1

Week 8: Mid Term

Brook S. E. Schoenfield

Department of Information Systems Security

ISOL 536: Security Architecture and Design

March 2,2025
 2

Introduction: This report discusses the security evaluation for Vestige, an online

software company specializing in selling advertisements for its parent company's magazine.

Since Vestige's system had to connect to the parent company's database in order to handle

customer advertisements and payment transactions, its main goal was to make sure it was

secure.

As part of my learning experience from chapters 1 through 7 of Schoenfield Brooke's

book" Security Systems," Important subjects like vulnerability management, network

security, and web application security were covered in these chapters. In this report, I have

broken down the security assessments with real-world examples.

System Architecture and Initial Assessment: The first step in the assessment

involved gathering information about Vestige's system architecture.Effective vulnerability

management begins with thorough reconnaissance and risk assessment to identify potential

attack vectors before they are exploited (Schoenfield, 2015, Chapter 3). Potential adversaries

frequently start with reconnaissance in real-world cyber-attacks to find vulnerabilities and

exposed services. In the 2017 Equifax hack, hackers discovered and took advantage of an

unpatched apache struts vulnerability (Fruhlinger, 2020)

For Vestige, I used network scanning tools like Nmap to map open ports and services.

Through this process, I was able to identify possible threat vectors and understand the

systems' external exposure. I recognized these potential attack risks early to take preventative

measures before attackers could exploit the system.

Vulnerability Scanning and Analysis: After I had a better understanding of the

system's architecture, I looked for security loopholes using vulnerability scanning tools like

Nessus or OpenVAS to check for known vulnerabilities, outdated software, and configuration

errors.
 3

Knowing about the importance of vulnerability scanning is a real incident that

happened in the 2014 heart bleed bug, which is a prime example. Due to this OpenSSL

library bug, hackers were able to steal private data, such as encryption keys and passwords

(Fruhlinger, 2022).

I did some scans on the vestiges system to find similar vulnerabilities and make sure

security updates and software patches were applied regularly.

Web Application Security Assessment: Since Vestige operated an online database

for submitting ads and collecting payments, I paid close attention to web application security.

Cyber attackers often target web applications, such as the Yahoo data breach, where millions

of accounts were compromised due to inadequate authentication procedures.

I tested Vestige's web application for common vulnerabilities like cross-site scripting

(XSS), SQL injection, and broken authentication tools like OWASP ZAP and Burp Suite.

Because it enables attackers to manipulate the database and cause data breaches, especially

SQL injection, which is risky, by adhering to the top 10 OWASP security guidelines, the

vestiges authentication, session management, and data handling procedures can be enhanced

and evaluated.

Penetration Testing: I have done some controlled penetration testing during

vulnerability analysis. This phase was critical in determining whether vulnerabilities could be

exploited by hackers.

The 2017 WannaCry ransomware attack targeted an unpatched Windows SMB

vulnerability to exploit the whole system (Alexander, 2024). As per this example, I have

decided to make some ethical hacking attempts for Vestige using Metasploit to see if system

loopholes could be used to gain unauthorized access. This step provided evidence that flaws

required immediate attention.

Risk Assessment and Remediation Plan: After detecting the vulnerabilities in the

system, I performed a risk assessment to prioritize remediation levels. I classified

vulnerabilities according to their impact on the system and their level of severity (high,

medium, and low). One important takeaway from the Equifax Hack was that serious data

exposure resulted from a failure to patch important vulnerabilities. I suggested applying

security patches, improving input validation to stop SQL injections, and encrypting sensitive

data to prevent such incidents.

In order to reduce unauthorized access and improve Vestige's security posture, I

recommended enhancing access controls and multi-factor authentication mechanisms.

Conclusion: According to the security assessment, Vestige had critical vulnerabilities

that needed immediate remediation. Through the implementation of best practices in

penetration testing, network security and web application security, I was able to pinpoint

vulnerabilities and propose actionable solutions.

This exercise was an invaluable learning experience, which gave me the opportunity

to use cybersecurity concepts in a practical setting. I evaluated and improved Vestige's

online system's security by utilizing knowledge from Schoenfield Brooke's security concepts.

The suggested changes helped lower risks, safeguard client information, and guarantee

adherence to security best practices.

References

Alexander, D. (2024, September 18). Advanced Digital Forensics Investigation of the

WannaCry ransomware attack (DFIR). Medium.

https://medium.com/@InfoSecDion/digital-forensics-project-on-wannacry-

ransomware-dfir-eb54ee48fda2

Fruhlinger, J. (2020, February 12). Equifax Data Breach FAQ: What happened, who was

affected, what was the impact?. CSO Online.

https://www.csoonline.com/article/567833/equifax-data-breach-faq-what-happened-

who-was-affected-what-was-the-impact.html

Fruhlinger, J. (2022, September 12). The heartbleed bug: How a flaw in openssl caused a

security crisis. CSO Online. https://www.csoonline.com/article/562859/the-

heartbleed-bug-how-a-flaw-in-openssl-caused-a-security-crisis.html

Schoenfield, B.S. E. (2015). Securing Systems. Taylor & Francis.

https://reader2.yuzu.com/books/9781040054826