Review Report of Linux Server (OLD) and answer the following questions in your response:
- For this Linux system, what do you recommend fixing right away? Are there dangers if the vulnerabilities and associated threats are not fixed?
- How do you fix the problem(s) identified? Can you defer mitigation for another time? How can the problem(s) be fixed if the system cannot be taken offline?
Judy is considering asking the pen tester to rescan the company systems using the commercial tool, Nessus. The organization has an evaluation version that can be used for 30 days. After that, the company will need to purchase the tool. The cost is significant.
- Since some machines were already scanned with OpenVAS, should you also consider scanning the same systems with Nessus? Why or why not?
- Conduct open-source research using the internet. Roughly, what is the cost to license Nessus for one year?
Sample Solution
