Window of Vulnerability Calculation Essay

617 Words Oct 3rd, 2012 3 Pages
CALCULATE THE WINDOW OF VULNERABILITY

A security breach has been identified within a small Microsoft workgroup LAN. The workgroup consists of three primary workgroups which contain group membership lists of users within the Active Directory infrastructure that currently exists on the SMB Server that is located within the confines of the LAN structure. The security breach, which is defined as any event that results in a violation of any of the CIA (confidentiality, integrity, availability) security principles, was caused by the SMB server being accessed by an unauthorized user due to a security hole that was detected by the server software manufacturer the previous day. The security patch will not be available until possible as long
…show more content…
In addition, it is important to consider exactly how this security breach occurred, when determining counter-measures to contain and reduce the likelihood of any such occurrences from happening again. However, these factors are not actually part of the timeline for calculating the WoV, but should be addressed when understanding the WoV. The security hole that was detected by the server software manu-facturer the previous day gave the unauthorized user a window of opportunity/vulnerability by discovering the backdoor (security hole) to access resources and bypass existing security controls, password encryption, and access controls that were put in place to protect the IT infrastructure. It is possible that a utility such as netcat was used or a rootkit or some type of Trojan horse backdoor software or device.

Calculation of Window of Vulnerability:

Factors to consider in the timeline: * 1 Day Ago = Security Hole Detected by Manufacturer * 3 Days = A patch will be Available * 1 Week = Minimum time for LAN admin to download/test/install patch
Therefore, Day 0 = 09/28/12; + 3 days = 10/01/12; + 7 days = 10/08/12 (min) *[+ 2 days extra for any potential problems] 10/10/12 = Day n . This can be depicted in the following graphical display:

Day n = a total of 13 days have elapsed from Day 0 . In conclusion, the WoV would be 13 days based on this timeframe. *You could conceivably calculate

More about Window of Vulnerability Calculation Essay