CMIT 421 Week $ DIscussion

.docx

School

University of Maryland, University College *

*We aren’t endorsed by this school

Course

421

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

2

Uploaded by SuperHumanSparrowMaster546

1. For this Linux system, what do you recommend fixing right away? Are there dangers if the vulnerabilities and associated threats are not fixed To address the vulnerabilities on this Linux system, it's crucial to prioritize fixing the outdated operating system, such as Ubuntu 8.04, which reached its end-of-life in 2013. As patches for this OS version may no longer be available, there's a risk of security breaches and exploitation. Upgrading to the latest Ubuntu OS release or a later patch is recommended to mitigate these risks (Nield, 2020; Prakash, 2019). Failure to fix these vulnerabilities could leave the system highly susceptible to exploitation. 2. How do you fix the problem(s) identified? Can you defer mitigation for another time? How can the issue (s) be fixed if the system cannot be taken offline? The identified problems can be fixed by updating the operating system to a newer version of Ubuntu, which can be done seamlessly without losing current data and applications. Scheduling a downtime window during non-peak times can minimize server downtime during the upgrade process. Additionally, implementing a backup server using a current image of the crucial system can ensure continuous service availability (Prakash, 2017). Using Nessus, a commercial tool for vulnerability management, can help in identifying and addressing vulnerabilities effectively (Prakash, 2017). . 3. Since some machines were already scanned with OpenVAS, should you also consider scanning the same systems with Nessus? Why or why not It is advisable to scan the systems with both Nessus and OpenVAS since they employ slightly different processes and may detect different vulnerabilities. This redundancy ensures comprehensive vulnerability assessment, especially for servers containing sensitive data (Nessus Family, 2022). 4. Conduct open-source research using the internet. Roughly, what is the cost to license Nessus for one year? The cost to license Nessus for one year varies depending on the plan chosen. Nessus Professional costs $3,390 annually, while Nessus Expert is priced at $4,990 per year. There are also enterprise-scale options available, such as Teneble.io, which charges per asset and starts at $3,500 per year for one hundred assets (Nessus Family, 2022). Additionally, Nessus offers a variety of plan choices with diverse features, starting from $2790.00 for the upcoming version (Nessus reviews and pricing). Reference D. Nield, "What to do when your OS becomes obsolete," Popular Science, 14 January 2020. [Online]. Available: https://www.popsci.com/story/diy/obsolete-os-guide/ . [Accessed 13 September 2022]. The Nessus Family," Tenable, [Online]. Available: https://www.tenable.com/products/nessus. [Accessed 13 September 2022]. Prakash, A. (2019, May 01). Ubuntu 14.04 has reached end of life. here are your options. Retrieved February 07, 2021, from https://itsfoss.com/ubuntu-14-04-end-of-life/ Prakash, A. (2017, January 17). Upgrade or update ubuntu offline, without internet. Retrieved February 07, 2021, from https://itsfoss.com/upgrade-or-update-ubuntu-offlinewithoutinternet/#:~:text=Updating
%20or%20upgrading%20Ubuntu%20with,get %20update%20in%20the%20terminal.&text=And%20to %20get%20you %20out,computer %20without%20an%20internet%20connection.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help