Free Essay

Unit 2 Assign 2

In: Computers and Technology

Submitted By Hina12
Words 565
Pages 3
Unit 2 Assignment 2: Microsoft Environment Analysis
Vulnerabilities:
* “Cross-site request forgery (CSRF) vulnerability in the Services module 6.x-3.x and 7.x-3.x before 7.x-3.4 for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors”. * “SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL commands via unspecified vectors”. * “The HP StoreOnce D2D backup system with software before 3.0.0 has a default password of badg3r5 for the HPSupport account, which allows remote attackers to obtain administrative access and delete data via an SSH session.” * “The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session.” * Use-after-free vulnerability in the mozilla::ResetDir function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.”
Elevation/Priority:
* The priority level is medium, also should be seen to when possible. Priority Level = 4.3 * The priority level is medium, also should be seen to when possible. Priority Level = 4.3 * The priority is high - allows a hacker to gain administrative access it should be seen to fairly quickly by an administrator and the password should be changed. Priority Level = 7.7 * This is of one of the highest priorities and should be taken care of immediately by an administrator. Priority Level = 10 * This is of one of the highest priorities and should be taken care of immediately by an administrator. Priority Level = 10
Client Vulnerabilities * “The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session.”
To fix this the SSH private key should be changed. * “The default configuration of the administrative interface on the Canon MG3100, MG5300, MG6100, MP495, MX340, MX870, MX890, MX920, and MX922 printers does not require authentication, which allows remote attackers to modify the configuration by visiting the advanced page.”
To fix this a password should be set on the printer. * “Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not properly reuse TCP sessions to the proxy server, which allows remote attackers to obtain sensitive information intended for a specific host via a crafted HTML document that triggers many HTTPS requests and then triggers an HTTP request to that host, as demonstrated by reading a Cookie header, aka MSRC 12096gd.”
To fix this the proxy addresses and port values should be made different from one another.
Bibliography
(n.d.). Retrieved July 1, 2013, from National Vulnerability Database: Http://Nvd.nist.gov…...

Similar Documents

Premium Essay

Unit 2

...Unit Two Individual Project Foundations of Criminal Justice Professor David Lounsbury I chose the city of Oak Creek, Wisconsin to review. I have inserted the table records of the years 1999 until 2010. in Oak Creek by Year | Type | 19999 | 2000 | 2001 | 2002 | 2003 | 2004 | 2005 | 2006 | 2007 | 2008 | 2009 | 2010 | Murders (per 100,000) | 0 (0.0) | 3 (10.4) | 0 (0.0) | 0 (0.0) | 0 (0.0) | 2 (6.2) | 1 (3.1) | 2 (6.2) | 0 (0.0) | 0 (0.0) | 0 (0.0) | 0 (0.0) | Rapes (per 100,000) | 2 (7.3) | 3 (10.4) | 1 (3.5) | 12 (41.6) | 11 (35.8) | 5 (15.5) | 10 (30.9) | 8 (24.7) | 6 (18.2) | 6 (17.7) | 6 (17.6) | 7 (20.2) | Robberies (per 100,000) | 6 (21.9) | 10 (34.7) | 11 (38.4) | 11 (38.1) | 8 (26.0) | 12 (37.3) | 9 (27.9) | 11 (33.9) | 15 (45.6) | 16 (47.3) | 5 (14.7) | 10 (28.9) | Assaults (per 100,000) | 8 (29.2) | 4 (13.9) | 8 (27.9) | 10 (34.6) | 5 (16.3) | 10 (31.1) | 10 (30.9) | 7 (21.6) | 14 (42.6) | 10 (29.6) | 16 (47.0) | 23 (66.5) | Burglaries (per 100,000) | 73 (266.8) | 67 (232.6) | 73 (254.7) | 125 (433.0) | 125 (406.8) | 90 (279.5) | 127 (393.0) | 108 (333.0) | 121 (367.8) | 130 (384.2) | 94 (275.9) | 110 (318.2) | Thefts (per 100,000) | 681 (2,489.1) | 683 (2,371.0) | 741 (2,585.6) | 744 (2,577.3) | 742 (2,414.5) | 792 (2,459.8) | 855 (2,645.9) | 855 (2,636.4) | 850 (2,583.9) | 908 (2,683.8) | 985 (2,891.2) | 966 (2,794.2) | Auto thefts (per 100,000) | 46 (168.1) |......

Words: 1010 - Pages: 5

Premium Essay

Bus 508 Assign 2

... “Assignment #2: Amazon.com’s E-Business Model” Your name here BUS 508 Contemporary Business Professor name here Date here Amazon’s E-Business Model Amazon has broken ground on a new way of doing business. They have become the leader in their industry online and continue to lead the way in innovation and technology. To understand a bit more about the workings of this company and to discuss some key facts about why Amazon is where they are today, this paper will emphasize four key topics: Growth and Diversification; To Split or Not to Split; Can Barnes & Noble or Borders Keep Up; and Online Only. After review of the topics, one will be able to clearly see why Amazon is a company to model. Growth and Diversification (Discuss the pros and cons of Amazon’s growth and diversification of business and specialization, and make recommendations about what Amazon could have done differently.) When asked to discuss the pros and cons of Amazon’s growth and diversification of business and specialization, one finds it difficult to criticize Amazon for anything they have done so far. Amazon is leading the way in terms of growth and diversification. Amazon has a solid business plan and mission statement in place which they strive to adhere to at all times and at all costs. Jeffrey Bezos, founder and CEO of Amazon, is straight-forward in his approach to the shareholders as well as his customers, employees and business partners. Mr. Bezos initially began his company in......

Words: 2424 - Pages: 10

Free Essay

Unit 2 Assignment 2

...NT2580 Unit 2 Assignment 2 10/1/13 1. The five vulnerabilities that exist for this LAN based workgroup are 2755801, 2501696, 2588513 2639658, 2659883. 2. Yes, the vulnerability that involves privilege elevation is 2639658 (Vulnerability in TrueType Font Parsing), but it is not a high priority. 3. 2719662 Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Apply the Microsoft Fix it solution that blocks the attack vector for this vulnerability. Disable Sidebar in Group Policy. Disable the Sidebar in the system registry. 2737111 Solution: Workarounds refer to a setting or configuration change that does not correct the underlying issue but would help block known attack vectors before a security update is available. Disable WebReady document view for Exchange. 2755801 Solution: Workaround refers to a setting or configuration change that would help block known attack vectors before you apply the update. Prevent Adobe Flash Player from running. Prevent Adobe Flash Player from running on Internet Explorer 10 through Group Policy on Windows 8 and Windows Server 2012. Prevent Adobe Flash Player from running in Office 2010 on Windows 8 and Windows Server 2012. Prevent ActiveX controls from running in Office 2007 and Office 2010. Set Internet and Local intranet security zone settings to "High" to block ActiveX Controls and Active......

Words: 257 - Pages: 2

Free Essay

Unit 2 Assignment 2

...Unit 1 Research Paper 1 Injectable Tissue Engineering Brand Zae GS1140 Injectable Tissue Engineering Introduction Every year more than700,000 Americans undergo a form of joint replacement surgery. The procedure-in which a knee or a hip is replaced with an artificial implant-is highly invasive, and many patients delay said surgery for as long as they can. A doctor by the name of Jennifer Elisseeff , a biomedical engineer at Johns Hopkins University, hopes to change that with a simple and quick procedure that does away with surgery entirely. Dr. Elisseeff and her colleagues have developed a way to inject joints with specially designed mixtures of polymers, cells, and growth stimulators that solidify and form healthy tissue. This form of technology can eliminate the need for many expensive and dangerous surgeries. Surgeries involving muscle development, the cardio vascular system, and even limb repair after a traumatic incident. This form of technology can improve our health care system dramatically and open new windows of opportunity for new forms of medicine. Even the possibility for new cures for diseases that we currently fight every day such as cancer and possibly even HIV, eliminating the need for long and expensive treatments. As well as repairing worn or damaged tissue, this form of engineering can also be used in the future for growing new organs or limbs to replace old damaged or missing ones. If a patient is in need of a new......

Words: 427 - Pages: 2

Free Essay

Netw 206 Assign 2

...324 devices, we could see that we may be able to accommodate this many ports by using 7 – 48 port switches. Instead of doing this, I have opted to have 7 switches to handle this. The reason for this is that I would like to save cost by using 4 – 48 port switches just for the cameras themselves. What I’m hoping to do is purchase 4 Cisco Catalyst 3560-48PS for the Cisco 4300 Video Surveillance cameras. These switches handle PoE (Power over Ethernet) and will also allow us to fully use each switch with 35 devices, 2 ports for dual bandwidth aggregation links to one distribution layer switch and a single line to another distribution layer switch. The other four switches in our Access Layer will accommodate the existing devices, printer’s, and servers. These four switches will be Cisco Catalyst 3560-48TS switches. This switch is also a 48 port switch, but it does not have PoE. With this, we will have 36 ports devoted to our current and future devices, as well as 2 for aggregation (logical) and one for physical redundancy as a backup to another switch on our distribution layer. This does leave 9 ports on these four switches that are left un-used, this may come in handy for future use. Both these support 1000 Mbps Gigabit Ethernet speed, giving us the bandwidth that will help our performance and reduce bottlenecks when using the many devices and cameras in our network. Distribution Layer: For our distribution layer, we are looking to purchase five Catalyst 4500......

Words: 807 - Pages: 4

Free Essay

Unit 2 Asignment 2

...Unit 2 Assignment 1 Blank Answer Sheet Name: Date: Electronics ET2530 Chapter 2 (pp. 111-113) 2. A 1500 kHz carrier and a 2 kHz intelligence signal are combined in a non-linear device. List all the frequency components produced. - 1498, 1500, and 1520KHz 3.If a carrier is amplitude modulated what causes the sideband frequencies? - The non-linear mixing of the carrier and intelligence frequencies. 
 4.What determines the bandwidth of emission for an AM transmission? - It is twice the frequency of the highest audio frequency transmitted. The upper sideband is fc +FM where fc is the carrier frequency and FM is the modulation (audio) frequency .The lower sideband is fc – FM. The total bandwidth is 2*FM 5.Explain the difference between a sideband and a side frequency. - A sideband carries the modulation or "information". in old fashioned AM and FM transmission schemes, a carrier is broadcast in addition to the sideband(s). Only the sideband is needed to communicate. A spurious frequency that happens when a carrier is transmitted has no added "information" and just adds to the transmission bandwidth. Sometimes these occur by intermixing within the transmitter. a common example is CB splatter from overdrive of RF amps. 
 9.Draw a diagram (or indicate which text book Figure # shows this) of a carrier wave envelope when modulated by 50% by a sinusoidal wave. Indicate on the diagram the dimension from which the percentage of modulation is......

Words: 734 - Pages: 3

Premium Essay

Ecom 320 Assign 2

...Assignment 2 1. What are some of the reasons a company would separate its online operations into a new company? The reasons why a company would separate its online operations into a new company would be that the predictable e-business volume will be large, a new business model has to be developed if there are constraints from the current one, there is no reliance on the legacy system or current operations, and the online company is given freedom to attract new talent, set their own prices, raise funding and make new alliances. Separating the online operations would reduce internal conflicts; build a new and more efficient system and also have the ability to create new brands more proficiently. To avoid store cannibalism, to settle a new subsidiary and look for new branding opportunities: 4/5 2. Explain why supply chain management should be aligned with corporate strategy. Justify your answer with an example. Supply chain management should be aligned with corporate strategy because supply chain is a process that runs through almost every division and operation in an organization. When supply chain is aligned with corporate strategy it produces optimal operational performance. Organizations have to manage inventory, get supplies on time for products, and arrange to have that final product reach its final destination in a timely manner. Aligning this with corporate strategy is important, as companies need to keep inventory manageable so they can keep cost......

Words: 2939 - Pages: 12

Premium Essay

Unit 2

...Unit 2: Instructor Graded Assignment Equations In this and future Instructor Graded Assignments you will be asked to use the answers you found in the Unit 1 Assignment. Note: For these questions you need to cite a reliable source for information, which means you cannot use sites like Wikipedia, Ask.com®, and Yahoo® answers. If you do use those sites the instructor may award 0 points for your response. TheAssignment problems must have the work shown at all times. The steps for solving the problems must be explained. Failure to do so could result in your submission being given a 0. If you have any questions about how much work to show, please contact your instructor. Assignments must be submitted as a Microsoft Word® document and uploaded to the Dropbox for Unit 2. Type all answers directly in this Assignment below the question it applies to. All Assignments are due by Tuesday at 11:59 PM ET of the assigned Unit. Finding the National Average Price for Gas These first few questions will require you to use the internet to search for the national average price for gas. Remember to use a scholarly site for information. * List the website(s) you visited here: For this example project we will assume the national average for a gallon of gas in the US is $0.95. This figure is for example purposes only and is not the real value you are to use. 1. (2 points): What was the average price of a gallon of gas 1 year from when your business math class......

Words: 895 - Pages: 4

Free Essay

Lab 2 Unit 2

...Lab 2.1 1. What are the Regulatory requirements? 2. What are medical rules or laws of private information that we need to know to set up this Database with the customer information (Data privacy)? 3. Please give me any specific requirements that are necessary? Business rules 1. Appointments 2. Social security 3. Medical record 4. Driver license 1. Middle initial 2. Are you a Jr. or Sr. Patient Entity | Patient Visit entity | 1. Medical record number | 1. Group number, appointment | 2. Social security number, Driver license | 2. Allergies | 3. Taking any medications | 4. Taking any medications | Composite key | Composite keys are the most common. | Make sure patient fills out all the whole application. Lab 2.2 Data Requirements 1. Allow Software Management Team and IT Staff to view, add, edit, and delete the types of software to be tracked. This includes type of software, licensing dates, status, and location. 2. Allow Software Management Team to enter, edit, and delete New Software Requests. 3. Allow Software Management Team to view the different licensing agreements and types. This includes viewing the pricing per agreement. 4. Allow Software Management Team to sign out software to users with administrative privileges. 5. Allow Software Management Team and IT Staff to update the status of software licenses. 6. Allow users, assigned IT users, Staff, and Software......

Words: 342 - Pages: 2

Premium Essay

Unit 2

...School of Sport, Travel and Public Services Learner’s Name: Char Burke Group: 1A ! ! ! Unit Details: Qualification: BTEC Level 3 Extended Diploma in Uniformed Public Services QCF Number: 2 Title: Leadership and teamwork Tutor/Assessor: Internal Verifier: R Kinstead ! ! Submission Status: First Submission ☐ Resubmission* ☐ ! ! Pass Merit P5 ! ! P6 Distinction M4 D3 Plagiarism and Academic Integrity ! Plagiarism: This is when you submit an assignment as your own original work when the work has been copied, without appropriate acknowledgment of the author or source. Collusion: This is when your assignment is the result of unauthorised collaboration with another student or students. Collusion involves the cooperation of two or more students in plagiarism or other forms of academic misconduct. Plagiarism and collusion constitute cheating. Disciplinary action will be taken against students who engage in plagiarism or collusion as outlined in college policy. School of Sport, Travel and Public Services Learner’s Declaration ! I declare that all material in this assignment is my own work except where there is clear acknowledgement or reference to the work of others. I have complied with and agreed to the college statement on Plagiarism and Academic Integrity. ! For the purposes of assessment, I give the assessor of this assignment the permission to: ✓ Reproduce this assignment and......

Words: 1840 - Pages: 8

Free Essay

Unit 2 Assignment 2

...Asimo Unit 2 assignment 2 | AbstractASIMO is a humanoid Robot that was built to genuinely help people. Linda Vaughn | Asimo Unit 2 assignment 2 | AbstractASIMO is a humanoid Robot that was built to genuinely help people. Linda Vaughn | Linda Vaughn GS1145T 10/3/2015 Why Create ASIMO? ASIMO is humanoid robot created to duplicate human motion and genuinely help people. ASIMO took more than two decades of persistent study, research, trial and error before achieving a humanoid robot. ASIMO's design, development and operation rely on many different disciplines including Mathematics, Physics, Anatomy, Engineering and Computer Science. In 1986 Honda engineer’s set out to create a walking humanoid robot early models (E1, E2, and E3) focused on developing legs that could simulate the walk of a human. Models (E4, E5, and E6) focused on developing walk stabilization and climbing stairs. Then the head, arms and body were added to improve balance. Hondas first robot P1 was rather rugged standing at 6’2 and weighing at 386lbs. P2 had a more friendly design. P3 model was more compact standing at 5’2 and weighing 287lbs. ASIMO can run, walk on uneven slopes and surfaces turn smoothly and reach and grab for objects. ASIMO can also comprehend and respond to simple voice commands. It can also recognize the face of a selective group of individuals using camera eyes. It can also map environment and register stationary objects and can avoid moving objects as it moves......

Words: 598 - Pages: 3

Premium Essay

Unit 2

...is Quality? ● Quality Management System ● Quality Tools ● TQM and QMS ● The Focus of Quality Management-Customers ● The Role of Employees in Quality Improvement ● Quality in Services ● Six Sigma ● The Cost of Quality ● The Effect of Quality Management on Productivity ● Quality Awards ● ISO 9000 2 Problems • Internet Exercises • Online Practice Quizzes • Lecture Slides in PowerPoint • Virtual Tours • Company and Resource Weblinks www.wiley.com/college/russell Quality Management at GREEN MOUNTAIN COFFEE ike wine, coffee quality is judged on attributes like fragrance, aroma, acidity, body, flavor, balance, and finish. Coffee professionals use words like “lush,” “complex,” and “fruity” to describe their evaluations, which are based on precise sensory criteria. Coffee Review, one of the most respected and widely read coffee publications in the world, rates coffees based on a 100-point scale, similar to the one used in the wine industry. Coffee connoisseurs seek out coffees awarded a rating of 80 or above. Each year GREEN MOUNTAIN submits coffee to Coffee Review for independent reviews. On average, Green Mountain L Copyright © 2007 John Wiley & Sons Chapter 2 • Quality Management 53 coffees scored 88.8 points—significantly higher than their better-known west coast and European competitors—and many of their coffees score above 90! Great reviews only reinforce Green Mountain’s commitment to quality and doing things the right way. They buy some of......

Words: 31668 - Pages: 127

Premium Essay

Unit 2 Assignment 2

...Unit 2 assignment 2 Legislation- Human rights act- an act of parliament of the UK- the royal assent for this act was received the 9th of November 1998 with a commencement in 2000. It is an act to give further effect to rights and freedoms guaranteed under the European convention on human rights. Rights: -Right to life -Freedom from torture and inhuman or degrading treatment -Right to liberty and security -Freedom from slavery and forced labour -Right to a fair trial -No punishment without law -Respect for your private and family life, home and correspondence -Freedom of thought, belief and religion -Freedom of expression -Freedom of assembly and association -Right to marry and start a family -Protection from discrimination in respect of these rights and freedoms -Right to peaceful enjoyment of your property -Right to education -Right to participate in free elections This act promotes anti discriminatory practice in a way that it gives everyone the rights they deserve which can’t be taken away from anyone, therefore everyone is equal in what they can do. Data protection act- The data protection act defines UK laws on processing data on identifiable living people. It covers any data which can identify a person such as address, name, Humber, email, information is to be used fairly and lawfully. It is only used for limited specific purposes and in a way that is relevant, adequate and excessive. This promotes anti discriminatory practice as it helps protect......

Words: 4206 - Pages: 17

Premium Essay

Unit 2

...Assignment: Learner information OCR Level 3 Health and Social Care Unit 2: Equality, Diversity and Rights in Health and Social Care Assessor: Important Dates | |Assessment Criteria |Issue Date |Formative Assessment |Summative Assessment | |Task 1 |P1, M1 and D1 | | | | |Task 2 |P2 and P3 | | | | |Task 3 |P4, M2, D2 | | | | |Task 4 |P5 and M3 | | | | CANDIDATE NAME: General Information for Learners Q Do I have to pass this assignment? A Yes. You must pass this assignment to achieve the full qualification. Q What help will I get? A Your tutor will help you when completing the OCR assignment and will make sure that you know what resources/facilities you need and are allowed to use. Q What if I don’t understand something? A It is your responsibility to read the assignment carefully and make sure you understand what......

Words: 1664 - Pages: 7

Premium Essay

Level 2 Unit 2

...on hourly. For example, if you work at Barnard castle school as a Finance Officer. You will be paid monthly for the work you have done within last month. TENURE: - Is guaranteed job contract. It says how long you will be held to the position you are applying for. It could be permanent, full-time, part-time and temporary. For example, if you’re working at Barnard castle school as a finance Officer you will be work for permanent full-time permanent. It means that you are requiring to work all day –everyday. After this point, they cannot be fired without just cause. * Part-time:- It’s means for only part of the usual working day or week. For example, if you are applying for part-time position then you will be work for certain day like 2 or three days or few hours in a week. * Temporary: - This means lasting for only a limited period of time; not permanent. For example if you are applying for temporary position then its means you are only working for limited period of time. DUTIES AND RESPOSIBILITIES: - A duty is something you must do by virtue of your position and is a legal or moral responsibility. For example, as Finance Officer you have to be responsible for the daily oversight of the finance system including checking, reconciliation and banking of monies received in Barnard castle school. Your duty will be to assist with monthly cash flow monitoring. OVERALL JOB OBJECTIVES: - This means what is the job role all about. For example, as a Finance......

Words: 1595 - Pages: 7