Question

Computer and Network Security

Computer Emergency Readiness Team (CERT) provides a list of Top 30 Targeted High Risk Vulnerabilities. They also explain current trends in security. Take a look at the current list and prepare a briefing suitable for a boss or employer. Your submission should be between 1200-1500 words with references and following APA writing standards.

Answer 1

Answer:-

Its suitable for both boss and employer ,

In general, an incident response team is responsible for protecting the organization from computer, network or cybersecurity problems that threaten an organization and its information. A universal model for incident response that has been in use for a long time is the “protect, detect and respond” model:

is a group of information security experts responsible for the protection against, detection of and response to an organization’s cybersecurity incidents. A CERT may focus on resolving incidents such as data breaches and denial-of-service attacks as well as providing alerts and incident handling guidelines. CERTs also conduct ongoing public awareness campaigns and engage in research aimed at improving security systems.

The National Vulnerability Database has two feeds: One covers all the recent CVE vulnerabilities, while the other focuses on fully analyzed CVE vulnerabilities. I only follow the feed with the fully analyzed vulnerabilities because it provides the information that’s important to me: the vulnerable product names.

US-CERT and the Industrial Control Systems CERT (ICS-CERT) publish regularly updated summaries of the most frequent, high-impact security incidents. The information is similar to CERT/CC. The content from ICS-CERT is especially useful if you have to protect critical infrastructure.

The feed at Full Disclosure, now part of SecLists.org, is one of the oldest available. It can be rather chatty, but it gives access to information on vulnerabilities that is not immediately covered via other channels.

Most vendors have their own feed of advisories, as well. With the use of good asset management, you should be able to compile a list of key products and vendors to follow.

The feeds from CERT/CC and SecurityFocus provide alert and advisory data for the most commonly used products and should be checked up on daily.

Regardless of whether they are called a CERT, CSIRT, IRT or any other similar name, the role of all computer emergency response teams is fairly comparable. " was first used in 1988 by the CERT Coordination Center (CERT-CC) at Carnegie Mellon University (CMU). .All of these organizations are trying to accomplish the same incident response related goals of responding to computer security incidents to regain control and minimize damage, providing or assisting with effective incident response and recovery and preventing computer security incidents from reoccurring.In general, an incident response team is responsible for protecting the organization from computer, network or cybersecurity problems that threaten an organization and its information. A universal model for incident response that has been in use for a long time is the “protect, detect and respond” model