Week 2: Vulnerability management


 

In week 2, we learned about vulnerability management activities and tools for managing vulnerabilities. The chapter covered various considerations before running the scans, including defining the scanning parameters and criteria. The chapters focused on many parameters like the risk associated with scanning activities since there are lots of things that need to be done before running the activities, like the data classification, the impact of the scan that can happen in the current business, and ensuring the firewall doesn’t interfere with the scan or the scan doesn’t mess with the firewall settings vice versa.

The chapter discusses the remediation of vulnerabilities once the scan is complete, including the remediation process, such as prioritizing vulnerabilities, patching, and hardening them.

After reading the chapters, I learned that running a vulnerability scan is not that simple and requires thoughtful, methodical planning involving the entire senior leadership and the cybersecurity team. 

Popular posts from this blog

Week1: Introduction and Cloud Computing

Image
Hello everyone, my name is Santosh Pradhan, and I am currently pursuing an undergraduate degree in information technology at Bellevue University. Prior to pursuing my degree, I had no prior experience, except for the basic troubleshooting that everyone learns. So far, I have learned a great deal about networking, basic information technology, and some cybersecurity concepts. Although most of the courses have covered virtualization and cloud computing to some extent, none of them have provided full details. I am excited to learn about cloud computing and its governance.  As the semester progresses, I will update the blog on a weekly basis and share my experiences with you. 
Read more

Week 12: Tools for Monitoring Network and Blog Wrap-up

There are various tools to monitor a network; monitoring a network can help detect issues, be aware of the problems, or make sure the network does not have any anomaly in the network. Here are some of the tools that can help to monitor the network: ·        Packet Sniffers – a software tool that tracks and collects internet packets. The packets that are collected will be stored in a file called a capture file.  Usually, the packet sniffer software also comes with a packet analyzer to analyze the packets that were captured. ·        Protocol Analyzer – this is a program that analyzes the packets that packet sniffers capture. A good program can let the network administrator filter information based on their needs. One of the well-known software is Wireshark. ·         Packet Flow Monitoring – this tool tracks traffic and packet flow between devices. This helps to track the volume and ...
Read more

Week 3: Migration to the Cloud

Image
  This week, we learned about the various decision-making processes involved in migrating to the cloud. The book talks about five major phases of the migration process: Assess, Plan, Migrate, Validate, and Manage . While assessing and before initiating the migration process, it is essential to establish a baseline of the network, operating system, and other key performance indicators. It is essential to minimize the impact of downtime and maximize network bandwidth availability during the migration. After the planning process is done, there are various ways to execute it; the common migration processes are P2V, V2V, V2P & P2P. Amazon also provides a migration truck to make the process. The book also discusses deploying the migration and validating it to ensure that it is working through various types of testing, including functional testing, performance testing, load testing, and others. 
Read more