Scribd
Upload
36 views9 pages

Client Risk Report

The network assessment report identifies several issues for the client including inactive users and computers, a lack of domain controller redundancy posing outage risks, and insecure listening ports on some computers. Discovery tasks identified organizational units, domain controllers, file shares, applications, and event log errors. The risk score of 5/10 represents moderate overall risk to the network that should be addressed.

Uploaded by

andre.zingra
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
36 views9 pages

Client Risk Report

The network assessment report identifies several issues for the client including inactive users and computers, a lack of domain controller redundancy posing outage risks, and insecure listening ports on some computers. Discovery tasks identified organizational units, domain controllers, file shares, applications, and event log errors. The risk score of 5/10 represents moderate overall risk to the network that should be addressed.

Uploaded by

andre.zingra
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

Network Assessment

Client Risk Report


SUA EMPRESA
Prepared by:
Moacyr Leite da Silva

CONFIDENTIALITY NOTE: The information contained in this report document is for the exclusive use of the
client specified above and may contain confidential, privileged and non-disclosable information. If the
recipient of this report is not the client or addressee, such recipient is strictly prohibited from reading,
photocopying, distributing or otherwise using this report or its contents in any way.
NETWORK
ASSESSMENT
Discovery Tasks
The following discovery tasks were performed:

TASK DESCRIPTION
 Detect Domain Controllers Identifies Domain Controllers and Online status.
 FSMO Role Analysis Enumerates FSMO roles at the site.
 Enumerate Organization Units and Lists the Organizational units and Security Groups with
Security Groups members.
 User Analysis List of users in AD, status, and last login/use. Helps identify
potential security risks.
 Detect Local Mail Servers Mail server(s) found on the network.
 Detect Time Servers Time server(s) found on the network.
 Discover Network Shares Comprehensive list of Network Shares by Server.
 Detect Major Applications Major apps / versions and count of installations.
 Web Server Discovery and List of web servers and type.
Identification
 System by System Event Log Analysis Last 5 System and App Event Log errors for servers.
 Detailed Domain Controller Event Log List of event log entries from the past 24 hours for the
Analysis Directory Service, DNS Server and File Replication Service
event logs.
 Network Discovery for Non-A/D Devices List of non AD devices responding to network requests.
 SQL Server Analysis List of SQL Servers and associated database(s).
 Internet Domain Analysis “Whois” check for company domain(s).
Password Strength Analysis Uses MBSA to identify computers with weak passwords
that may pose a security risk.
Missing Security Updates Uses MBSA to identify computers missing security
updates.
 Internet Access and Speed Test Test of internet access and performance.
External Security Vulnerabilities List of Security Holes and Warnings from External
Vulnerability Scan.

Risk Score
The Risk Score is a value from 1 to 10, where 10 represents significant risk and potential issues.

Several issues (summarized on the next page) were detected which should be investigated and
addressed as quickly as possible. Moderate risk is associated with having multiple issues, which
when looked at holistically, indicate potential risk to the network.

PROPRIETARY & CONFIDENTIAL PAGE 2 of 9


NETWORK
ASSESSMENT

PROPRIETARY & CONFIDENTIAL PAGE 3 of 9


NETWORK
ASSESSMENT
Issues Summary
This section contains summary of issues detected during the Network Assessment. It is based on
general best practices and may indicate existing issues or points of interest.

Inactive Users
We discovered 6 active users that have not logged in within the past 30 days. These accounts
most likely need to be disabled or removed if the users are no longer active. Active accounts that
are not in use may pose a security risk and should be addressed with a User Audit.

Inactive Computers
We discovered a total of 5 computers of which only 4 have registered with the domain controller
in the past 30 days. There are 1 computers entries that may no longer be relevant. While not
inherently harmful, the defunct systems should be removed from Active Directory routinely.

Organizational Units
We discovered 6 populated Organizational Units. You should review the details of the
Organization Units to ensure they align with your business and operational needs. Proper
alignment is crucial to ensuring security and access policies are adhered to properly.

Domain Controllers
With only 1 online Domain Controller, there is a high risk of significant outage due to a lack of
redundancy.

Insecure Listening Ports


3 computers were detected as using potentially insecure protocols. There may be a legitimate
need to use these protocols, but risks should be assessed to prevent unauthorized access.

PROPRIETARY & CONFIDENTIAL PAGE 4 of 9


NETWORK
ASSESSMENT
Internet Speed Test Results

Download Speed: 11,92 Mb/s Upload Speed: 1,13 Mb/s

Asset Summary

PROPRIETARY & CONFIDENTIAL PAGE 5 of 9


NETWORK
ASSESSMENT

PROPRIETARY & CONFIDENTIAL PAGE 6 of 9


NETWORK
ASSESSMENT

PROPRIETARY & CONFIDENTIAL PAGE 7 of 9


NETWORK
ASSESSMENT

PROPRIETARY & CONFIDENTIAL PAGE 8 of 9


NETWORK
ASSESSMENT

PROPRIETARY & CONFIDENTIAL PAGE 9 of 9

You might also like