OpenVAS has to be employed in undertaking the vulnerability and security scans upon the installation of the Microsoft Security Compliance Toolkit. The target machine upon this installation includes the group of computers whose component IP addresses are known and work within the known Windows (Arambatzis, Lazaridis, & Pouros, 2015). Other components to identify include the SSP-enabled hosts as well as the associated devices operating on SSH credentials. Later, the OpenVAS will identify the SSH dropdowns before allowing the subsequent scan procedures.
Scan computers
Scanning the computers will be conducted depending on the needed scan types. There are multiple options when it comes to scanning but all of which are based on the type of system to be tested. A Joomla Scan is carried out when there are known risks, threats, and vulnerabilities within the operating system and servers (Arambatzis et al., 2015). A WordPress Scan on the other hand is conducted only on the vulnerabilities affecting the servers and WordPress. A Full Scan tests the entire network, web applications, and servers whereas the Web Server Scan scan the applications that are vulnerable and susceptible to risks.
Review scan results.
A review of scan results is done upon the affirmation of the credentialed vulnerability scans as indicated above. FTP and SMB servers are looked into from a network perspective to determine their operationality. Target configurations within the set OpenVAS are checked for security issues, kernels, default settings, guess credentials, and administrator operations (Hyllienmark, 2019). OpenVAS will further investigate the targeted credentials to see whether they work as required before adopting the creation of default settings such as those within the Cisco Devices. Later on, review of the scan results, a metastable 2 as well as the supply administrator’s credentials are supplied.
Identify issues you need to address
The budget and needs of a firm have to be considered as they can be determined from the operating system and servers in use. Changing the vulnerability scanners is another critical issue to address. A comparison of the OpenVAS solutions needs to be assessed, but no solution is likely to offer 100% solutions, especially upon conducting penetration testing (Halton, Weaver, Ansari, Kotipalli, & Imran, 2017). Commercialization of the vulnerability scanner is another important issue to look into as it leads to the validation of results thus getting the accurate picture of the intended outcomes. False negatives and false positives from scans should be analyzed as well for purposes of realizing comprehensive results. Multiple tools from email configuration, threat mitigation, email filtering through the gateways, use of the end-point anti-virus products, and the adoption of the Greenbone Security Manager are some of the tools and issues to remember in this step. Other tools worth considering include the Nexpose, Nessus, and GFI Languard, all of which can be hosted in one installed and running OpenVAS.
Document the steps to address each issue
The first step in addressing the selection of OpenVAS involves the identification of the fact that it allows a comprehensive security testing of available IP addresses. It can also carry out a port scan while allowing the identification of new threats, risks, and vulnerabilities. On the issue of scanning computers, it has the potential to show both false positives and false negatives. Moreover, scanning allows the identification of the externally hosted servers while facilitating the identification of potential attackers. New issues will also involve finding out the Task Windows and areas of configuration thus allow System Discovery and Scan Configuration. Depending on how large a window is or broad a network system can be, firing off a network upon scanning is recommended.