JTCyberTech / Cybersecurity-Home-Labs

5 stars 1 forks source link

Part 11: Remediation of Vulnerabilities #19

Open JTCyberTech opened 1 year ago

JTCyberTech commented 1 year ago

Performing Remediation of Vulnerabilities

Having identified the vulnerabilities, our next step is remediation. This involves system updates and the activation of automatic application updates. Additionally, we will conduct a comprehensive removal of any potentially harmful files to preempt future issues.

  1. Our initial step entails verifying that our system is consistently receiving the most up-to-date security patches.

    • To achieve this, we have to go to our VM and go to the Windows Start Menu and search for "Windows Update Settings".



- Click on "Resume Updates".



- This will install all the missing updates.



2. Next we will need to turn on the updates for Google Chrome. - To achieve this, we go to the Windows Start Menu and search for "System Configuration"



- Click on Services and locate the two Google Update Services and check the box > Apply and OK.



- For now we will click on "Exit without restart" to remediate other vulnerabilities first.



3. We will need to remove any potential threats from our system. - We need to delete the Minecraft server, google chrome, and 7-zip files from the Download folder. - Click on the folder icon on the bottom of the VM > click on Downloads > Delete all files in the folder.



- Right click on the Recycle Bin on the top left corner of the VM > Empty Recycle Bin.



4. We will need to turn back on our Windows Defender Firewall. - To achieve this, we go to the Windows Start Menu and search for "Windows Defender Firewall".



- Click on "Use recommended settings"



5. Restart the system. This will patch the vulnerabilities.



It is imperative to maintain system security through regular vulnerability assessments and the prompt application of essential updates and patches.

Final Scan To Check For Vulnerability on Nessus

- Back to Nessus, we will scan the Windows VM one last time and wait for the result.



- After Nessus completed it's scanning. We can see that it detected no vulnerability.



This signifies that our system has been secured, enhancing its resilience against potential cyber threats. Over this project we have acquired proficiency in leveraging Nessus for system scans, adeptly recognizing vulnerabilities, and implementing remedial measures. This skillset is invaluable and will serve you effectively in your forthcoming pursuits within the realm of cybersecurity Nonetheless, it's essential to bear in mind that the field of cybersecurity is in a constant state of evolution, continually unveiling novel attack vectors and vulnerabilities on a daily basis.