Skip to content

A vulnerability assessment for a small business and evaluation of the risks of a vulnerable information system and outline of a remediation plan

Notifications You must be signed in to change notification settings

averyth3archivist/vulnerability-assessment-nist

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 

Repository files navigation

Vulnerability Assessment Report

(Portfolio Project from Google Cybersecurity Professional Certificate)

Context

System Description

The server hardware consists of a powerful CPU processor and 128GB of memory. It runs on the latest version of Linux operating system and hosts a MySQL database management system. It is configured with a stable network connection using IPv4 addresses and interacts with other servers on the network. Security measures include SSL/TLS encrypted connections.

Scope

The scope of this vulnerability assessment relates to the current access controls of the system. The assessment will cover a period of three months, from June 2023 to August 2023. NIST SP 800-30 Rev. 1 is used to guide the risk analysis of the information system.

Purpose

The objective is to assess and communicate the risks associated with a fictitious e-commerce company's open remote database server. Given that employees work remotely from various global locations and regularly access customer data for marketing purposes, the open database poses a significant vulnerability. It is essential to identify potential threats to business operations stemming from this vulnerability and propose security measures to mitigate these risks. By securing the centralized database server, the aim is to safeguard sensitive customer information, campaign data, and analytics essential for performance tracking and personalized marketing efforts, thereby ensuring the integrity and confidentiality of the company's data assets.

Risk Assessment

Threat Source Threat event Likelihood Severity Risk
Hacker Obtain sensitive information via exfilitration 3 3 9
Employee Disrupt mission-critical operations 2 3 6
Customer Alter/Delete critical information 1 3 3

Approach

The risks assessed took into account how the business stores and manages data. Identifying potential threats and incidents relied on assessing the probability of a security breach due to the system's open access permissions. The severity of potential incidents was evaluated in relation to their impact on everyday business operations.

Remediation Strategy

Implementing measures such as authentication, authorization, and auditing is crucial to safeguarding the database server, ensuring that only authorized individuals access it. This involves employing robust password protocols, role-based access controls, and multi-factor authentication to restrict user privileges. Data encryption during transmission is achieved through TLS rather than SSL. Additionally, limiting access to corporate offices via IP allow-listing prevents unauthorized internet users from connecting to the database.

While IPv4 remains prevalent, the adoption of IPv6 is on the rise to address the depletion of IPv4 addresses. It's advisable to integrate IPv6 support into your server infrastructure and develop a transition strategy to accommodate future IPv6 adoption. In addition, compliance with pertinent laws, regulations, and industry standards concerning data privacy, security, and network operations is essential. This may entail adherence to regulations such as GDPR, HIPAA, PCI DSS, or industry-specific standards.

About

A vulnerability assessment for a small business and evaluation of the risks of a vulnerable information system and outline of a remediation plan

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published