Case Project 3-1: Determining Vulnerabilities for a Database Server
You have interviewed Ms. Erin Roye, an IT staff member, after conducting your initial security testing of the Alexander Rocco Corporation. She informs you that the company is running an older version of Oracle’s database, Oracle 10g, for its personnel database. You decide to research whether Oracle 10g has any known vulnerabilities that you can include in your report to Ms. Roye. You don’t know whether Ms. Roye has installed any patches or software fixes; you simply want to create a report with general information.
a. Based on this information, write a memo to Ms. Roye describing any CVEs (common vulnerabilities and exposures) or CAN (candidate) documents you found related to Oracle 10g. (Hint: A search of the CVE Web site sponsored by US-CERT, https://cve.mitre.org/, can save you a lot of time.) If you do find vulnerabilities, your memo should include recommendations and be written in a way that doesn’t generate fear or uncertainty but encourages prudent decision-making.
Case Project 3-2: Investigating Possible Vulnerabilities of Microsoft IIS 6.0
Carrell Jackson, the Web developer for Alexander Rocco Corporation, has informed you that Microsoft IIS 6.0 is used for the company’s Web site. He’s proud of the direction the Web site is taking and says it has more than 1000 hits per week. Customers can reserve hotel rooms, schedule tee times for golf courses, and make reservations at any of the facility’s many restaurants. Customers can enter their credit card information and receive confirmations via e-mail.
a. Based on this information, write a memo to Mr. Jackson listing any technical cybersecurity alerts or known vulnerabilities of IIS 6.0. If you find vulnerabilities, your memo should include recommendations and be written in a way that doesn’t generate fear or uncertainty but encourages prudent decision-making.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more