Submitted By HStathas

Words 828

Pages 4

Words 828

Pages 4

Calculate the Window of Vulnerability There are four parts to be considered when calculating the WoV. These four parts are the Discovery-Time, Exploit-Time, Disclosure-Time, and Patch-Time. All four of these must be looked at and evaluated as a part of calculating the amount of time that the server will be vulnerable for. Discovery Time is the earliest date that vulnerability is discovered and recognized to pose a security risk. The discovery date is not publicly known until the public disclosure of the respective vulnerability. Exploit Time is the earliest date an exploit for vulnerability is available. We qualify any hacker-tool, virus, data, or sequence of commands that take advantage of vulnerability as an exploit. Disclosure Time is the first date vulnerability is described on a channel where the disclosed information on the vulnerability is freely available to the public, or is published by trusted and independent channel and has undergone analysis by experts such that risk rating information is included. Patch Time is the earliest date the vendor or the originator of the software releases a fix, workaround, or a patch that provides protection against the exploitation of the vulnerability. Fixes and patches offered by third parties are not considered as a patch. A patch can be as simple as the instruction from the vendor for certain configuration changes. Note that the availability of other security mechanisms such as signatures for intrusion prevention systems or anti-virus tools is not considered as a patch in this analysis. Unfortunately, the availability of patches usually lags behind the disclosure of vulnerability. Each major vulnerability and time it takes to fix is what is used to calculate the WoV. So from the day it was found till the time the patch can be installed will be about four days of unsecured vulnerability. Then…...

...IT255 - Introduction to Information Systems Security 9/28/12 Unit 2 Assignment 1: Calculate the Window of Vulnerability To resolve the issue of the window of vulnerability (WoV), we would need to get the patch from Microsoft. According to Microsoft, it will take up to 3 days for the patch to be available. Then, we would need additional time to download and test the patch to make sure that this is what is needed to fix the security breach on the SMB server. After doing the testing, the IT department would need time to install the patch onto the servers and deploy to the client computers. This will take 2 days to do, depending on the IT staff, if they work on weekends will determine the completion date. Meaning, if they will work on the weekend, then the deployment to all computers and servers will be done by that Sunday. If not, then it will be the following Tuesday. So, the time that is needed would be a week. To recap, the security breach was reported on a Friday. On Monday, looked on Microsoft’s website to see when the patch would be released, and it indicated that it would take 3 days for it to be available. Counting Monday, 3 days would be, Wednesday. Depending on the time that the patch is released on Wednesday, would need an additional 2 days to download and test the patch before deploying, if early Wednesday, then Thursday to test. But if it comes late Wednesday, then it would take Thursday and Friday to test. Then that would leave the weekend, if the IT staff...

Words: 292 - Pages: 2

...To resolve the issue of the window of vulnerability, we would need to get the patch from Microsoft. It will take up to 3 days for the patch to be available. Then, we would need more time to download and test the patch to make sure that this is what is needed to fix the security breach on the SMB server. After doing the testing, the IT department would need time to install the patch onto the servers and deploy to the client computers. This will take 2 days to do, depending on the IT staff, if they work on weekends will determine the completion date. Meaning, if they will work on the weekend, then the deployment to all computers and servers will be done by that Sunday. If not, then it will be the following Tuesday. So, the time that is needed would be a week. To recap, the security breach was reported on a Friday. On Monday, looked on Microsoft’s website to see when the patch would be released, and it indicated that it would take 3 days for it to be available. Counting Monday, 3 days would be, Wednesday. Depending on the time that the patch is released on Wednesday, would need an additional 2 days to download and test the patch before deploying, if early Wednesday, then Thursday to test. But if it comes late Wednesday, then it would take Thursday and Friday to test. Then that would leave the weekend, if the IT staff would work on the weekend. But if not, then it is going to restart on Monday and complete on Tuesday....

Words: 270 - Pages: 2

...Calculate the usable area in square feet of house. Assume that the house has a maximum of four rooms, and that each room is rectangular. Before attempting this exercise, be sure you have completed all of chapter 2 and course module readings, participated in the weekly conferences, and thoroughly understand the examples throughout the chapter. There are 3 main components of your submission including the problem analysis, program design and documentation, and sample test data. • 1. Using a similar approach as example 2.3 (textbook page 75): "Finding the Sale Price of Items in a Department Store", provide your analysis for the following problem statement: You need to write a program that will calculate the number of square feet (living space) in a 4-room house. Your analysis should be clearly written and demonstrate your thought process and steps used to analyze the problem. Be sure to include what is the required output? What is the necessary input and how you will obtain the required output from the given input? Also, include your variable names and definitions. Be sure to describe the necessary formulas and sample calculations that might be needed. • 2. Using a similar approach as the example provided in section 2.2(textbook page 78) for "The Sale Price Program continued", provide your programdesign for the program you analyzed for calculating the number of square feet in a house. Be sure to describe the fundamental tasks needed to solve the problem so you can...

Words: 901 - Pages: 4

...Calculate the Window of Vulnerability The four parts would be the Discovery-Time, Exploit-Time, Disclosure-Time, and Patch-Time. All four of these must be looked at and evaluated. Discovery Time –is the earliest date that a vulnerability is discovered and recognized to pose a security risk. The discovery date is not publicly known until the public disclosure of the respective vulnerability. Exploit Time -is the earliest date an exploit for a vulnerability is available. We qualify any hacker-tool, virus, data, or sequence of commands that take advantage of a vulnerability as an exploit. Disclosure Time –is the first date a vulnerability is described on a channel where the disclosed information on the vulnerability is (a) freely available to the public, (b) published by trusted and independent channel and (c) has undergone analysis by experts such that risk rating information is included. Patch Time - is the earliest date the vendor or the originator of the software releases a fix, workaround, or a patch that provides protection against the exploitation of the vulnerability. Fixes and patches offered by third parties are not considered as a patch. A patch can be as simple as the instruction from the vendor for certain configuration changes. Note that the availability of other security mechanisms such as signatures for intrusion prevention systems or anti-virus tools are not considered as a patch in this analysis. Unfortunately, the availability of patches usually lags...

Words: 603 - Pages: 3

...Calculate the Window of Vulnerability Just a recap on what Window of Vulnerability actually means. WOV or Window of Vulnerability is the time it takes the attack to start all the way to when the attack is found and removed or fixed. There are key steps that take place to complete a WOV. In this case it doesn’t say what day or time the attack was found only that the server software detected it the previous day. We will pretend that the attack was on a Monday morning. The software company will be releasing a patch for the attack in three days. We will receive the patch either Thursday or Friday. When we get the patch we will need to install and test the patch, this will take at least one week. Once the patch is installed we will need to push the update company wide to all machines that access the network. This can be tricky because not everyone may work on the weekends. We would need to send out a message to either leave the PC’s on so that we can remotely install the updates or have them restart the PC’s for the patch to take effect. It’s hard to determine the dates of when this is all happening with the information giving but I think it may take at least 2 weeks to find, patch, and remove the attack if all goes well. Works Cited (n.d.). Retrieved 4 1, 2013, from Window of Vulnerability : http://en.wikipedia.org/wiki/Vulnerability...

Words: 254 - Pages: 2

...A security breach has been identified in which an authorized user due to a security hole accessed the SMB server. The server software manufacturer detected the hole the day before. A new patch will be available in three days. However the LAN administrator needs at least a week to download the software, test it, and then install the patch. Based on this information, the window of vulnerability at the very least is eight days. A network worm called xrystal was detected through the MS-SQL server software package. A default installation of MS-SQL was installed into Windows desktops in which each server did not have a password on the system account. This situation gave access to anyone on the network to run random commands and requests. Xrystal configures a “guest” account to allow file sharing and be able to upload itself to any desired target. It then creates copies of itself using the password-less account, therefore creating an infection. This worm was not found until the day after installation and it will take three days to restore the network. The window of vulnerability of this state is four days. A user opened an email that contained a virus and notified her manager. The manager then notified the IT department, and they immediately began to work on the difficulty. It took the IT team one day to resolve the issue and completely remove the virus and the restore the network. The window of vulnerability was one day. Lastly, an employee who used their VPN at home was surfing...

Words: 323 - Pages: 2

...Unit 2 Assignment 1: Calculate the Windows of Vulnerability! A security breach has been identified in which an authorized user due to a security hole accessed the SMB server. The server software manufacturer detected the hole the day before. A new patch will be available in three days. However the LAN administrator needs at least a week to download the software, test it, and then install the patch. Based on this information, the window of vulnerability at the very least is eight days. WOV, Window of Vulnerability, is the time it takes the attack to start all the way to when the attack is found and removed or fixed. In this case it doesn’t say what day or time the attack was found, only that the server software detected it the previous day. We will pretend that the attack was on a Monday morning. The software company will be releasing a patch for the attack in three days. We will receive the patch either Thursday or Friday. When we get the patch we will need to install and test the patch, this will take at least one week. Once the patch is installed we will need to push the update company wide to all machines that access the network. We will need to send out an email message to all employees to either leave the PC’s on so that we can remotely install the updates. From the day we found the security hole to the the time we fix the security hole, it will take approximately take 8 weeks to complete the whole process. Work Cited:......

Words: 273 - Pages: 2

...How to Calculate Subnets Subnets and Hosts Borrow 2 bits S S H H H H H H # of subnets = 22 = 4 Subnet mask = 2 bits = 128 + 64 = 192 Range of hosts = 26 = 64 TT Range Useable Range Network ID 0 – 63 64 – 127 65 - 126 128 – 191 129 - 190 Broadcast 192 – 255 Address Borrow 3 bits S S S H H H H H # of subnets = 23 = 8 Subnet mask = 3 bits = 128 + 64 + 32 = 224 Range of hosts = 25 = 32 Range 0 – 31 32 – 63 64 – 95 96 – 127 128 – 159 160 – 191 192 – 223 224 – 255 Useable Range 33 - 62 65 - 94 97 -126 129 -158 161 -190 193 -222 Network ID Broadcast Address ©1999 Dan Foss How to Calculate Subnets Decimal/Binary Subnet Ranges Borrow 2 bits S S H H H H H H # of subnets = 22 = 4 = 00000100 Subnet mask = 2 bits = 128 + 64 = 192 = 11000000 Range of hosts = 26 = 64 = 01000000 [Range ……………………………] [Useable Range …………………...] Network ID 0 – 63 00 000000 – 00 111111 64 – 127 01 000000 – 01 111111 65 - 126 01 000001 – 01 111110 128 – 191 10 000000 – 10 111111 129 – 190 10 000001 – 10 111110 Broadcast 192 – 255 11 000000 – 11 111111 Address Borrow 3 bits S S S H H H H H # of subnets = 23 = 8 Subnet mask = 3 bits = 128 + 64 + 32 = 224 = 11100000 Range of hosts = 25 = 32 = 00100000 [Range ……………………………] Network ID 0 – 31 000 00000 – 000 11111 32 – 63 001 00000 – 001 11111 64 – 95 010 00000 – 010 11111 96 – 127 011 00000 – 011 11111 128 – 159 100 00000 – 100 11111 160 – 191 101 00000 – 101 11111 192 – 223 110 00000 – 110 11111 Broadcast 224 – 255 111 00000 – 111 11111......

Words: 942 - Pages: 4

...Running Head: Calculate Convexity Calculate Convexity Leann Joseph Southern New Hampshire University Author Note: This short paper was done as an assignment in fulfillment of the requirements for: Southern New Hampshire University’s FIN 645 Analytical Tools in Portfolio 14TW3 Running Head: Calculate Convexity 3-2 Assignment Using an Excel spreadsheet, calculate the convexity for the two bonds you selected for the Module Two Assignment. Conduct an analysis of their duration and convexity and expound on the difference between the two concepts. Since I did not choose two bonds in Module Two Assignment, I considered the following bonds: **Using the dollar value of the bond and a $1000 face value, I considered a bond that has the following: Coupon rate-5 % Years remaining to maturity-5 Priced to yield- 4% Semi-annual interest Effective Duration: Yield 3% 4% 5% Value 109.222 104.491 100.000 Effective duration = (109.22218 – 100)/(2*104.49129*0.01) = 4.41289 The approximate change in price if the yield increases from 4% to 5% is: 4.41289 x 0.01 x –1 = –4.41289% Considering a bond that has the following: Coupon rate-5 % Years remaining to maturity-10 Priced to yield-4% Semi-annual interest Running Head: Calculate Convexity Effective duration: Yield 3% 4% 5% Value 117.168 108.175 100.000 Effective duration = (117.16864 - 100)/(2 (108.17572) (0.01)) = 7.935533 The approximate change in price if the yield increases from 4% to 5%:......

Words: 650 - Pages: 3

...Description: This program will calculate the usable area in square feet of a four bedroom house. Analysis: In building this program, I need it to efficiently calculate the total usable area of an entire four bedroom house. In order to do this, the program first needs to calculate the dimensions of each room. Once it has found the total area for each room, the program can then add the four room dimensions to arrive at the total usable area for the entire house. The calculations should look like this: Total usable area = (l*w) + (l*w) + (l*w) + (l*w) Rm. 1 Rm. 2 Rm. 3 Rm. 4 When I first started planning this program, I gave the room variables the names living_room, kitchen, bedroom1, and bedroom2. However, it became confusing trying to match these variables with the names of the dimension variables. Instead, I gave each room a number and the dimension variables have a corresponding number (for example, room1, length1, width1 and room2, length2, width2). Variables: * room1: total usable area of room number one * length1: length of room number one * width1: width of room number one * room2: total usable area of room number two * length2: length of room number two * width2: width of room number two * room3: total usable area of room number three * length3: length of room number three * width3: width of room number three * room4: total usable area of room number four * length4: length of room number......

Words: 905 - Pages: 4

...Unit 2 HW In order to try and correct the issue of the window of vulnerability (WOV), the LAN administrator needs to get the patch from Microsoft. Upon contact Microsoft has determined that it will take up to no less than three business days for the patch that we requested to be made available to us. Once we receive the patch we would need approximately several hours to download and then test out the patch to be certain that the patch will work and that this is the correct action to take to fix the Window of Vulnerability and seal the security breach on the Server Message Block server. Upon completion of testing the IT staff would need to hold a meeting to assess the quickest and most correct course of action to take after the patch has been installed to determine how to apply the patch apply it to the server and also to client computers depending on the process the IT staff decides to take it can take anywhere from one to three business days for the completion date to be met. If the IT staff were to work around the clock for overtime in shifts and the security breach was reported on a Friday with three days for the patch to be made and a week to troubleshoot and test the patch. The Window of vulnerability would be close to two weeks of time where their system can breached again and my recommendation if I were the administrator to remedy this gap of time I would attempt to have around the clock staff working on this in order to prevent further breaches of security until......

Words: 371 - Pages: 2

...of customer complaints that the bottles of the brand of soda produced in our company contained less than the advertised sixteen ounces of product. Our boss wants us to solve the problem at hand and has asked me to investigate. I have asked my employees to pull Thirty (30) bottles off the line at random from all the shifts at the bottling plant. The first step in solving this problem is to calculate the mean (x bar), the median (mu), and the standard deviation (s) of the sample. All of those calculations were easily computed in excel. The mean was computed by entering: =average, the median by: =median, and the std. dev. by: = = std dev. The corresponding values are x bar = 14.87, mu = 14.8, and s = 0.550329055. The next step in solving the problem is to construct a 95% confidence interval for the average amount of the company’s 16-ounce bottles. The confidence interval was constructed by drawing a normal distribution with c = 95%, a = 0.050, and Zc = 0.025. The Zc value was entered into the Z◘ (z box) function in the Aleks calculator that resulted in a Z score of +1.96 and -1.96. We calculate the standard error (SE) by dividing the s by the Square root of n which is the sample size. The margin of error is calculated by multiplying the z score = 1.96 by the std. dev. = 0.5503/the square root of n = 5.4772. The result is a 0.020 margin of error. The margin of error is added to and subtracted from the mean to give two numbers the lower and upper values. The lower value is 14.85......

Words: 356 - Pages: 2

...one or more l (FV) A t t hi h i t t ft compounding periods. Present value (PV): Current value of some future cash flow Annuities: Series of equal cash flows that occur at evenly spaced intervals over time. Ordinary annuity: Cash flows at end-of time period. y y p Annuity due: Cash flows at beginning-of time period. Perpetuities is annuities with an infinite life. life 41-156 100% Contribution Breeds Professionalism PV&FV的计算 PV&FV的计算 If interests are compounded annually, given the quoted interest rate r, the FV formula is: FV=PV(1+r)N If interests are compounded m times per year, FV=PV（1+ r/m）mn Where: m is the compounding frequency; r is the nominal/quoted annual interest rate. When we calculate the future value of continuously compounding, the formula is: f l i r m t FV=PV lim (1+ ) =PVe r t m m 42-156 100% Contribution Breeds Professionalism PV&FV的计算 PV&FV的计算 0 1 Annually: FV=100*(1+10%)=110 100 0 0.5 1 100 0.25 0 100 0.5 0.75 1 Semi-annually: FV=100*(1+5%)2=110.25 N=2, I/Y=5, PV=-100, PMT=0, CPT FV=110.25 Quarterly: FV=100*(1+2.5%)4=110.38 N=4, I/Y=2.5, PV=-100, PMT=0, CPT FV=110.38 Monthly: FV=100*(1+10%/12)4=110.47 N=12, I/Y=10/12 PV=-100, PMT=0, N=12 I/Y=10/12, PV=-100 PMT=0 CPT FV=110.47 FV=110 47 Daily: FV=100*(1+10%/365)365=110.52 N=365, I/Y=10/365 PV=-100, PMT=0, N=365 I/Y=10/365, PV=-100 PMT=0 CPT FV=110.52 FV=110 52 43-156 100%......

Words: 6750 - Pages: 27

...CMIS102 Homework Assignment 1 (Worth 13% of your grade) Student Name: Angelica Hines Class/Section: CMIS 102.1202.7983 Professor Name: Ronald McFarland Assignment due date: 04/01/2012 Problem definition: Calculate the usable area in square feet of house. Assume that the house has a maximum of four rooms, and that each room is rectangular. A. Problem Analysis – Following the directions in the assignment, clearly write up your problem analysis in this section. In this program the overall goal is to obtain the usable area in square feet in a house. The results or overall goal would be considered the required output. To obtain the required output we would need the necessary input. The necessary information regarding the house is that it contains a maximum of four rooms that are rectangular in shape. I will obtain the required output from the given input by multiplying length x width to find the number of square feet in each rectangular room. Once the combined square footage of each room is determined this will give me the amount of usable living space. We would need to know each room length and width, then calculate each rooms area and then find the sum of all four rooms. Area of Room 1= Length1 x Width1 Area of Room 2= Length2 x Width2 Area of Room 3= Length3 x Width3 Area of Room 4= Length4 x Width4 Area of Room 1 + Room 2 + Room 3 =Room 4 = Total Square footage B. Program Design – Following the directions in the assignment,......

Words: 643 - Pages: 3

...Program that will calculate the number of square feet (living space) in a 4-room house. Problem Analysis In this Program , the aim is to calculate the square feet of a 4 –room house So we need to know each rooms length and breadth , then calculate each rom’s area and the find the sum of those Area of Room1=length1*breadth1 Area of Room2=length2*breadth2 Area of Room3=length3*breadth3 Area of Room4=length4*breadth4 Total Number of Square Foots = Area of Room1+ Area of Room2+ Area of Room3+ Area of Room4 Program Design Pseudocode Start Declare the variables i,j as interger length[4], breadth[4],area[4] as double array sum as double Display “Enter the Rooms length and Breadth” For i= 1 to 4 do Accept length[i], breadth[i] Next i Display “Finding Area and total number of square foots” Set sum=0 For i= 1 to 4 do Area[i]= length[i]* breadth[i] Sum=sum+Area[i] Next i Display “Total number of square foots”, sum Stop Program Comments and Test Data C++ code #include<iostream> #include<string> using namespace std; int main() { int i,j; double length[4], breadth[4] ,area[4], sum; cout<<"\nEnter the length and breadth of each room"; for (i=0;i<4;i++) { cout<<"\nRoom "<<i+1<<" Length :"; cin >>length[i]; cout<<"\nRoom "<<i+1<<" Breadth :"; cin >>breadth[i]; } sum=0; for (i=0;i<4;i++) { area[i]=length[i]*......

Words: 294 - Pages: 2