Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Task 1 Vulnerability RepositoriesIn this preliminary task, you get familiar with vulnerability repositories: CVE 1 ( referring to Common Vulnerabilities and Exposures ) and the

Task 1 Vulnerability RepositoriesIn this preliminary task, you get familiar with vulnerability repositories: CVE1(referring to Common Vulnerabilities and Exposures) and the supporting CVE-Search2 browsing utility. CVE industry standard is published by MITRE Cor-poration to assign an identifier to each discovered vulnerability and maintain apublicly accessible database of all identifiers. CVE Details3 website then cate-gorizes the discovered vulnerabilities into a Web interface to CVE vulnerabilitydata ranked by their published time. MITRE Corporation also publishes CWEstandard (Common Weakness Enumeration)4, which lists software and hardwareweaknesses related to the discovered vulnerabilities.Task 1.1 Explore each of the databases above to become familiar with theirgoals, structures, and with the information they provide. Then report the 20most recently reported security issues in CVE with a brief description of eachreported issue. Finally, write a one-page report discussing the various reposito-ries, the kind of information they provide.Task 1.2 Pick a random month from last year (e.g. your birthday month)and see how many vulnerabilities were reported that month. Report how manythere were for the month, and calculate the average number of vulnerabilitiesreported per day. If you were a security professional, and spent on average 5minutes looking at each CVE entry to see if it applied to systems you manage,how much time per week would you spend reviewing CVEs?Task 1.3 Look into some of these vulnerabilities (you can just click randomlyon the CVEs in your chosen month) to see how they are reported. Find a vul-nerability that is associated with software or systems you may use and report onyour findings, then describe how the security goals Confidentiality, Availabilityand Integrity could be threatened based on the information reported in CVE en-try and related CWE categories. Looking further into the information reported

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Database And Expert Systems Applications Dexa 2023 Workshops 34th International Conference Dexa 2023 Penang Malaysia August 28 30 2023 Proceedings

Authors: Gabriele Kotsis ,A Min Tjoa ,Ismail Khalil ,Bernhard Moser ,Atif Mashkoor ,Johannes Sametinger ,Maqbool Khan

1st Edition

303139688X, 978-3031396885

More Books

Students also viewed these Databases questions

Question

Conduct an effective performance feedback session. page 360

Answered: 1 week ago