Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Hi Please can anyone help me in solving these questions ASAP? 1)What is the corr

ID: 3864234 • Letter: H

Question

Hi

Please can anyone help me in solving these questions ASAP?

1)What is the corresponding sub-control chapter (Family+Number) in the NIST SP800-53 Rev4 (available over Internet)?What is the corresponding sub-control chapter (Family+Number) in the NIST SP800-53 Rev4 (available over Internet)?  

2)

Assuming my business processes needs the following supporting software/hardware assets:

- Web server(s): Apache http server version 3.1

- Application server(s): Apache Tomcat version 8.5.6, Apache OpenOffice.org 3.2.1, Oracle Application server 10g version 10.1.2.3

- Database(s): Oracle database version 12.1.0.2 (not database server)

- Operating System(s): Windriver Vxworks version 6.4

- Network Equipment(s): Cisco Catalyst 2926 (please use only NVD engine search)

- Firmware associated with hardware: Intel 7500 Chipset,

- Hardware: Intel d845hv motherboard version p08-0031

Using: http://www.securityfocus.com/vulnerabilities (use only once for tomcat) or https://web.nvd.nist.gov/view/vuln/search-advanced

What is the number (less than 50) and at least one (CVE) of potential technical vulnerabilities for each of my assets? 0,5 points (number) and 0,5 points (list)

3)What are the vulnerabilities the most critical according to the CVSS scoring (v3) among all the vulnerabilities?

4)What is CVSS?

5)My infrastructure is using 10 servers on which Redhat Enterprise Linux server version 6 is running.

How many CVSS (v3) critical vulnerabilities are present?

6)After performing a vulnerability Scan, the CVE-2014-9761 affecting my software has been identified.

Is this CVE -2014-9761critical potentially according to the CVSS scoring?

Explanation / Answer

ANS 1 :

Family - Security Assessment and Authorization CA- 3

Priority - Implement Security Contents

Description: It approves associations through the employments of interconnection security assertions from one data framework to other data framework.

The security and protection controls in Special Publication 800-53, have been intended to be to a great extent arrangement/innovation nonpartisan to encourage adaptability in usage. The controls are all around situated to help the combination of data security and protection into authoritative procedures including endeavor design, frameworks building, framework improvement life cycle, and obtaining/acquirement. Effective reconciliation of security and protection controls into continuous authoritative procedures will exhibit a more noteworthy development of security and security programs and give a more tightly coupling of security and protection speculations to center hierarchical missions and business capacities.

Related Questions

Hi I\'m behind in a major way with SQL, I\'ve been having problems, so I need ma
Question #3622047
Hi I\'m doing a C programming assignment on Ubuntu server. The goal is to write
Question #3704166
Hi I\'m doing a c++ final project that is due on wed, the project involves makei
Question #3845551
Hi I\'m doing my biology homework. can you help me fill in it? Also, I have one
Question #202267
Hi I\'m having a little trouble trying to start this function thatwill read in c
Question #3609915
Hi I\'m having toruble with a C# visual studio task I have. The details are belo
Question #3715086
Hi I\'m having trouble solving this problem: Consider the dissolving of ammonium
Question #687069
Hi I\'m having trouble understanding something... So I was working on a program
Question #3907317
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Hi Please answer both questions or dont bother answering at all. if your answer
Next
Hi Please help me with this problem! My final is tomorrow and I\'m so screwed. E

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.