 57608 SMB Signing not required
INFO N/A 45590 Common Platform Enumeration (CPE)
INFO N/A 10736 DCE Services Enumeration
INFO N/A 54615 Device Type
INFO N/A 35716 Ethernet Card Manufacturer Detection
INFO N/A 86420 Ethernet MAC Addresses
INFO N/A 10092 FTP Server Detection
INFO N/A 43111 HTTP Methods Allowed (per directory)
INFO N/A 10107 HTTP Server Type and Version
INFO N/A 12053 Host Fully Qualified Domain Name (FQDN) Resolution
INFO N/A 24260 HyperText Transfer Protocol (HTTP) Information
INFO N/A 117886 Local Checks Not Enabled (info)
INFO N/A 10785 Microsoft Windows SMB NativeLanManager Remote System Information Disclosure
INFO N/A 11011 Microsoft Windows SMB Service Detection
INFO N/A 100871 Microsoft Windows SMB Versions Supported (remote check)
INFO N/A 106716 Microsoft Windows SMB2 and SMB3 Dialects Supported (remote check)
INFO N/A 11219 Nessus SYN scanner
INFO N/A 19506 Nessus Scan Information
INFO N/A 110723 No Credentials Provided
INFO N/A 11936 OS Identification
INFO N/A 96982 Server Message Block (SMB) Protocol Version 1 Enabled (uncredentialed check)
INFO N/A 22964 Service Detection
INFO N/A 25220 TCP/IP Timestamps Supported

2/16/21, 17:35
Page 7 of 8

Hide Details
INFO N/A 10287 Traceroute Information
INFO N/A 20094 VMware Virtual Machine Detection

INFO N/A 11422 Web Server Unconfigured – Default Install Page Present

INFO N/A 10150 Windows NetBIOS / SMB Remote Host Information Disclosure

© 2020 Tenable™, Inc. All rights reserved.

2/16/21, 17:35
Page 8 of 8

What Will You Get?

We provide professional writing services to help you score straight A’s by submitting custom written assignments that mirror your guidelines.

Premium Quality

Get result-oriented writing and never worry about grades anymore. We follow the highest quality standards to make sure that you get perfect assignments.

Experienced Writers

Our writers have experience in dealing with papers of every educational level. You can surely rely on the expertise of our qualified professionals.

On-Time Delivery

Your deadline is our threshold for success and we take it very seriously. We make sure you receive your papers before your predefined time.

24/7 Customer Support

Someone from our customer support team is always here to respond to your questions. So, hit us up if you have got any ambiguity or concern.

Complete Confidentiality

Sit back and relax while we help you out with writing your papers. We have an ultimate policy for keeping your personal and order-related details a secret.

Authentic Sources

We assure you that your document will be thoroughly checked for plagiarism and grammatical errors as we use highly authentic and licit sources.

Moneyback Guarantee

Still reluctant about placing an order? Our 100% Moneyback Guarantee backs you up on rare occasions where you aren’t satisfied with the writing.

Order Tracking

You don’t have to wait for an update for hours; you can track the progress of your order any time you want. We share the status after each step.

Order Now Talk to Us

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

Essay

Thesis

Presentation

Dissertation

Term Paper

Research Paper

Book Review

Assignment

Report

Case Study

Letter

Article

Coursework

Speech

Q & A

Critical Thinking

Areas of Expertise

Although you can leverage our expertise for any writing task, we have a knack for creating flawless papers for the following document types.

Essay

Thesis

Presentation

Dissertation

Term Paper

Research Paper

Book Review

Assignment

Report

Case Study

Letter

Article

Coursework

Speech

Q & A

Critical Thinking

Trusted Partner of 9650+ Students for Writing

From brainstorming your paper's outline to perfecting its grammar, we perform every step carefully to make your paper worthy of A grade.

Preferred Writer

Hire your preferred writer anytime. Simply specify if you want your preferred expert to write your paper and we’ll make that happen.

Grammar Check Report

Get an elaborate and authentic grammar check report with your work to have the grammar goodness sealed in your document.

One Page Summary

You can purchase this feature if you want our writers to sum up your paper in the form of a concise and well-articulated summary.

Plagiarism Report

You don’t have to worry about plagiarism anymore. Get a plagiarism report to certify the uniqueness of your work.

Free Features $66FREE

Most Qualified Writer $10FREE
Plagiarism Scan Report $10FREE
Unlimited Revisions $08FREE
Paper Formatting $05FREE
Cover Page $05FREE
Referencing & Bibliography $10FREE
Dedicated User Area $08FREE
24/7 Order Tracking $05FREE
Periodic Email Alerts $05FREE

Our Services

Join us for the best experience while seeking writing assistance in your college life. A good grade is all you need to boost up your academic excellence and we are all about it.

On-time Delivery
24/7 Order Tracking
Access to Authentic Sources

Academic Writing

We create perfect papers according to the guidelines.

Professional Editing

We seamlessly edit out errors from your papers.

Thorough Proofreading

We thoroughly read your final draft to identify errors.

Thorough Proofreading

We thoroughly read your final draft to identify errors.

Delegate Your Challenging Writing Tasks to Experienced Professionals

Work with ultimate peace of mind because we ensure that your academic work is our responsibility and your grades are a top concern for us!

Sign Up Talk to Us

Check Out Our Sample Work

Dedication. Quality. Commitment. Punctuality

Categories

All samples

Essay (any type)

Essay (any type)

The Value of a Nursing Degree

Undergrad. (yrs 3-4)

Nursing

2

View this sample

It May Not Be Much, but It’s Honest Work!

Here is what we have achieved so far. These numbers are evidence that we go the extra mile to make your college journey successful.

0+

Happy Clients

0+

Words Written This Week

0+

Ongoing Orders

0%

Customer Satisfaction Rate

Process as Fine as Brewed Coffee

We have the most intuitive and minimalistic process so that you can easily place an order. Just follow a few steps to unlock success.

Call Us +1 (877) 657-8180 Discuss Order Details Now

See How We Helped 9000+ Students Achieve Success

We Analyze Your Problem and Offer Customized Writing

We understand your guidelines first before delivering any writing service. You can discuss your writing needs and we will have them evaluated by our dedicated team.

Clear elicitation of your requirements.
Customized writing as per your needs.

We Mirror Your Guidelines to Deliver Quality Services

We write your papers in a standardized way. We complete your work in such a way that it turns out to be a perfect description of your guidelines.

Proactive analysis of your writing.
Active communication to understand requirements.

We Handle Your Writing Tasks to Ensure Excellent Grades

We promise you excellent grades and academic excellence that you always longed for. Our writers stay in touch with you via email.

Thorough research and analysis for every order.
Deliverance of reliable writing service to improve your grades.

Place an Order Start Chat Now