Question

Complete the hardening and auditing tasks using a personal computer with the default installation of Windows 7 or Windows 10. Provide screenshots of all screens and queries made.

Ensure that you are logged in as an administrator. Using a computer that has Windows 7 or Windows 10 installed:

Review the antivirus program. Ensure that it is up to date, is configured for automatic updates, and is scheduled to run quick scans regularly. Note when the last full system scan was run and any issues you observe with the software.

Configure audit logging to identify all failed password attempts into the system.

After at least 24 hours, check the Windows workstation for security events. Be sure to review the audit log in Windows Event Viewer.

Explain how you ensured the antivirus program is up to date, scheduled to run regular quick scans, and when the last full system scan was run. Describe anything significant you observed.

Explain how you configured audit logging to record all failed password attempts into the system.

Describe all the potentially problematic security events that occurred in the 24-hour period after checking the antivirus software and configuring audit logging.

Explain what was done (or should be done) to correct any problems encountered.

Explain the purposes of system hardening and auditing in terms of the company’s goal of maintaining information systems security. Also describe an additional area of concern or an emerging trend related to information systems security that you think warrants the company’s attention in the immediate future.

Briefly explain how your work on this project relates to your responsibility to help the company achieve its IT security goals.

Answer 1

Windows is one of the most used operating system in the world and hence, it is the most vulnerable one as many of the exploits and hacking tools are targetted for Windows user. The services in Windows has improved far. The tools that are replacing the use of antivirus for windows are as follows:

• Windows Defender
• Windows Firewall

Antivirus:

The antivirus are just the casuality. Some of the antivirus are not to their fullest and there are many ways to bypass the antivirus. Hence, using them is nothing but waste of time unless and until they are quite productive.

Bounty Program:

1. This technique has decreased the hacking scenarios and has increased the awareness towards cybersecurity.Today, we are going to talk about the recent vulnerability that was been disclosed in the Windows systems.
2. Vulnerabilities are been capturing the world's security and making us all vulnerable to the tricks that are been played upon us by the exploiters. Hence, need of the ethical hackers is been increasing. Below is the description of how can we secure networks.

Network Monitoring Using Security:

The Traffic monitoring is also an important concept as it can be used to increase the chances of being vulnerable as much time it takes to get less traffic. As, chances of being exploited with attacks such as DoS & DDoS attacks. The networking of the whole system is being done mostly on Linux so understanding Linux to attend the traffic in the system with full proof of vulnerability.

Windows Vulnerability:

• The vulnerability was very severe and consists of the programming issue in the ELF files in windows kernel while the kernel loads.
• The exploiters had written an malicious program known as Position Independent Executable(PIE) which was able to exploit the loader and will be able to map the rest of the part of the Application's data segments which was been registered over the memory area and was reserved for the stack.
• This completely resulted in the memory corruption and was then possible to get the local privilige escalations.
• The flaw was completely representing the possible mechanism for any exploiter or hacker to put up a normal user as root and then acquire the control over the system easily.
• The patch of the vulnerability was given away recently past two days and the sysadmins were advised to patch the systems for prevention of more hacks.

Hence, this is how the windows security is exploited and with the help of the possible exploits and pitfalls in the system there are many hacks happening in the systems with Windows.

Exploiting The Vulnerabilities:

In Windows, there are penetration tester softwares that test the vulnerabilities and make the world aware of the security issues that are contained in the systems. The system will then get to know about the cyber security and getting into the facts of the applications is also very important.

The vulnerabilities that are pretty much available in the Internet and are exploited are as follows:

• Remote Code Execution (RCE)
• Phishing
• XSS Attacks
• SQL Injections
• DoS & DDoS Attacks

Hence, these are the vulnerabilities that are being indentified on the bigger scale in the market and are being exploited by many security professionals and hackers.

Methodologies:

The impact of the vulnerabilities on the organization may be very intense if not focused on. To keep the network running and fine we need to overcome these vulnerabilities and create patches for these vulnerabilities otherwise the impact of these vulnerabilities will be very immense.

• The network if contains any of these vulnerabilities and if not focused on removing the vulnerability it can be exploited by anybody resulting in decrease in the privacy.
• It will also result in getting the security of the network in trouble and can be compromised by anyone anytime.

Hence, these are the impacts of the vulnerabilities and how must one deal with these vulnerabilities.

Rate an upvote....Thankyou

Hope this helps......