Internship Reflection 4
Chris Hopkins
June 17th
CYSE368
Reflection Paper 4
This week, Mr. Ferguson tasked me with leveraging Tenable to monitor and identify vulnerabilities by filtering based on CVE and exploitation availability. After thorough analysis, I found that none of the identified vulnerabilities had associated exploitations, indicating our current security measures are effectively mitigating known threats. This task was vital for maintaining the integrity and security of our IT systems.
Another significant task I was assigned was to provision a batch of physical RSA tokens for the City Hall Department of Utilities (DPU) security domain. This involved preparing the tokens, configuring them correctly, and ensuring they were securely handed over to the DPU staff. These tokens are critical for secure authentication and access control within the department, enhancing the overall security posture.
In addition to provisioning physical tokens, I was also tasked with provisioning digital tokens. This process was driven by user requests, which I had to approve or reject based on specific criteria. Leveraging City Hall’s Active Directory, I identified the users and their respective security domains to ensure that the tokens were set correctly. This step was vital in maintaining the integrity and accuracy of the security domain configurations, ensuring that only authorized personnel had access to sensitive information and systems.
This week’s tasks have been instrumental in deepening my understanding of vulnerability management and secure access control mechanisms. Using Tenable for vulnerability assessment provided practical insights into identifying and mitigating potential threats. Meanwhile, provisioning RSA tokens, both physical and digital, highlighted the importance of secure authentication methods in protecting organizational assets.
Throughout these tasks, the guidance and feedback from my Internship Instructor have been invaluable, helping me refine my technical skills and adhere to best practices. These experiences have greatly contributed to my professional development, aligning with my learning objectives of mastering vulnerability management and strengthening security protocols within an IT environment.
Photos of Physical Tokens and CVE Vulnerability ID #’s:
Referenced Works
RSA. “Select Software Tokens for Provisioning.” RSA Community, https://community.rsa.com/s/article/Select-Software-Tokens-for-Provisioning-1de5222e. Accessed 13 June 2024.