Post Job Free
Sign in

Active Directory Security

Location:
Baltimore, MD
Posted:
June 29, 2022

Contact this candidate

Resume:

Marco

UnifyIT

Assessment

Findings

Review

marconet.com

Overview

Network Overview

Vulnerability Slide

Security

RISK & COMPLIANCE SCORES

Vulnerability Slide

SECURITY

Vulnerability Slide

SECURITY Security

• Review users not logged in for 30 days

• Remove unneeded disabled users

• Review computers not logged in for 30 days

Vulnerability Slide

SECURITY

Security

• Review and address vulnerabilities

Vulnerability Slide

Security

Security

• Install the Windows 10 security updates

• this may require a manual process

• Install third party patches

Vulnerability Slide

SECURITY

Vulnerability Slide

SECURITY

Security

• Review ‘High’ scan alerts

• Continue monitoring external scan results monthly or quarterly Vulnerability Slide

Antivirus

Antivirus

Antivirus

• Install antivirus on all PCs and servers

• Enable firewall protections on all PCs and servers Vulnerability Slide

Network

NETWORK INFRASTRUCTURE

Concern Impact Recommendation

Devices on old or unstable code

versions

Increased vulnerability to bugs and

security vulnerabilities

Upgrade code versions to most recent

stable versions

Current network equipment is End of

Life or End of Support

No future enhancements to network

functionality, loss of productivity and

security

Replace or budget for replacement

Quantity Model # Serial Number

End of Sale

(Model)

End of Vulnerability

Support (Model)

End of Hardware

Support (Model)

Support Contract

Status? (Device)

Software

Version

Software Version

Date

Upgrade To (current

software version)

Current Software

Date

1 Cisco 2960X-24PS-L FJC2226W0EW TBA 2025+ 2025+ Covered 15.2(2)E7 7/14/2017 15.2.7E1(MD) 4/14/2019 1 Cisco 2960X-48LPS-L FJC2224W00L TBA 2025+ 2025+ Covered 15.2(2)E7 7/14/2017 15.2.7E1(MD) 4/14/2019 1 Cisco 2960S-48TS-L FOC1708X1XS 11/6/2015 11/5/2018 11/30/2020 Not Covered 15.0(2)SE4 7/1/2013 15.2.2E9 (MD) 9/11/2018 2 Cisco 2960S Switch 11/6/2015 11/5/2018 11/30/2020 15.2.2E9 (MD) 9/11/2018 1 Cisco ME 3400E 10/3/2018 10/2/2021 10/31/2023 12.2.60-EZ15 (ED) 5/24/2019 Network Switches

Asset Management Slide

NETWORK INFRASTRUCTURE

Insecure listening ports (10 pts each)

Current Score: 10 pts x 32 = 320: 5.16%

Issue: Computers are using potentially

insecure protocols.

Recommendation: There may be a legitimate

business need, but these risks should be

assessed individually. Certain protocols are

inherently insecure since they often lack

encryption. Inside the network, their use should

be minimized as much as possible to prevent

the spread of malicious software. Of course,

there can be reasons these services are needed

and other means to protect systems which listen

on those ports. We recommend reviewing the

programs listening on the network to ensure

their necessity and security.

Insecure listening ports (10 pts each)

Current Score: 10 pts x 32 = 320: 5.16%

Issue: Computers are using potentially

insecure protocols.

Recommendation: There may be a legitimate

business need, but these risks should be

assessed individually. Certain protocols are

inherently insecure since they often lack

encryption. Inside the network, their use should

be minimized as much as possible to prevent

the spread of malicious software. Of course,

there can be reasons these services are needed

and other means to protect systems which listen

on those ports. We recommend reviewing the

programs listening on the network to ensure

their necessity and security.

Network

• Disable insecure listening ports

Firewall

FIREWALL

Concern Impact Recommendation

Devices on old or unstable code versions Increased vulnerability to bugs and security vulnerabilities

Upgrade code versions to most recent stable

versions

Current firewall equipment is End of Life or

End of Support

No future enhancements to network functionality,

loss of productivity and security

Replace or budget for replacement

Quantity Location Model #

End of Sale

(Model)

End of Vulnerability

Support (Model) Software Version

Software Version

Release Date

Latest Version

Available

Release Date of

Latest Version

1 Server Room Sonicwall NSA 3600 TBA 2025+ 6.2.6.1-25n 11/2/2016 6.5.4.3 5/7/2019 1 Server Room Sonicwall NSA 3600 TBA 2025+ 6.2.6.1-25n 11/2/2016 6.5.4.3 5/7/2019 1 Server Room Sonicwall NSA 220 8/15/2015 8/16/2020 5.9.1.10 10/25/2017 1 Copenhagen Office Sonicwall TZ400 TBA 2025+ 6.5.4.3 5/7/2019 1 London Office Sonicwall TZ400 TBA 2025+ 6.5.4.3 5/7/2019 Firewalls

Asset Management Slide

Server

SERVERS

Operating system in Extended Support (20 pts each) Current Score: 20 pts x 7 = 140: 3.52%

Issue: Computers are using an operating system that is in Extended Supported. Extended Support is a warning period before an operating system is no longer supported by the manufacturer and will no longer receive support or patches.

Recommendation: Upgrade computers that have operating systems in Extended Support before end of life.

Operating system in Extended Support (20 pts each) Current Score: 20 pts x 7 = 140: 3.52%

Issue: Computers are using an operating system that is in Extended Supported. Extended Support is a warning period before an operating system is no longer supported by the manufacturer and will no longer receive support or patches.

Recommendation: Upgrade computers that have operating systems in Extended Support before end of life.

Vulnerability Slide

20

SERVER INFRASTRUCTURE

Quantity Model # Servers Serial Number

End of Sale

(Model)

End of Hardware

Support (Model)

Support Contract

Status? (Device) Software V

1 C8S53A HPE MSA 2040 3/5/2018 3/5/2022 Expired 10-23-2018 1 DL360 Gen9 HPE ProLiant DL360 Gen9 MXQ542072Z 4/2/2019 4/2/2024 Expired 10-23-2018 1 DL360 Gen9 HPE ProLiant DL360 Gen9 MXQ542072Y 4/2/2019 4/2/2024 Expired 10-23-2018 1 ML350p Gen8 HPE ProLiant ML350p Gen8 2M243202C2 8/17/2015 8/17/2020 Expired 11-9-2017 1 T320 Dell PowerEdge T320 C40S942 Expired on 2-24-2018 Servers & Storage

XXXXXXX-XXX

XXXXXXX-XXX

XXXXXXX-XXX

XXXXXXX-XXX

XXXXXXX-XXX

Asset Management Slide

Workstations

Workstations

• All PCs are running Windows 10

• Install security updates and third party updates on all PCs

• 109 drives are encrypted

WORKSTATIONS

Vulnerability Slide

Technology

Roadmap

2026

Today

202*-****-**** 2025 2026

Jan 27 Password Policy Review & Update

Jan 28 Active Directory Review and Cleanup

Jan 29 Password Reset

Jan 30 Install Windows Security Updates

Feb 1 Install Software Patches and Security Updates Feb 3 Review and Address Internal Vulnerabilities

Feb 4 Multifactor Authentication

Feb 4 Review Antivirus and Windows Firewall Status (update as needed) Feb 5 Security Policy Review - Password Manager

Feb 6 Install Third Party Updates

Apr 1 Disable Insecure Network Listening Ports

Aug 1 Windows Server 2012 R2 Upgrade

Sep 1 VMware ESXi & vCenter Upgrade

Sep 1 Upgrade or Replace Widnows 10 PCs

Nov 1

Windows Server

2016 upgrade

stay connected. @marcotechnology facebook.com/marcoculture



Contact this candidate