Seguridad en Sistemas Operativos

Investigación

“Windows Server 2012”

Alumno: Jean Carlo Montemayor Martínez

Matricula: 1806487

Catedrático: Lic. Yair Brando García Castillo

 San Nicolás de los Garza, NL a 7 de mayo del 2020

Index
Introduction..............................................................................................................2
Porpuse.....................................................................................................................2
Vulnerability Management & Patch Management................................................3
What is?....................................................................................................................3
How does it work?...................................................................................................3
What are the common cycle to execute this procedure......................................4
Conclusion...............................................................................................................5
References................................................................................................................5

1|Página
 Introduction

Currently computing and especially information is one of the main assets of organizations and
companies, there are different types of threats that threaten the proper functioning of these entities,
such as viruses, malware, cybercriminals, spyware and countless threats. Existing, different
computers are used daily, especially mobile phones that are connected to the internet, the greatest
source of security threats. This is where vulnerability management and patches come in to protect
the devices of an institution or organization.

Porpuse

 Know the differences between vulnerability & patch management

 Know what is patch management
 Know what is vulnerability management
 Know the cycle of both

2|Página
 Vulnerability Management & Patch Management

What is?
Patch management is a process used to update the software, operating systems and applications
on an asset in a logical manner. The purpose of a patch management system is to highlight, classify
and prioritize any missing patches on an asset.

Patching is a process to repair a vulnerability or a flaw that is identified after the release of an
application or a software. Newly released patches can fix a bug or a security flaw, can help to
enhance applications with new features, fix security vulnerability.

Unpatched software can make the device a vulnerable target of exploits. Patching a software as
and when the patch is released is critical to deny malware access.

Vulnerability management is a process that discovers assets on the network, categorizes the OS
and applications on the assets and reports on security vulnerabilities on target systems. The
vulnerability management product will scan the asset and report the known vulnerabilities found
along with remediation advice.

The objective of a vulnerability management program is to detect and remediate vulnerabilities

before they are exploited. With such a big objective, it can be challenging to know where to start.

How does it work?

Patch management works as follows:

1. The automated patch management is used to automate the various stages of patching
process
2. Scan the applications of devices for missing patches
3. Automate the downloading of missing patches that are released by the application vendors.
4. Automated Patch Deployment ensures to automatically deploy patches based on the
deployment policies, without any manual interference.
5. Once the patches are deployed, reports on the status of the automated patch management
tasks are updated.

A vulnerability management process consists of five phases:

1. Preparation
2. Vulnerability scan
3. Define remediating actions
4. Implement remediating actions
5. Rescan

3|Página
What are the common cycle to execute this procedure
Patch Management

Vulnerability Management

4|Página
Conclusion
Patch and vulnerability management sound alike but are different. Patch management deals with
patches, updates and fixes of software that have to be installed for several different reasons. The
rollout of these patches has to be planned beforehand and you need to know which machines need
a patch at what time.

References
 https://www.sans.org/reading-room/whitepapers/threats/implementing-
vulnerability-management-process-34180
 https://www.sans.org/reading-room/whitepapers/threats/vulnerability-
management-tools-challenges-practices-1267
 https://www.csoonline.com/article/3238080/what-is-vulnerability-
management-processes-and-software-for-prioritizing-threats.html
 https://www.packetlabs.net/vulnerability-management/
 https://manageengine.com.mx/patchmanager-plus/caracteristicas/que-es-el-
software-patch-management

5|Página