What is the value of the Common Vulnerabilities and Exposure (CVE) standard?

Before CVE, different Cybersecurity tools had their own databases of information. Sometimes they would refer to the same problem by different ID and therefor hard to compare databases. There were also not standards for identifying threats so different tools were providing different reports on the same problems. Due to these problems, CVE compatible tools allow for better security.

https://cve.mitre.org/about/index.html

How can the CVE be used to improve an organization’s network security?

Part One:

Research the following bulleted items below, using the relevant reading resources for this week and supplementary ones you may come up with:

• What should a Firewall protect against?
  • Most threats that can travel over the network. For example, denial of service attacks, access from unauthorized locations (outside of the network and inside), vulnerable type of traffic like ptp sharing.
  What can’t a Firewall protect against?
  • Non-network related security problems. They also aren’t 100% effective. So that’s why a layered security approach is necessary.
  Why would you want firewalls at various locations of your network?
  • I would want them in places where I need to manage things separately (because there are typically routing capabilities combined with firewalls), to isolate part of a network, or even to connect different locations over vpn.
  Where would you locate them?
  • One would be where the internet connection terminates. For example, Comcast has their modem, then the firewall goes after that. Others could be connected to switches throughout the building where appropriate.
  What information did you gain learn from using Nmap about the effectiveness of the Windows Firewall?
  • You can see what ports are open by default
  Could the Windows Firewall be made as secure as the ZoneAlarm Firewall? What would you need to do to accomplish that?
  • • Windows firewall can open ports, identify strange traffic. Windows defender works in conjunction with it to disable malicious programs as well. Zonealarm also has a comparison page. https://www.zonealarm.com/software It looks like they package their firewall with antivirus as well. I imagine their antivirus must be better than what comes with windows. I don’t think windows can be configured to protect your operating system during the start-up process like zonealarm’s can though. https://www.zonealarm.com/software/antivirus-firewall You can also set inbound and outbound rules in the settings for windows 10 firewalls. https://www.techrepublic.com/article/how-to-turn-on-the-microsoft-windows-10-firewall-and-modify-its-configuration-settings/

    Part Two: Wireshark Lab Report

    https://www.youtube.com/watch?v=jvuiI1Leg6w

    Watch the video and write a 1-2 paragraph summary of what you learned.

    Wireshark is a debugging tool to identify what the network is doing. It can capture traffic (in the form of packets) from a network. You can narrow down the types of packets  you want to capture rather than capturing everything. For example, if you just want to look for pings you can specify ‘icmp.’

     View Full Post