Centralized Anti-Virus System Essay Assignment
Order ID 53563633773 Type Essay Writer Level Masters Style APA Sources/References 4 Perfect Number of Pages to Order 5-10 Pages Description/Paper Instructions
Centralized Anti-Virus System Essay Assignment
PROG8270 Winter 2019 – Assignment 3
Recall our network environment:
Domain Controllers: Primary A/D Domain Controller: Server 2016, Backup Domain Controller: Windows server 2012 R2
Email: Exchange 2013 CU20 running on Windows Server 2012R2 updated April 1/2018.
Web server: Linux Ubuntu Server 16.04 LTS updated Aug 1/2018. Apache 2.4.34 is being used
Clients: 60 auto-updated (current to 1/1/2019) Windows 10 PRO (developers), 30 Windows 7 PRO, last updated 1-Sept-2018, running a stock/common configuration. 10 sys admins run Ubuntu 18 Desktop, patched to current, but use VMware Workstation 12 for them
sysadmin tasks. The virtual machines may include Windows 7 sp1, Windows 8, Windows 8.1, Server 2012, Server 2012R2, Server 2016, and Server 2019.
Border firewall: hardened Linux:
o outbound: all TCP/UDP ports allowed, o inbound: TCP80 to webserver, TCP443 to Exchange OWA, TCP25 to Exchange 2013 server.
Network: There are no network access controls – all the computers are situated on a flat, Class-C network. The
Windows clients have default security settings. 100Mbit switched ethernet
Security Services: There is no central SPAM server nor is there a centralized Anti-Virus system in place.
User accounts and restrictions: All users are Domain users and each domain user is a local machine administrator on their primary
machine (but on no other). All of the sys-admins know the domain Admin password and share access as required.
A simplified network diagram is shown:
This study source was downloaded by 100000816719754 from CourseHero.com on 03-11-2022 12:05:55 GMT -06:00
https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/
https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/
In the time since reviewing that last vulnerability, the organization has implemented some changes to the network with the goal being improved security. The network now looks like this:
The network architects now have all the client machines browsing the Internet through a proxy server (red arrow #4). They have also created 2 DMZ zones. When Internet users attempt to browse to the webserver (red arrow #1), their network traffic passes through the border firewall (as before). Should the Internet user initiate some type of dynamic web request (list or search catalog, purchase, check open orders, etc.), the web server accesses the application and database servers through the firewall (red arrow #2). Internal users, including database analysts, will access both the application and database servers through the firewall (red arrow #3).
Now the system architects would like to add a web-based application to the Linux server (still running Linux Ubuntu Server 16.04 LTS with Apache 2.4.34). The application is based on phpBB version 2.0.19. The company plans to add TCP443 incoming (on a different external address) to the existing TCP80 into the Linux server, terminating at this new application.
A co-worker of yours has reviewed the source code of the new application and has sent you a *sampling* of the findings she discovered:
This study source was downloaded by 100000816719754 from CourseHero.com on 03-11-2022 12:05:55 GMT -06:00
https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/
https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/
Emailer.php
The file emailer.php passes an unvalidated filename to a dynamic include statement on line 202. Allowing unvalidated user input to control files that are included dynamically in PHP can lead to malicious code execution.
Db2.php
Line 127 of db2.php invokes a SQL query built using unvalidated input. This call could allow an attacker to modify the statement’s meaning or to execute arbitrary SQL commands.
template.php
Attackers can control the filesystem path argument to file() at template.php line 265, which allows them to access or modify otherwise protected files.
This study source was downloaded by 100000816719754 from CourseHero.com on 03-11-2022 12:05:55 GMT -06:00
https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/
https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/
Admin_styles.php
Line 783 of admin_styles.php sends unvalidated data to a web browser, which can result in the browser executing malicious code.
emailer.php
The file emailer.php interprets unvalidated user input as source code on line 151. Interpreting user- controlled instructions at run-time can allow attackers to execute malicious code.
Admin_users.ph p
Empty passwords can compromise system security in a way that cannot be easily remedied.
This study source was downloaded by 100000816719754 from CourseHero.com on 03-11-2022 12:05:55 GMT -06:00
https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/
https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/
common.php
The program might review system data or debugging information in common.php with a call to error_reporting() on line 28. The information revealed by error_reporting() could help an adversary form a plan of attack.
Your task is complete a technical risk assessment on this proposal.
Remember, it is not your job to implement solutions to any problems you might identify. Rather, it’s your job to offer suggestions (possibly additional technologies, configurations, or changes to code) that would likely reduce the risks (to the organization) that will result from building this solution as planned.
There will be notable findings in the infrastructure/platform configs, the network topology and configuration, and the software configuration. The Internet will be a valuable resource also for additional vulnerabilities, issues, and recommendations.
It is recommended that you follow the layout described in the risk assessment report template, but other styles or layouts will be accepted.
Marking Rubric:
Risk Assessment Report: Technical Accuracy 40% Technical Completeness 40% Layout and style 10% Use of effective/professional written English (see course outline, section “Essential Employability Skills”)
10%
Standard deductions:
5% for not having name and assignment # in your Word document 10% for zipping submission Regular late submission penalty (see Instructional Plan)
This study source was downloaded by 100000816719754 from CourseHero.com on 03-11-2022 12:05:55 GMT -06:00
https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/ Powered by TCPDF (www.tcpdf.org)
https://www.coursehero.com/file/52413454/PROG8270-Assignment-3docx/
http://www.tcpdf.org
RUBRIC
QUALITY OF RESPONSE NO RESPONSE POOR / UNSATISFACTORY SATISFACTORY GOOD EXCELLENT Content (worth a maximum of 50% of the total points) Zero points: Student failed to submit the final paper. 20 points out of 50: The essay illustrates poor understanding of the relevant material by failing to address or incorrectly addressing the relevant content; failing to identify or inaccurately explaining/defining key concepts/ideas; ignoring or incorrectly explaining key points/claims and the reasoning behind them; and/or incorrectly or inappropriately using terminology; and elements of the response are lacking. 30 points out of 50: The essay illustrates a rudimentary understanding of the relevant material by mentioning but not full explaining the relevant content; identifying some of the key concepts/ideas though failing to fully or accurately explain many of them; using terminology, though sometimes inaccurately or inappropriately; and/or incorporating some key claims/points but failing to explain the reasoning behind them or doing so inaccurately. Elements of the required response may also be lacking. 40 points out of 50: The essay illustrates solid understanding of the relevant material by correctly addressing most of the relevant content; identifying and explaining most of the key concepts/ideas; using correct terminology; explaining the reasoning behind most of the key points/claims; and/or where necessary or useful, substantiating some points with accurate examples. The answer is complete. 50 points: The essay illustrates exemplary understanding of the relevant material by thoroughly and correctly addressing the relevant content; identifying and explaining all of the key concepts/ideas; using correct terminology explaining the reasoning behind key points/claims and substantiating, as necessary/useful, points with several accurate and illuminating examples. No aspects of the required answer are missing. Use of Sources (worth a maximum of 20% of the total points). Zero points: Student failed to include citations and/or references. Or the student failed to submit a final paper. 5 out 20 points: Sources are seldom cited to support statements and/or format of citations are not recognizable as APA 6th Edition format. There are major errors in the formation of the references and citations. And/or there is a major reliance on highly questionable. The Student fails to provide an adequate synthesis of research collected for the paper. 10 out 20 points: References to scholarly sources are occasionally given; many statements seem unsubstantiated. Frequent errors in APA 6th Edition format, leaving the reader confused about the source of the information. There are significant errors of the formation in the references and citations. And/or there is a significant use of highly questionable sources. 15 out 20 points: Credible Scholarly sources are used effectively support claims and are, for the most part, clear and fairly represented. APA 6th Edition is used with only a few minor errors. There are minor errors in reference and/or citations. And/or there is some use of questionable sources. 20 points: Credible scholarly sources are used to give compelling evidence to support claims and are clearly and fairly represented. APA 6th Edition format is used accurately and consistently. The student uses above the maximum required references in the development of the assignment. Grammar (worth maximum of 20% of total points) Zero points: Student failed to submit the final paper. 5 points out of 20: The paper does not communicate ideas/points clearly due to inappropriate use of terminology and vague language; thoughts and sentences are disjointed or incomprehensible; organization lacking; and/or numerous grammatical, spelling/punctuation errors 10 points out 20: The paper is often unclear and difficult to follow due to some inappropriate terminology and/or vague language; ideas may be fragmented, wandering and/or repetitive; poor organization; and/or some grammatical, spelling, punctuation errors 15 points out of 20: The paper is mostly clear as a result of appropriate use of terminology and minimal vagueness; no tangents and no repetition; fairly good organization; almost perfect grammar, spelling, punctuation, and word usage. 20 points: The paper is clear, concise, and a pleasure to read as a result of appropriate and precise use of terminology; total coherence of thoughts and presentation and logical organization; and the essay is error free. Structure of the Paper (worth 10% of total points) Zero points: Student failed to submit the final paper. 3 points out of 10: Student needs to develop better formatting skills. The paper omits significant structural elements required for and APA 6th edition paper. Formatting of the paper has major flaws. The paper does not conform to APA 6th edition requirements whatsoever. 5 points out of 10: Appearance of final paper demonstrates the student’s limited ability to format the paper. There are significant errors in formatting and/or the total omission of major components of an APA 6th edition paper. They can include the omission of the cover page, abstract, and page numbers. Additionally the page has major formatting issues with spacing or paragraph formation. Font size might not conform to size requirements. The student also significantly writes too large or too short of and paper 7 points out of 10: Research paper presents an above-average use of formatting skills. The paper has slight errors within the paper. This can include small errors or omissions with the cover page, abstract, page number, and headers. There could be also slight formatting issues with the document spacing or the font Additionally the paper might slightly exceed or undershoot the specific number of required written pages for the assignment. 10 points: Student provides a high-caliber, formatted paper. This includes an APA 6th edition cover page, abstract, page number, headers and is double spaced in 12’ Times Roman Font. Additionally, the paper conforms to the specific number of required written pages and neither goes over or under the specified length of the paper. GET THIS PROJECT NOW BY CLICKING ON THIS LINK TO PLACE THE ORDER
CLICK ON THE LINK HERE: https://www.perfectacademic.com/orders/ordernow
Also, you can place the order at www.collegepaper.us/orders/ordernow / www.phdwriters.us/orders/ordernow
Do You Have Any Other Essay/Assignment/Class Project/Homework Related to this? Click Here Now [CLICK ME]and Have It Done by Our PhD Qualified Writers!!