The deliverables for this project are as follows:
- Security Assessment Report (SAR): This should be an 8 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
- Risk Assessment Report (RAR): This report should be a 5 page double-spaced Word document with citations in APA format. The page count does not include figures, diagrams, tables, or citations.
- In a Word document, share your lab experience and provide screen prints to demonstrate that you performed the lab.
Please use Attached is OIG Audit Report, Outline, RAR and SAR template to complete this assignment.
Note: You will use the tools in Workspace for this step. If you need help outside the classroom to complete this project, register for CLAB 699 Cyber Computing Lab Assistance (go to the Discussions List for registration information). Primary lab assistance is available from a team of lab assistants. Lab assistants are professionals and are trained to help you.
Click here to access the instructions for Navigating the Workspace and the Lab Setup.
Select the following link to enter Workspace. and complete the lab activities related to network vulnerabilities.
You will now investigate network traffic, and the security of the network and information system infrastructure overall. Past network data has been logged and stored, as collected by a network analyzer tool such as Wireshark. Explore the tutorials and user guides to learn more about the tools you will use. Click the following link to read more about these network monitoring tools: Tools to Monitor and Analyze Network Activities.
You will perform a network analysis on the Wireshark files provided to you in Workspace and assess the network posture and any vulnerability or suspicious information you are able to obtain. Include this information in the SAR.
You will then return to the lab in order to identify any suspicious activities on the network, through port scanning and other techniques. You will revisit the lab and lab instructions in Step 7: Suspicious Activity.
Click here to access the Project 3 Workspace Exercise Instructions.
In order to validate the assets and devices on the organization’s network, run scans using security and vulnerability assessment analysis tools such as MBSA, OpenVAS, Nmap, or Nessus depending on the operating systems of your organization’s networks. Live network traffic can also be sampled and scanned using Wireshark on either the Linux or Windows systems. Wireshark allows you to inspect all OSI layers of traffic information. Further analyze the packet capture for network performance, behavior, and any suspicious source and destination addresses on the networks.
In the previously created Wireshark files, identify if any databases had been accessed. What are the IP addresses associated with that activity? Include this information in the SAR.