I'd like you to review the security status for our small Microsoft workgroup LAN. The network consists of computers working on a variety of client platforms, such as Windows XP, Windows Vista, and Windows 7, and server products in a single environment. The workgroup contains many distinct separations in the network as determined by group memberships:
Windows laptops: Traveling salespeople, remote suppliers, branch offices
Windows desktops: Accounting group, developer group, customer service group
Windows servers: Administrative server, Microsoft SharePoint server, Server Message Block (SMB) server
For this assignment, go through the archive of Microsoft Security Advisories at http://technet.microsoft.com/en-us/security/advisoryarchive. Then write a report that answers the following questions based on the advisories for the past 12 months:
What vulnerabilities exist for this workgroup LAN based on the advisories? List five of them.
Do any vulnerabilities involve privilege elevation? Is this considered a high-priority issue?
Identify and document at least three vulnerabilities and the solutions related to the client configurations.
I'd like you to review the security status for our small Microsoft workgroup LAN. The network...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...
TRUE/FALSE QUESTIONS: Foundations of Information Security and Assurance 1. There is a problem anticipating and testing for all potential types of non-standard inputs that might be exploited by an attacker to subvert a program. 2. Without suitable synchronization of accesses it is possible that values may be corrupted, or changes lost, due to over-lapping access, use, and replacement of shared values. 3. The biggest change of the nature in Windows XP SP2 was to change all anonymous remote procedure call (RPC)...