Al ASAAS’s chief technology officer (CTO) established a plan to mitigate risks,

Question

Al ASAAS’s chief technology officer (CTO) established a plan to mitigate risks, threats, and vulnerabilities. As part of the mitigation plan, you and your team members will configure baseline security controls on all workstations (harden the systems), which run either Windows 7 or Windows 10. For this effort, you will ensure that the antivirus software is running properly and implement a control related to password-hacking attempts.

In addition, Al ASAAS’s CTO has asked your team to pay special consideration to continuously monitoring, testing, and improving countermeasures. The CTO points out that within the first 24 hours of configuring baseline security, you may sometimes receive alerts that malware has been quarantined within an antivirus program or notice a failed logon attempt captured by the Windows audit log. In response, you make a note to check the security of the workstation for which you will configure baseline security.

The CTO also requests a report on the work you performed, part of which will be incorporated into the company's IT security policy procedures. The report should also include the purposes of system hardening and auditing, and an additional area of concern or emerging trend related to information systems security that's relevant to Al ASAAS.

1-Describe all the potentially problematic security events that occurred in the 24-hour period after checking the antivirus software and configuring audit logging.

Explanation / Answer

solution :-

Windows security - Windows is a widely used operating systems worldwide so that there are more vulnerabilities while using it. To handle the vulnerabilities and related attacks the baseline security configuration can be performed on the windows systems. Baseline security configuration is a security mechanism provided by the Microsoft to make the windows more secure and prevent the security attacks.

Baseline security configuration - The baseline security configuration can be performed on the windows systems to remove the vulnerabilities from the system. It includes antivirus configuration, password protection, group policies and network security configurations. These configurations are performed on the windows system to make it secure.

Security events after baseline security configuration -

When the baseline security configuration is performed on the windows system successfully, the windows is able to identify the threats and prevent the attacks and malicious activities. The possible security events just after the baseline security configuration are as follows -

1. The antivirus system scans the windows to identify the inflected files and take the appropriate actions.

2. Windows records a log about an unauthorized access to system.

3. Windows records a log of unsuccessful attempt of log in.

4. Windows rejects the log in request of a user who is not authorized in group policy.

5. All windows systems can connect to each other under defined group policy and not communicate outside the group.

6. Windows firewall rejects the malicious packets incoming to the system and report it.

7. Antivirus identify the malicious files and asks for the appropriate actions to the authorized user.

So these are some possible security events that can be occured after the baseline security configuration in Windows system.

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.