1. [Unit 2 Discussion 1 (-1 page)
u02d1] Unit 2 Discussion 1
Vulnerability Management Project
Discuss the importance of vulnerability management and ongoing vulnerability management planning. Describe challenges from management and other IT professionals that a security professional might encounter in developing and implementing a vulnerability management plan.
[u02a1] Unit 2 Assignment 1
Unit 2 Assignment 1
Performing a Vulnerability Assessment
There are many important mantras in the information security and assurance space, including, we can’t protect what we don’t know we have. One of the next steps after we know what we need to protect is to learn where we are vulnerable on those assets we need to protect. One of the common ways to do this is performing vulnerability assessments on our assets and developing strategies for managing the risk that result from those vulnerabilities.
In this assignment you complete the Performing a Vulnerability Assessment lab and write policies for Vulnerability and Patch Management.
Do the following:
• Download the Assignment X Template. Use this Word template for your assignment submission.
• Review the Course Security Scenario document found in the Resources for context when writing your security policies in Part 2.
Part 1 - Complete All of Sections 1 and 2 of the Performing a Vulnerability Assessment Lab
Note: not all sections mentioned in the lab's directions are required for this assignment.
Do the following:
Complete "Section 1: Hands-on Demonstration."
o Part 1 Steps 10, 16 and 20.
Complete "Section 2: Applied Learning."
o Part 1 Steps 6, 11 and 15.
Based on the specific actions taken in the lab, compare and contrast the information received from Nessus and Nmap and indicate which you believe to be more valuable and why.
Part 2 - Security Planning: Vulnerability and Patch Management
Create the following security policies for the company described in the Course Security Scenario. State any assumptions that you make, or details that might add depth, texture, or provide a foundation for your policies. Your goal is to create effective policies that represent modern systems assurance security practices and planning.
• Vulnerability Management (1 page).
• Patch Management (1–2 pages).
Consider the following scoring guide criteria as you complete your assignment:
• Write a vulnerability management policy that is appropriate for the Course Security Scenario.
• Write an application Patch Management policy that is appropriate for the Course Security Scenario.
• Compare and contrast the information received from Nessus and Nmap.
• Course Security Scenario.
• Assignment Template.